Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B40/2840C8A638E011EF94B84D7FC4F9AE02/0D5C00AC38E311EF99F62432C4F9AE02.roa
File: 0D5C00AC38E311EF99F62432C4F9AE02.roa (raw, json)
Hash identifier: xQMEY6P6f4jmqeDgv/TImb1ka64GtPCQvQqQLQx2M8U=
Subject key identifier: 40:60:C9:08:E2:59:93:4C:B4:22:BB:87:AF:15:F9:5F:52:DF:31:2C
Certificate issuer: /CN=A91D0B40/serialNumber=BC0593C47DACF6C7A77A41E07DEB9A061631A484
Certificate serial: 80
Authority key identifier: BC:05:93:C4:7D:AC:F6:C7:A7:7A:41:E0:7D:EB:9A:06:16:31:A4:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vAWTxH2s9senekHgfeuaBhYxpIQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B40/2840C8A638E011EF94B84D7FC4F9AE02/0D5C00AC38E311EF99F62432C4F9AE02.roa
Signing time: Sat 01 Mar 2025 08:38:51 +0000
ROA not before: Sat 01 Mar 2025 08:38:51 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152905
IP address blocks: 2401:86a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128 (0x80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D0B40
Validity
Not Before: Mar 1 08:38:51 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c2c79b-3742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:8a:a9:d9:01:05:f8:73:0f:e1:e9:46:25:
77:42:60:cf:d4:45:5d:76:c0:1d:19:78:cc:5f:42:
4b:2c:18:fc:f0:ad:43:50:9d:9e:8d:2f:26:e9:16:
71:3d:88:2a:31:48:ed:79:6f:8b:07:17:6f:86:ec:
f1:49:c1:cb:7b:dc:89:8b:b0:03:47:1f:43:dd:dd:
3d:2c:b2:7e:79:83:e9:32:d2:01:5d:f4:ac:94:b9:
f4:65:65:9c:50:62:0a:61:ae:06:d6:10:51:18:20:
d2:aa:5a:5b:d8:92:06:a3:17:95:89:47:5c:82:6d:
a3:51:7b:3a:e5:c4:d0:55:39:a9:14:02:0c:3b:be:
d6:28:57:ba:66:86:df:e2:71:39:03:31:b3:75:7f:
6a:1a:54:d8:c0:84:85:e9:1c:5a:1b:1c:bd:76:ae:
05:b8:d3:63:da:72:06:02:a5:85:fa:59:ec:ba:8c:
92:1a:30:61:6f:f2:0b:ae:0f:de:78:8d:12:03:a8:
5a:0e:04:c5:23:25:4e:ad:64:ab:bc:89:f5:3b:63:
12:c1:ce:80:8d:ad:f0:8d:00:6e:8f:68:4f:81:38:
d6:f6:b2:00:0c:73:4c:bd:4f:6c:5c:de:b7:93:90:
37:89:1a:49:72:57:52:b2:a7:2e:f6:f8:a3:fe:80:
78:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:60:C9:08:E2:59:93:4C:B4:22:BB:87:AF:15:F9:5F:52:DF:31:2C
X509v3 Authority Key Identifier:
keyid:BC:05:93:C4:7D:AC:F6:C7:A7:7A:41:E0:7D:EB:9A:06:16:31:A4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D0B40/2840C8A638E011EF94B84D7FC4F9AE02/vAWTxH2s9senekHgfeuaBhYxpIQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vAWTxH2s9senekHgfeuaBhYxpIQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B40/2840C8A638E011EF94B84D7FC4F9AE02/0D5C00AC38E311EF99F62432C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:86a0::/32
