Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6CAF/FD26DC22B6F411EEAC203810C4F9AE02/C4C0B9160E4C11EF82F91F39C4F9AE02.roa
File: C4C0B9160E4C11EF82F91F39C4F9AE02.roa (raw, json)
Hash identifier: kz0noASfcID+yNUD17+dcNzBgS2AhI7keu64pTKydZI=
Subject key identifier: 12:76:ED:D2:FF:4D:1B:69:ED:15:55:9B:05:07:65:C7:D0:59:2B:07
Certificate issuer: /CN=A91C6CAF/serialNumber=E015F393E7A323C3F4F1BFE26E5BFE040E35E553
Certificate serial: C5
Authority key identifier: E0:15:F3:93:E7:A3:23:C3:F4:F1:BF:E2:6E:5B:FE:04:0E:35:E5:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4BXzk-ejI8P08b_iblv-BA415VM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6CAF/FD26DC22B6F411EEAC203810C4F9AE02/C4C0B9160E4C11EF82F91F39C4F9AE02.roa
Signing time: Wed 29 Jan 2025 04:18:05 +0000
ROA not before: Wed 29 Jan 2025 04:18:05 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 152334
IP address blocks: 2001:df3:c940::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197 (0xc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6CAF
Validity
Not Before: Jan 29 04:18:05 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6799abfd-c18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:96:a3:2b:66:36:dc:44:99:af:5c:58:5e:be:
54:b9:03:10:27:c0:cd:d9:66:ae:8f:c8:d9:97:6e:
21:de:87:2c:ee:d8:3b:32:31:cc:02:f3:d1:55:ed:
2b:20:ee:4b:de:62:71:a0:91:27:3d:4f:6e:42:9e:
ea:d1:23:47:80:41:b6:e1:02:5e:cf:f4:ca:08:df:
85:a0:1e:fa:6f:ea:c8:8d:63:7c:13:bd:11:09:79:
23:2e:e6:5d:ab:a2:90:cf:df:00:ca:79:72:05:ff:
d1:e8:02:5b:2e:5e:bb:80:97:b6:75:ed:0a:c3:62:
a8:44:e0:50:2c:2c:47:a9:a0:ba:bd:32:04:11:91:
24:09:8a:54:29:17:9e:1f:bf:83:25:56:08:2e:3b:
56:3c:f5:2c:b5:82:91:86:ec:dc:52:f3:b2:21:ca:
78:70:4a:53:da:ec:c6:55:28:12:22:d4:f9:d8:d5:
c0:b3:92:6d:01:48:03:28:dd:03:7c:74:e2:04:ac:
12:0a:47:f8:04:cb:4a:0c:b4:dd:52:04:03:1e:c8:
0d:bc:2d:99:5c:3f:07:2d:78:b8:b5:ee:3b:13:21:
c2:71:f6:2c:57:d7:a6:93:72:21:50:2d:21:41:56:
ea:c7:21:ef:30:9f:00:f7:2d:e3:93:ea:d9:51:22:
cf:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:76:ED:D2:FF:4D:1B:69:ED:15:55:9B:05:07:65:C7:D0:59:2B:07
X509v3 Authority Key Identifier:
keyid:E0:15:F3:93:E7:A3:23:C3:F4:F1:BF:E2:6E:5B:FE:04:0E:35:E5:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/FD26DC22B6F411EEAC203810C4F9AE02/4BXzk-ejI8P08b_iblv-BA415VM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4BXzk-ejI8P08b_iblv-BA415VM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/FD26DC22B6F411EEAC203810C4F9AE02/C4C0B9160E4C11EF82F91F39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:c940::/48
