Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa
File: 2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa (raw, json)
Hash identifier: PHAUjchkulAgFgushqKaTiFT8Ff/mwtL2jMnBLLBhyY=
Subject key identifier: E6:F7:8A:29:95:C7:31:21:34:B4:A0:70:1D:80:DE:F4:46:82:40:F9
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 3529
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa
Signing time: Mon 16 Sep 2024 14:51:07 +0000
ROA not before: Mon 16 Sep 2024 14:51:07 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 23033
IP address blocks: 2403:cc00:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13609 (0x3529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90
Validity
Not Before: Sep 16 14:51:07 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66e845db-082b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:21:62:53:ce:38:52:ff:95:56:63:24:36:19:
bd:8f:05:4f:7d:79:1f:d8:cf:61:11:d0:7e:20:e5:
57:2c:99:29:fc:9d:c1:12:d4:00:e5:f3:61:38:64:
3a:b0:c7:24:5d:52:f6:c5:46:b5:43:11:9f:4c:3e:
f5:34:cb:27:a0:a6:db:58:17:99:c0:e9:10:c3:90:
0f:da:75:89:d4:40:32:48:f3:c5:bf:27:c9:a0:95:
fa:5e:35:46:45:7b:f1:ed:8d:2f:ca:f4:d3:c5:75:
32:b1:0d:b6:b7:1d:1d:d6:4a:2e:eb:0a:6c:64:4f:
73:0d:e0:fd:87:6c:34:21:8f:0a:ee:22:30:4b:4c:
3a:c6:1b:e9:c5:88:77:9a:f8:8c:15:89:8f:72:4b:
e8:08:33:19:7e:df:a1:8e:17:7d:e5:61:ab:54:40:
e8:8e:ba:a5:41:ce:a4:3f:7a:39:83:82:3c:55:bc:
83:86:e0:9b:32:b1:48:eb:c6:04:53:b7:7d:f9:69:
48:17:02:2b:75:60:06:25:2a:5a:c8:1e:27:13:ab:
df:07:d6:96:93:47:c6:73:e6:e9:6e:35:e8:9f:0b:
6c:fb:71:3d:35:58:9e:63:07:86:3d:73:59:9c:0b:
97:0a:be:07:fb:d4:32:97:b1:65:f7:67:be:61:c5:
52:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F7:8A:29:95:C7:31:21:34:B4:A0:70:1D:80:DE:F4:46:82:40:F9
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:cc00:1000::/36
Signature Algorithm: sha256WithRSAEncryption
76:81:8f:07:ed:1d:59:3f:90:d6:b0:86:73:3c:3e:2c:35:88:
2a:26:82:6f:b6:13:c9:89:44:3f:d4:0f:73:ff:87:5f:49:3c:
45:fb:67:47:5a:7b:d9:af:28:ba:2c:35:29:5d:c6:be:71:2c:
49:a1:5e:65:26:4d:c3:3d:1a:d7:b7:e5:13:d6:27:c8:fb:2c:
cb:a3:6e:97:e3:5d:d4:ef:7b:02:f1:c5:9c:84:be:6f:ea:41:
46:db:ba:ac:62:41:97:31:8d:b5:c6:23:5e:37:a8:d1:d3:b2:
f2:cf:9a:26:44:f4:26:ab:20:b8:2b:cd:87:5b:e9:1a:43:dc:
36:a7:ec:48:0d:11:a8:02:6d:40:f4:14:d6:97:bb:2e:b4:2c:
44:eb:5c:25:c8:46:24:73:c3:4c:18:24:39:4c:ae:ca:13:c7:
5e:05:6a:4e:de:b3:d7:16:1c:d1:7d:21:78:f4:33:99:15:52:
79:4e:1c:f3:85:93:8c:8c:0a:c7:70:48:e6:61:39:02:45:4e:
b0:cc:69:6d:df:b4:4b:eb:0b:c8:ea:63:94:1c:42:81:e8:75:
9b:28:c7:a7:e8:58:e1:af:58:08:ea:2f:1d:ce:71:d3:b2:55:
b1:76:e2:6e:4e:41:f5:9b:31:54:a7:44:c2:1c:08:94:8a:1e:
14:1d:33:7e
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICNSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjQwOTE2MTQ1MTA3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU4NDVkYi0wODJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6yFiU844Uv+VVmMkNhm9jwVPfXkf2M9hEdB+IOVXLJkp/J3BEtQA5fNhOGQ6
sMckXVL2xUa1QxGfTD71NMsnoKbbWBeZwOkQw5AP2nWJ1EAySPPFvyfJoJX6XjVG
RXvx7Y0vyvTTxXUysQ22tx0d1kou6wpsZE9zDeD9h2w0IY8K7iIwS0w6xhvpxYh3
mviMFYmPckvoCDMZft+hjhd95WGrVEDojrqlQc6kP3o5g4I8VbyDhuCbMrFI68YE
U7d9+WlIFwIrdWAGJSpayB4nE6vfB9aWk0fGc+bpbjXonwts+3E9NVieYweGPXNZ
nAuXCr4H+9Qyl7Fl92e+YcVS5wIDAQABo4IClzCCApMwHQYDVR0OBBYEFOb3iimV
xzEhNLSgcB2A3vRGgkD5MB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvMkZEN0Q3MkVC
QjdFMTFFOUFGQjQ5QzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgQkA8wAEDANBgkqhkiG9w0BAQsFAAOCAQEAdoGPB+0dWT+Q
1rCGczw+LDWIKiaCb7YTyYlEP9QPc/+HX0k8RftnR1p72a8ouiw1KV3GvnEsSaFe
ZSZNwz0a17flE9YnyPssy6Nul+Nd1O97AvHFnIS+b+pBRtu6rGJBlzGNtcYjXjeo
0dOy8s+aJkT0JqsguCvNh1vpGkPcNqfsSA0RqAJtQPQU1pe7LrQsROtcJchGJHPD
TBgkOUyuyhPHXgVqTt6z1xYc0X0hePQzmRVSeU4c84WTjIwKx3BI5mE5AkVOsMxp
bd+0S+sLyOpjlBxCgeh1myjHp+hY4a9YCOovHc5x07JVsXbibk5B9ZsxVKdEwhwI
lIoeFB0zfg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:32:48 2025 by rpki-client