Signature Algorithm: sha256WithRSAEncryption
00:8d:94:88:e6:38:5a:36:d9:1a:56:db:fa:5a:08:72:f4:76:
63:cd:1a:3f:de:9c:e7:2e:8b:32:b0:2c:82:f2:9f:cd:91:b9:
a5:6b:c9:2c:09:ee:3f:0d:8c:c3:ca:1a:92:36:59:bf:ed:5e:
6f:e8:f4:d1:ec:e3:cc:57:59:a1:cd:3a:c5:a6:f8:fe:51:6f:
49:27:0e:49:7e:e5:5e:10:ec:7a:27:71:be:66:7c:10:86:e4:
69:48:99:6a:05:d5:80:77:00:96:6d:86:f4:8f:ae:38:a9:90:
5d:41:07:90:82:5b:cb:85:b4:59:b5:22:19:7e:9f:3e:d1:ca:
58:d2:08:09:c4:6c:18:a5:f2:e6:d1:34:6b:f6:06:c5:f5:13:
30:81:f2:76:b0:38:a2:16:0a:de:8d:16:11:d1:be:95:5c:fe:
8a:77:4a:cc:b3:dd:4e:90:45:bf:fe:e2:67:8f:89:39:3e:85:
6c:6f:5b:e6:5a:38:54:00:1a:cf:68:a9:39:f1:1d:45:97:c4:
23:82:25:fe:bc:9b:28:46:cd:ab:f3:1c:f9:94:08:51:75:ad:
82:bb:96:74:d5:67:97:a8:0b:3c:fa:7e:fe:85:2c:84:68:44:
17:3b:5e:bf:c0:b9:9a:81:39:75:8c:1a:39:23:cd:6a:8f:73:
ca:ca:dd:e2
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDBCNDAxMTAvBgNVBAUTKEJDMDU5M0M0N0RBQ0Y2QzdBNzdBNDFFMDdERUI5QTA2
MTYzMUE0ODQwHhcNMjUwMzAxMDgzODUxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyYzc5Yi0zNzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4OaKqdkBBfhzD+HpRiV3QmDP1EVddsAdGXjMX0JLLBj88K1DUJ2ejS8m6RZx
PYgqMUjteW+LBxdvhuzxScHLe9yJi7ADRx9D3d09LLJ+eYPpMtIBXfSslLn0ZWWc
UGIKYa4G1hBRGCDSqlpb2JIGoxeViUdcgm2jUXs65cTQVTmpFAIMO77WKFe6Zobf
4nE5AzGzdX9qGlTYwISF6RxaGxy9dq4FuNNj2nIGAqWF+lnsuoySGjBhb/ILrg/e
eI0SA6haDgTFIyVOrWSrvIn1O2MSwc6Aja3wjQBuj2hPgTjW9rIADHNMvU9sXN63
k5A3iRpJcldSsqcu9vij/oB4owIDAQABo4ICljCCApIwHQYDVR0OBBYEFEBgyQji
WZNMtCK7h68V+V9S3zEsMB8GA1UdIwQYMBaAFLwFk8R9rPbHp3pB4H3rmgYWMaSE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMEI0MC8yODQwQzhBNjM4
RTAxMUVGOTRCODREN0ZDNEY5QUUwMi92QVdUeEgyczlzZW5la0hnZmV1YUJoWXhw
SVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZBV1R4SDJzOXNlbmVrSGdmZXVhQmhZeHBJUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDBCNDAvMjg0MEM4QTYzOEUwMTFFRjk0Qjg0RDdGQzRGOUFFMDIvMEQ1QzAwQUMz
OEUzMTFFRjk5RjYyNDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAYagMA0GCSqGSIb3DQEBCwUAA4IBAQAAjZSI5jhaNtka
Vtv6Wghy9HZjzRo/3pznLosysCyC8p/Nkbmla8ksCe4/DYzDyhqSNlm/7V5v6PTR
7OPMV1mhzTrFpvj+UW9JJw5JfuVeEOx6J3G+ZnwQhuRpSJlqBdWAdwCWbYb0j644
qZBdQQeQglvLhbRZtSIZfp8+0cpY0ggJxGwYpfLm0TRr9gbF9RMwgfJ2sDiiFgre
jRYR0b6VXP6Kd0rMs91OkEW//uJnj4k5PoVsb1vmWjhUABrPaKk58R1Fl8QjgiX+
vJsoRs2r8xz5lAhRda2Cu5Z01WeXqAs8+n7+hSyEaEQXO16/wLmagTl1jBo5I81q
j3PKyt3i
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:58:33 2025 by rpki-client