Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D98FC/1C899E26F4EC11E98FBE9B0FC4F9AE02/238AAE04B3CD11EF82D5B34FC4F9AE02.roa
File: 238AAE04B3CD11EF82D5B34FC4F9AE02.roa (raw, json)
Hash identifier: Vh7yMYlqWkmmCVoJUzEKALaYDnLO+UKuaoILrbL+tGw=
Subject key identifier: 9E:F7:28:D0:EE:61:A1:B5:61:D8:AA:06:6B:73:C1:7E:03:4A:4D:E8
Certificate issuer: /CN=A91D98FC/serialNumber=B399B4ADA07501A829D56F21DA8EB5DC32034A56
Certificate serial: 0C51
Authority key identifier: B3:99:B4:AD:A0:75:01:A8:29:D5:6F:21:DA:8E:B5:DC:32:03:4A:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5m0raB1Aagp1W8h2o613DIDSlY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D98FC/1C899E26F4EC11E98FBE9B0FC4F9AE02/238AAE04B3CD11EF82D5B34FC4F9AE02.roa
Signing time: Fri 06 Dec 2024 12:25:12 +0000
ROA not before: Fri 06 Dec 2024 12:25:12 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 137045
IP address blocks: 2001:df1:4d80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3153 (0xc51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D98FC
Validity
Not Before: Dec 6 12:25:12 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6752ed28-80c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e8:a9:dc:dc:dc:b3:31:c7:cf:bc:53:4a:96:
bb:a7:10:c4:e7:2e:c9:52:ca:af:e6:63:53:56:c3:
b3:02:d7:70:2e:26:66:a6:e7:5a:fa:bc:fb:cc:d2:
bf:77:0a:4f:89:c7:a1:46:6b:97:ad:50:25:e9:53:
88:b4:25:d3:52:b3:cf:94:56:27:f2:9e:6f:05:bb:
2d:b2:e8:2b:21:c4:08:87:8e:a0:32:63:57:67:40:
a7:37:75:cd:ff:fd:af:71:e4:42:cb:b8:d1:66:b5:
07:7c:85:c2:35:f7:cb:52:b4:9d:84:46:e5:a3:e7:
26:40:4f:97:9b:bd:12:7a:9a:f3:82:ae:69:36:94:
81:b6:0a:42:72:96:3a:14:95:dd:e1:d1:04:ec:2d:
0c:38:2b:f9:a0:6b:2e:48:4d:4e:e0:b1:af:64:8b:
ff:a0:89:fd:9a:7e:32:c3:28:d0:8a:26:63:0d:c4:
30:0f:72:31:b9:4f:7f:7d:1e:b7:8e:ed:e8:00:fa:
d9:e4:13:62:18:54:19:76:73:8e:08:72:a4:34:06:
41:52:95:fc:0f:49:ad:56:84:20:96:d0:b6:dc:3e:
56:09:e7:02:92:5b:84:45:86:00:57:c9:f9:67:dd:
d6:6d:e0:7b:97:f0:2b:9a:47:f9:37:9d:bc:38:b9:
25:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F7:28:D0:EE:61:A1:B5:61:D8:AA:06:6B:73:C1:7E:03:4A:4D:E8
X509v3 Authority Key Identifier:
keyid:B3:99:B4:AD:A0:75:01:A8:29:D5:6F:21:DA:8E:B5:DC:32:03:4A:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D98FC/1C899E26F4EC11E98FBE9B0FC4F9AE02/s5m0raB1Aagp1W8h2o613DIDSlY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5m0raB1Aagp1W8h2o613DIDSlY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D98FC/1C899E26F4EC11E98FBE9B0FC4F9AE02/238AAE04B3CD11EF82D5B34FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:4d80::/48
