Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/5C925054E06811EF895B471EC4F9AE02.roa
File: 5C925054E06811EF895B471EC4F9AE02.roa (raw, json)
Hash identifier: 8CrFRNgJH37C5OagvUvXSdKLU66lJIBPcXhUUvO4gzY=
Subject key identifier: 8C:52:D7:FD:E7:89:59:4A:A8:2F:FF:E5:30:43:05:AF:93:45:FC:19
Certificate issuer: /CN=A91C5413/serialNumber=5F9999CDA64A2A1A662E54E61A1D5798C688CCC3
Certificate serial: 1E
Authority key identifier: 5F:99:99:CD:A6:4A:2A:1A:66:2E:54:E6:1A:1D:57:98:C6:88:CC:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X5mZzaZKKhpmLlTmGh1XmMaIzMM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/5C925054E06811EF895B471EC4F9AE02.roa
Signing time: Sat 01 Feb 2025 06:47:11 +0000
ROA not before: Sat 01 Feb 2025 06:47:11 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 137480
IP address blocks: 2402:8440::/32 maxlen: 32
2402:8440::/48 maxlen: 48
2402:8440:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C5413
Validity
Not Before: Feb 1 06:47:11 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=679dc36e-d19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:86:5f:74:e1:bb:58:b9:19:aa:e6:d6:fc:43:
ec:50:6d:52:22:4f:68:df:34:52:dd:fc:08:03:5e:
24:46:67:5e:31:1e:db:9c:0a:93:1d:94:33:89:eb:
7e:09:00:83:bd:5d:81:5f:6d:3c:31:c4:2b:f0:cb:
8f:8d:f7:a6:15:b3:1d:56:d9:b4:77:e9:04:db:4b:
ed:8f:8e:f5:f2:b6:f1:ac:96:32:30:09:11:b6:44:
74:14:f1:90:b5:07:fe:55:42:93:c9:17:97:80:8d:
32:e2:73:6e:39:ff:ea:1f:9a:80:da:c8:56:46:e0:
71:d0:e0:98:a6:6d:2c:90:e8:e7:6a:37:c8:b2:c4:
61:3c:04:55:6f:4a:a0:ba:71:d4:48:16:60:fa:92:
dc:38:e7:c1:0d:63:03:a3:c5:42:ab:3d:a8:e1:97:
84:f1:db:8b:bb:bf:80:ae:65:41:37:21:72:0c:00:
a2:cf:b3:51:42:fe:a2:b8:89:51:4f:e3:15:ba:6b:
dd:d0:52:71:1f:74:54:4f:90:d9:a1:ac:e8:99:cb:
7c:fe:5e:72:f6:ab:81:a3:42:57:1a:c5:2b:60:42:
b9:b1:52:5d:5f:34:38:42:ca:0e:7e:e1:af:3c:e6:
df:45:11:97:32:ce:de:ff:10:9c:d7:bb:5d:7b:33:
23:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:52:D7:FD:E7:89:59:4A:A8:2F:FF:E5:30:43:05:AF:93:45:FC:19
X509v3 Authority Key Identifier:
keyid:5F:99:99:CD:A6:4A:2A:1A:66:2E:54:E6:1A:1D:57:98:C6:88:CC:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/X5mZzaZKKhpmLlTmGh1XmMaIzMM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X5mZzaZKKhpmLlTmGh1XmMaIzMM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/5C925054E06811EF895B471EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:8440::/32
Signature Algorithm: sha256WithRSAEncryption