Signature Algorithm: sha256WithRSAEncryption
82:17:5f:1b:f3:7f:1f:79:59:07:ed:22:43:15:18:9f:15:99:
10:51:a6:c4:fd:65:1c:74:8d:c3:14:6e:2a:a4:39:a2:b0:9c:
11:29:47:3c:2b:c5:44:3a:ca:5c:af:9c:23:d7:a5:90:c5:19:
13:0c:e4:1a:60:96:68:14:09:84:63:51:28:50:90:da:4e:ba:
66:03:c0:bf:3d:77:f3:30:e3:32:7a:71:fa:4f:c4:fb:60:37:
d9:f1:d7:4f:33:ff:c5:0a:66:6c:5a:23:bc:04:ca:f8:dc:77:
81:c3:ca:db:e9:ba:9a:11:e8:bd:5e:96:2b:78:aa:86:ac:1e:
bc:ee:5b:58:02:5a:80:54:86:1e:b2:e0:e5:73:4b:e2:93:1e:
6b:b3:df:a4:0a:b1:66:f9:c5:17:da:d1:2f:f6:8f:2d:e8:9b:
0e:07:67:5f:8c:8a:12:53:2f:af:43:9f:bb:06:08:31:13:41:
23:4c:1a:29:07:c0:c8:88:23:ed:c7:9e:2a:a1:8c:57:c7:28:
d1:5c:59:51:2d:7f:d6:fc:97:78:d2:24:cb:03:46:fd:f8:db:
02:6d:ab:14:31:a8:10:52:2f:20:01:88:40:b9:5a:15:10:87:
4d:b0:b5:7b:b2:e0:d3:9a:92:45:9a:75:53:8b:b6:32:d0:ad:
e3:eb:f8:0e
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZDQUYxMTAvBgNVBAUTKEUwMTVGMzkzRTdBMzIzQzNGNEYxQkZFMjZFNUJGRTA0
MEUzNUU1NTMwHhcNMjUwMTI5MDQxODA1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5YWJmZC1jMThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJajK2Y23ESZr1xYXr5UuQMQJ8DN2Wauj8jZl24h3ocs7tg7MjHMAvPRVe0r
IO5L3mJxoJEnPU9uQp7q0SNHgEG24QJez/TKCN+FoB76b+rIjWN8E70RCXkjLuZd
q6KQz98AynlyBf/R6AJbLl67gJe2de0Kw2KoROBQLCxHqaC6vTIEEZEkCYpUKRee
H7+DJVYILjtWPPUstYKRhuzcUvOyIcp4cEpT2uzGVSgSItT52NXAs5JtAUgDKN0D
fHTiBKwSCkf4BMtKDLTdUgQDHsgNvC2ZXD8HLXi4te47EyHCcfYsV9emk3IhUC0h
QVbqxyHvMJ8A9y3jk+rZUSLPTQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBJ27dL/
TRtp7RVVmwUHZcfQWSsHMB8GA1UdIwQYMBaAFOAV85PnoyPD9PG/4m5b/gQONeVT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkNBRi9GRDI2REMyMkI2
RjQxMUVFQUMyMDM4MTBDNEY5QUUwMi80Qlh6ay1lakk4UDA4Yl9pYmx2LUJBNDE1
Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRCWHprLWVqSThQMDhiX2libHYtQkE0MTVWTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZDQUYvRkQyNkRDMjJCNkY0MTFFRUFDMjAzODEwQzRGOUFFMDIvQzRDMEI5MTYw
RTRDMTFFRjgyRjkxRjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3zyUAwDQYJKoZIhvcNAQELBQADggEBAIIXXxvzfx95
WQftIkMVGJ8VmRBRpsT9ZRx0jcMUbiqkOaKwnBEpRzwrxUQ6ylyvnCPXpZDFGRMM
5BpglmgUCYRjUShQkNpOumYDwL89d/Mw4zJ6cfpPxPtgN9nx108z/8UKZmxaI7wE
yvjcd4HDytvpupoR6L1elit4qoasHrzuW1gCWoBUhh6y4OVzS+KTHmuz36QKsWb5
xRfa0S/2jy3omw4HZ1+MihJTL69Dn7sGCDETQSNMGikHwMiII+3HniqhjFfHKNFc
WVEtf9b8l3jSJMsDRv342wJtqxQxqBBSLyABiEC5WhUQh02wtXuy4NOakkWadVOL
tjLQrePr+A4=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:37:04 2025 by rpki-client