Signature Algorithm: sha256WithRSAEncryption
85:99:c3:6e:64:85:18:5a:01:e1:af:4f:2b:f8:ac:8f:e2:ec:
b3:d5:09:28:42:8d:44:b0:e3:d7:58:72:4b:ad:2e:4e:75:f9:
d0:c2:2d:12:0c:a1:e9:71:2a:0f:db:25:26:9f:be:f6:8f:f0:
55:e7:bd:da:e7:0f:f4:b7:5e:6f:e9:4f:e3:0a:dc:f9:7d:e5:
26:0f:8c:f8:0d:b5:01:6e:df:93:29:f4:5f:68:35:a9:82:fd:
28:6a:15:46:82:9a:05:39:02:68:d0:73:8b:15:e6:5b:cf:98:
b7:f8:85:bb:30:a5:e2:a4:00:86:72:f1:8a:ff:52:1c:2a:86:
d2:b5:86:bc:2c:cb:31:3d:bb:8e:b5:5f:f8:8c:b7:97:75:c9:
73:57:8b:f7:0b:3b:1b:55:e6:bb:84:87:33:44:a9:01:d5:de:
38:8a:a2:40:7c:d0:53:f4:6e:a6:3f:f9:74:d0:90:6d:a8:dc:
c7:e5:84:1b:3f:88:19:00:ec:19:ae:23:11:22:be:74:fe:b5:
b7:5f:6b:82:98:b3:44:2f:69:40:4f:d4:00:6c:fa:84:81:b3:
bb:ff:36:fd:78:1c:a5:ed:aa:24:26:47:75:ae:cb:35:3d:aa:
76:a3:36:07:fd:a9:9f:be:34:9a:86:95:83:59:1a:dd:df:01:
2a:f9:a3:c3
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDk4RkMxMTAvBgNVBAUTKEIzOTlCNEFEQTA3NTAxQTgyOUQ1NkYyMURBOEVCNURD
MzIwMzRBNTYwHhcNMjQxMjA2MTIyNTEyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUyZWQyOC04MGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvOip3NzcszHHz7xTSpa7pxDE5y7JUsqv5mNTVsOzAtdwLiZmpuda+rz7zNK/
dwpPicehRmuXrVAl6VOItCXTUrPPlFYn8p5vBbstsugrIcQIh46gMmNXZ0CnN3XN
//2vceRCy7jRZrUHfIXCNffLUrSdhEblo+cmQE+Xm70Seprzgq5pNpSBtgpCcpY6
FJXd4dEE7C0MOCv5oGsuSE1O4LGvZIv/oIn9mn4ywyjQiiZjDcQwD3IxuU9/fR63
ju3oAPrZ5BNiGFQZdnOOCHKkNAZBUpX8D0mtVoQgltC23D5WCecCkluERYYAV8n5
Z93WbeB7l/Armkf5N528OLkl1wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJ73KNDu
YaG1YdiqBmtzwX4DSk3oMB8GA1UdIwQYMBaAFLOZtK2gdQGoKdVvIdqOtdwyA0pW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOThGQy8xQzg5OUUyNkY0
RUMxMUU5OEZCRTlCMEZDNEY5QUUwMi9zNW0wcmFCMUFhZ3AxVzhoMm82MTNESURT
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3M1bTByYUIxQWFncDFXOGgybzYxM0RJRFNsWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDk4RkMvMUM4OTlFMjZGNEVDMTFFOThGQkU5QjBGQzRGOUFFMDIvMjM4QUFFMDRC
M0NEMTFFRjgyRDVCMzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3xTYAwDQYJKoZIhvcNAQELBQADggEBAIWZw25khRha
AeGvTyv4rI/i7LPVCShCjUSw49dYckutLk51+dDCLRIMoelxKg/bJSafvvaP8FXn
vdrnD/S3Xm/pT+MK3Pl95SYPjPgNtQFu35Mp9F9oNamC/ShqFUaCmgU5AmjQc4sV
5lvPmLf4hbswpeKkAIZy8Yr/UhwqhtK1hrwsyzE9u461X/iMt5d1yXNXi/cLOxtV
5ruEhzNEqQHV3jiKokB80FP0bqY/+XTQkG2o3MflhBs/iBkA7BmuIxEivnT+tbdf
a4KYs0QvaUBP1ABs+oSBs7v/Nv14HKXtqiQmR3WuyzU9qnajNgf9qZ++NJqGlYNZ
Gt3fASr5o8M=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:46:57 2025 by rpki-client