2e:22:65:1f:2b:f9:01:f3:a9:49:44:6b:6b:80:32:56:79:22:
db:92:75:8c:c3:e4:a3:20:c3:28:50:6f:95:03:f1:ee:c3:ca:
b5:00:81:82:0d:db:13:4e:bb:49:ed:0c:cc:74:94:a7:57:c4:
46:9b:6d:f2:cf:2e:ce:be:dc:3e:4a:2f:50:80:c0:88:4f:63:
1e:02:11:ad:af:f8:8b:12:c2:f5:59:09:f8:8d:81:9a:88:1f:
06:98:23:e0:25:49:e1:6c:4f:14:0a:e1:b3:b1:c5:a6:9c:39:
b2:ee:5e:08:aa:cd:ad:d2:9f:1c:2a:ea:8e:b8:5e:59:db:f1:
69:e0:aa:e5:2f:30:f7:c1:4b:e0:e9:4e:05:7b:8c:54:e6:7c:
90:68:56:ee:b7:a3:14:2e:3a:c7:8e:62:01:3d:9a:75:12:cc:
d5:3f:e5:26:3a:ef:ac:67:5a:19:2c:91:c0:13:38:95:e5:80:
2c:2d:ef:f3:dc:43:e7:66:27:06:74:e9:48:3e:eb:11:ab:94:
30:75:59:6c:6c:2d:b6:ea:0a:7e:0b:bc:1c:bc:9e:8f:9d:0b:
77:52:77:b8:ec:37:5d:17:9b:63:26:98:59:5b:7e:c8:fb:c3:
4b:5b:96:0d:1e:8f:e9:9b:9a:c0:c5:ec:93:19:9d:73:c3:3d:
52:19:34:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NTQxMzExMC8GA1UEBRMoNUY5OTk5Q0RBNjRBMkExQTY2MkU1NEU2MUExRDU3OThD
Njg4Q0NDMzAeFw0yNTAyMDEwNjQ3MTFaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OWRjMzZlLWQxOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfhl904btYuRmq5tb8Q+xQbVIiT2jfNFLd/AgDXiRGZ14xHtucCpMdlDOJ634J
AIO9XYFfbTwxxCvwy4+N96YVsx1W2bR36QTbS+2PjvXytvGsljIwCRG2RHQU8ZC1
B/5VQpPJF5eAjTLic245/+ofmoDayFZG4HHQ4JimbSyQ6OdqN8iyxGE8BFVvSqC6
cdRIFmD6ktw458ENYwOjxUKrPajhl4Tx24u7v4CuZUE3IXIMAKLPs1FC/qK4iVFP
4xW6a93QUnEfdFRPkNmhrOiZy3z+XnL2q4GjQlcaxStgQrmxUl1fNDhCyg5+4a88
5t9FEZcyzt7/EJzXu117MyNpAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUjFLX/eeJ
WUqoL//lMEMFr5NF/BkwHwYDVR0jBBgwFoAUX5mZzaZKKhpmLlTmGh1XmMaIzMMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1NDEzL0RGOTlBMUU4N0JF
ODExRUI5QTA5MjM0MkM0RjlBRTAyL1g1bVp6YVpLS2hwbUxsVG1HaDFYbU1hSXpN
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWDVtWnphWktLaHBtTGxUbUdoMVhtTWFJek1NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NTQxMy9ERjk5QTFFODdCRTgxMUVCOUEwOTIzNDJDNEY5QUUwMi81QzkyNTA1NEUw
NjgxMUVGODk1QjQ3MUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQChEAwDQYJKoZIhvcNAQELBQADggEBAC4iZR8r+QHzqUlE
a2uAMlZ5ItuSdYzD5KMgwyhQb5UD8e7DyrUAgYIN2xNOu0ntDMx0lKdXxEabbfLP
Ls6+3D5KL1CAwIhPYx4CEa2v+IsSwvVZCfiNgZqIHwaYI+AlSeFsTxQK4bOxxaac
ObLuXgiqza3Snxwq6o64Xlnb8WngquUvMPfBS+DpTgV7jFTmfJBoVu63oxQuOseO
YgE9mnUSzNU/5SY676xnWhkskcATOJXlgCwt7/PcQ+dmJwZ06Ug+6xGrlDB1WWxs
LbbqCn4LvBy8no+dC3dSd7jsN10Xm2MmmFlbfsj7w0tblg0ej+mbmsDF7JMZnXPD
PVIZNDo=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:58:31 2025 by rpki-client