Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/8FD0B12E400311EEBF5A8B52C4F9AE02.roa
File: 8FD0B12E400311EEBF5A8B52C4F9AE02.roa (raw, json)
Hash identifier: QSRbYccf6zSEHa0HsQVgKCVz5nS1O8L5U8Elot2Xz40=
Subject key identifier: 49:13:E5:66:71:33:3C:42:58:2B:94:B1:7C:92:DB:FF:E3:DF:2A:7B
Certificate issuer: /CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
Certificate serial: 0402
Authority key identifier: C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/8FD0B12E400311EEBF5A8B52C4F9AE02.roa
Signing time: Fri 07 Mar 2025 00:46:08 +0000
ROA not before: Fri 07 Mar 2025 00:46:08 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 216452
IP address blocks: 2400:54a0:2120::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1026 (0x402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D51A0
Validity
Not Before: Mar 7 00:46:08 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ca41d0-8fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a8:75:52:bd:ad:2b:d0:f8:64:7e:66:0f:85:
48:61:09:e3:d6:c0:bc:0f:24:1b:16:96:93:40:d3:
fd:28:6d:68:f2:d7:64:c6:ac:7a:e3:b9:20:fa:94:
3e:9b:49:07:fb:63:e6:ee:05:83:7a:58:e1:f5:8a:
71:92:e8:a9:b6:8d:b0:24:3a:c4:ab:d3:82:08:19:
0d:8d:0d:6d:3a:52:b6:44:0e:05:82:b3:30:0d:9e:
d7:d3:ec:57:5e:83:47:76:ce:b0:47:3a:6a:10:ba:
75:78:d3:37:f3:e5:85:dc:26:4f:fa:cd:e3:71:8f:
9e:b6:af:12:9d:7b:56:bb:47:79:ea:2c:eb:99:ca:
1d:21:e4:ae:79:d3:da:48:73:15:37:ae:2c:68:7e:
80:f7:f8:fe:63:69:2c:d2:03:b2:38:74:2f:ef:10:
3d:a2:0a:0e:bc:54:5e:fd:9d:28:23:b9:56:56:bb:
c9:c8:ab:85:95:8c:81:f3:6a:ab:36:a9:41:e0:01:
8d:b6:f0:c2:ec:c7:ae:31:13:fa:c4:e5:c3:c6:57:
2d:df:a2:4b:16:a4:c0:74:37:f9:ac:a2:31:64:c4:
33:3d:d8:31:9e:6a:69:09:ef:b0:84:4e:b6:d6:af:
73:27:63:f1:52:77:3b:e7:65:44:1d:92:5b:2d:29:
fc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:13:E5:66:71:33:3C:42:58:2B:94:B1:7C:92:DB:FF:E3:DF:2A:7B
X509v3 Authority Key Identifier:
keyid:C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/xuq-uT4dBuLDLhxMvhR8-zmZJTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/8FD0B12E400311EEBF5A8B52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:54a0:2120::/44
Signature Algorithm: sha256WithRSAEncryption
9c:57:34:a2:b8:1e:8f:19:92:5e:11:43:52:e2:df:04:a7:69:
04:d3:1a:f1:61:7d:63:f4:17:ec:a6:af:a2:b3:4f:ac:43:1e:
64:e4:99:6d:ef:b3:5f:14:3d:bc:13:b4:2a:05:70:f7:58:23:
26:c1:37:8a:0c:7f:a6:97:9b:da:59:1d:a1:ca:40:4b:e4:b3:
60:1d:7c:01:07:7d:10:66:ce:18:26:3c:98:76:3a:b5:89:a3:
29:84:cb:28:e5:5a:e9:68:f1:4b:d9:bf:db:15:f8:ba:de:b6:
dc:8e:ca:3a:58:43:79:00:19:38:0e:1d:10:c5:19:42:96:aa:
ef:58:52:03:1d:4f:40:bf:5d:5f:3d:6b:46:4d:bd:ae:33:6d:
f0:e3:83:51:1e:3b:fe:3c:5e:a0:fc:e0:ae:e9:24:9e:49:22:
93:7f:f2:48:ce:7d:cd:33:23:ea:11:35:9c:cb:8b:f6:cd:64:
18:0c:8a:0f:53:e4:a0:a6:57:71:ce:2b:cf:d8:f2:77:26:95:
c4:3e:e1:09:2b:65:67:88:fc:79:eb:2c:29:8c:a4:8a:42:ef:
0b:e1:7c:9f:bb:ee:61:c2:b1:12:2b:88:b7:b6:71:5c:6d:62:
d3:4b:5d:54:86:61:b2:da:00:9f:39:4d:79:26:73:e7:d3:a9:
d7:09:73:24
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUxQTAxMTAvBgNVBAUTKEM2RUFCRUI5M0UxRDA2RTJDMzJFMUM0Q0JFMTQ3Q0ZC
Mzk5OTI1MzkwHhcNMjUwMzA3MDA0NjA4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhNDFkMC04ZmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtqh1Ur2tK9D4ZH5mD4VIYQnj1sC8DyQbFpaTQNP9KG1o8tdkxqx647kg+pQ+
m0kH+2Pm7gWDeljh9Ypxkuipto2wJDrEq9OCCBkNjQ1tOlK2RA4FgrMwDZ7X0+xX
XoNHds6wRzpqELp1eNM38+WF3CZP+s3jcY+etq8SnXtWu0d56izrmcodIeSuedPa
SHMVN64saH6A9/j+Y2ks0gOyOHQv7xA9ogoOvFRe/Z0oI7lWVrvJyKuFlYyB82qr
NqlB4AGNtvDC7MeuMRP6xOXDxlct36JLFqTAdDf5rKIxZMQzPdgxnmppCe+whE62
1q9zJ2PxUnc752VEHZJbLSn8qQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFEkT5WZx
MzxCWCuUsXyS2//j3yp7MB8GA1UdIwQYMBaAFMbqvrk+HQbiwy4cTL4UfPs5mSU5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTFBMC83QzUzOTEwQzdG
ODQxMUVDODA1MThFNTFDNEY5QUUwMi94dXEtdVQ0ZEJ1TERMaHhNdmhSOC16bVpK
VGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h1cS11VDRkQnVMRExoeE12aFI4LXptWkpUay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDUxQTAvN0M1MzkxMEM3Rjg0MTFFQzgwNTE4RTUxQzRGOUFFMDIvOEZEMEIxMkU0
MDAzMTFFRUJGNUE4QjUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkAFSgISAwDQYJKoZIhvcNAQELBQADggEBAJxXNKK4Ho8Z
kl4RQ1Li3wSnaQTTGvFhfWP0F+ymr6KzT6xDHmTkmW3vs18UPbwTtCoFcPdYIybB
N4oMf6aXm9pZHaHKQEvks2AdfAEHfRBmzhgmPJh2OrWJoymEyyjlWulo8UvZv9sV
+LrettyOyjpYQ3kAGTgOHRDFGUKWqu9YUgMdT0C/XV89a0ZNva4zbfDjg1EeO/48
XqD84K7pJJ5JIpN/8kjOfc0zI+oRNZzLi/bNZBgMig9T5KCmV3HOK8/Y8ncmlcQ+
4QkrZWeI/HnrLCmMpIpC7wvhfJ+77mHCsRIriLe2cVxtYtNLXVSGYbLaAJ85TXkm
c+fTqdcJcyQ=
-----END CERTIFICATE-----
Generated at Fri Apr 11 18:57:34 2025 by rpki-client