Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/C3261EF826DF11ED94E18118C4F9AE02.roa
File: C3261EF826DF11ED94E18118C4F9AE02.roa (raw, json)
Hash identifier: 7KI+xGonwsZRICria/4CZwlDNlRIuXU/wVts22Crf9U=
Subject key identifier: AC:D0:E4:71:57:71:F4:D2:D7:65:7C:A0:7F:EA:66:DF:DF:1E:7F:19
Certificate issuer: /CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
Certificate serial: 0401
Authority key identifier: C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/C3261EF826DF11ED94E18118C4F9AE02.roa
Signing time: Fri 07 Mar 2025 00:46:06 +0000
ROA not before: Fri 07 Mar 2025 00:46:06 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 209642
IP address blocks: 2400:54a0:2100::/44 maxlen: 48
2400:54a0:2130::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1025 (0x401)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D51A0
Validity
Not Before: Mar 7 00:46:06 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ca41ce-d232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:10:d0:e7:80:55:df:60:78:11:8c:4e:9e:3c:
46:0f:6b:a0:77:a5:c6:15:7d:29:19:aa:3c:e3:f8:
7d:30:04:92:54:f7:4e:b2:0c:48:48:d0:b0:67:66:
41:a7:ad:72:89:a5:d7:4b:33:55:02:a3:2a:23:6e:
64:bd:04:ef:7a:33:5c:7c:67:73:cc:73:91:fa:ce:
0e:12:31:9d:37:01:e6:ef:5e:9a:39:30:26:bc:bc:
a1:3a:70:bd:16:f3:02:62:34:f3:8e:4d:b1:6f:16:
61:31:5a:04:e9:cc:d9:22:3d:8c:68:19:82:f8:d0:
5b:88:79:34:ef:c7:9a:02:9a:cd:df:bd:95:4e:e1:
72:3b:c1:6c:1b:35:9a:5c:26:e5:70:b6:25:d9:e3:
95:cf:f1:6e:8d:32:c9:ef:29:fc:32:ec:81:ff:42:
33:69:ec:50:88:5f:9f:fc:95:02:3c:1c:e7:2c:04:
18:cb:39:1f:3b:fa:d5:a8:6c:cd:ba:d2:0d:9c:65:
c5:a4:43:6c:9e:07:13:e2:a3:0e:18:f4:ac:b4:8b:
a9:b9:4a:9d:30:65:d8:10:28:65:fb:fd:e1:c5:69:
07:f7:8a:0a:3f:32:50:b4:f1:68:47:44:a2:96:4c:
dc:8e:4e:2a:93:07:27:f6:38:d4:dd:f0:08:63:72:
d5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D0:E4:71:57:71:F4:D2:D7:65:7C:A0:7F:EA:66:DF:DF:1E:7F:19
X509v3 Authority Key Identifier:
keyid:C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/xuq-uT4dBuLDLhxMvhR8-zmZJTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/C3261EF826DF11ED94E18118C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:54a0:2100::/44
2400:54a0:2130::/44
Signature Algorithm: sha256WithRSAEncryption
02:18:a9:57:81:10:e9:3c:8f:ca:fb:b8:be:6c:8c:85:e5:7f:
2f:24:8d:f1:7f:79:86:a1:09:2f:8a:8b:c7:90:b8:01:76:21:
60:f2:d0:c0:39:fe:a3:6e:55:ac:90:29:82:6a:f0:16:50:ef:
5e:c9:d0:2f:64:f1:7e:cc:de:51:da:cd:86:08:4d:34:37:07:
f4:f6:69:73:a2:7b:b4:ee:6d:1d:51:c7:bd:e8:e4:ff:03:a2:
8d:ec:61:30:29:f5:e2:52:1a:9f:12:7d:84:01:b8:c6:e1:29:
f9:5a:5a:74:a4:a3:65:d9:8b:d1:88:08:25:66:18:ff:28:9e:
cd:f6:da:87:58:85:36:b0:5f:e0:a4:a2:49:96:d5:e1:79:95:
fc:82:d3:79:4d:72:ca:87:f1:89:bc:a8:e9:cb:fc:7a:4d:cc:
7b:03:87:9a:1b:f4:ff:0c:28:d7:cd:b4:4d:b2:38:37:62:d6:
2e:03:0e:6c:b4:75:d3:58:c6:41:fa:c6:be:39:37:95:49:d5:
18:fd:f1:e7:6c:9a:48:ad:34:be:e4:3a:5e:35:ec:12:77:1d:
ea:74:80:da:de:58:60:db:5e:47:02:63:de:92:1a:e4:d7:2a:
03:9a:7c:be:e8:01:9d:3c:06:c2:ad:8c:10:0c:ff:8e:a3:99:
c2:18:ed:85
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUxQTAxMTAvBgNVBAUTKEM2RUFCRUI5M0UxRDA2RTJDMzJFMUM0Q0JFMTQ3Q0ZC
Mzk5OTI1MzkwHhcNMjUwMzA3MDA0NjA2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhNDFjZS1kMjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2xDQ54BV32B4EYxOnjxGD2ugd6XGFX0pGao84/h9MASSVPdOsgxISNCwZ2ZB
p61yiaXXSzNVAqMqI25kvQTvejNcfGdzzHOR+s4OEjGdNwHm716aOTAmvLyhOnC9
FvMCYjTzjk2xbxZhMVoE6czZIj2MaBmC+NBbiHk078eaAprN372VTuFyO8FsGzWa
XCblcLYl2eOVz/FujTLJ7yn8MuyB/0IzaexQiF+f/JUCPBznLAQYyzkfO/rVqGzN
utINnGXFpENsngcT4qMOGPSstIupuUqdMGXYEChl+/3hxWkH94oKPzJQtPFoR0Si
lkzcjk4qkwcn9jjU3fAIY3LVkQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKzQ5HFX
cfTS12V8oH/qZt/fHn8ZMB8GA1UdIwQYMBaAFMbqvrk+HQbiwy4cTL4UfPs5mSU5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTFBMC83QzUzOTEwQzdG
ODQxMUVDODA1MThFNTFDNEY5QUUwMi94dXEtdVQ0ZEJ1TERMaHhNdmhSOC16bVpK
VGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h1cS11VDRkQnVMRExoeE12aFI4LXptWkpUay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDUxQTAvN0M1MzkxMEM3Rjg0MTFFQzgwNTE4RTUxQzRGOUFFMDIvQzMyNjFFRjgy
NkRGMTFFRDk0RTE4MTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwQkAFSgIQADBwQkAFSgITAwDQYJKoZIhvcNAQELBQADggEB
AAIYqVeBEOk8j8r7uL5sjIXlfy8kjfF/eYahCS+Ki8eQuAF2IWDy0MA5/qNuVayQ
KYJq8BZQ717J0C9k8X7M3lHazYYITTQ3B/T2aXOie7TubR1Rx73o5P8Doo3sYTAp
9eJSGp8SfYQBuMbhKflaWnSko2XZi9GICCVmGP8ons322odYhTawX+CkokmW1eF5
lfyC03lNcsqH8Ym8qOnL/HpNzHsDh5ob9P8MKNfNtE2yODdi1i4DDmy0ddNYxkH6
xr45N5VJ1Rj98edsmkitNL7kOl417BJ3Hep0gNreWGDbXkcCY96SGuTXKgOafL7o
AZ08BsKtjBAM/46jmcIY7YU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:37:31 2025 by rpki-client