Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6687BE468B9F11EA97BB8046C4F9AE02.roa
File: 6687BE468B9F11EA97BB8046C4F9AE02.roa (raw, json)
Hash identifier: 8vB9Zc35hdCK5FdcysWa85qY29XHt9eDTH3wwBo6iAY=
Subject key identifier: 11:7F:45:6B:9D:95:05:09:F4:22:E1:0D:E8:6E:1C:3B:14:A2:25:E6
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 188E
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6687BE468B9F11EA97BB8046C4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:35:21 +0000
ROA not before: Tue 18 Feb 2025 17:35:21 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 138928
IP address blocks: 49.255.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6286 (0x188e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D
Validity
Not Before: Feb 18 17:35:21 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4d9-57c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:a5:9c:4f:1f:1c:f4:67:ce:0f:47:ea:2b:
d4:51:36:03:48:99:01:ef:93:dd:08:e8:b1:c6:f4:
ed:00:b5:e9:57:a0:a7:1b:43:5a:ab:cc:7d:da:ef:
25:cf:af:1a:b9:82:05:77:3f:07:fe:e6:19:42:5d:
2c:58:cd:c2:01:84:d8:69:7b:d9:e3:45:62:d7:65:
cf:6d:02:ca:12:f8:d9:0c:f5:20:c8:3f:2b:40:ca:
5c:e7:db:ad:a1:9f:85:3c:fe:2d:64:80:e1:6a:7d:
3b:5d:3e:95:71:0d:33:79:a4:67:af:fe:67:89:3e:
a3:be:fe:c4:5f:1c:55:4d:64:28:0d:72:69:f1:7f:
35:fa:1f:46:87:40:7b:d9:b5:c4:86:3d:a1:cc:a6:
a7:c7:5f:5d:85:c3:04:d9:7c:e6:01:96:8e:44:18:
3b:d4:fa:f2:50:85:b3:f7:c8:87:a8:18:0d:ea:c3:
0a:f8:c8:3d:3c:f9:c6:29:73:a2:db:38:77:61:2f:
1a:eb:ff:df:08:90:ff:d9:7b:67:f7:5f:2c:d2:c2:
73:cb:fd:e9:74:b0:ad:de:ae:57:ed:31:1a:e0:f4:
e7:54:a8:fe:a7:86:63:59:18:f3:c3:85:82:98:56:
70:f1:49:83:6a:3c:37:65:78:c9:40:bc:a8:cc:bc:
41:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7F:45:6B:9D:95:05:09:F4:22:E1:0D:E8:6E:1C:3B:14:A2:25:E6
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6687BE468B9F11EA97BB8046C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.255.9.0/24
Signature Algorithm: sha256WithRSAEncryption
21:e4:0c:b0:b3:4a:be:db:16:d5:00:65:b7:6a:9a:47:60:3f:
16:05:8f:08:11:8b:2d:d4:32:c3:4a:74:97:cf:56:5c:2c:70:
c2:16:81:6c:73:e3:de:09:1c:b3:c1:7b:4f:ec:ac:a0:6f:8e:
70:1a:0a:1e:76:9a:7a:8c:7f:11:24:12:36:af:4a:d2:62:65:
c8:10:eb:4f:ef:d0:cd:e4:27:f9:80:31:90:bf:c7:b1:5c:72:
7b:10:14:53:02:f2:a8:9e:f2:b7:79:30:fa:34:d0:cc:c4:96:
3b:c0:1a:0d:81:ea:f0:cd:fa:ab:30:cc:96:36:c5:23:64:e5:
92:8e:1d:35:09:0f:9e:c7:7a:cf:34:43:ed:ee:5c:9e:02:49:
99:23:61:1a:e5:29:39:67:0b:3e:35:2e:6d:51:f7:6e:ae:e9:
54:74:0d:bf:32:b8:e7:81:98:72:c8:2c:2b:15:3b:49:da:85:
c8:fe:d9:7d:c8:53:9c:c4:06:63:f8:b6:4f:91:28:62:9d:11:
72:2c:e9:63:e0:e0:26:6f:e9:f1:56:a1:88:65:4c:59:86:cf:
09:53:1f:19:4f:10:38:b8:1f:29:d4:4a:ca:40:e8:d7:d2:ea:
2e:e2:47:e3:cb:e0:32:33:ed:ff:58:f3:c7:bd:78:d5:3c:f2:
30:73:2c:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTIxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRkOS01N2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv2ilnE8fHPRnzg9H6ivUUTYDSJkB75PdCOixxvTtALXpV6CnG0Naq8x92u8l
z68auYIFdz8H/uYZQl0sWM3CAYTYaXvZ40Vi12XPbQLKEvjZDPUgyD8rQMpc59ut
oZ+FPP4tZIDhan07XT6VcQ0zeaRnr/5niT6jvv7EXxxVTWQoDXJp8X81+h9Gh0B7
2bXEhj2hzKanx19dhcME2XzmAZaORBg71PryUIWz98iHqBgN6sMK+Mg9PPnGKXOi
2zh3YS8a6//fCJD/2Xtn918s0sJzy/3pdLCt3q5X7TEa4PTnVKj+p4ZjWRjzw4WC
mFZw8UmDajw3ZXjJQLyozLxBeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBF/RWud
lQUJ9CLhDehuHDsUoiXmMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNjY4N0JFNDY4
QjlGMTFFQTk3QkI4MDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAx/wkwDQYJKoZIhvcNAQELBQADggEBACHkDLCzSr7bFtUA
ZbdqmkdgPxYFjwgRiy3UMsNKdJfPVlwscMIWgWxz494JHLPBe0/srKBvjnAaCh52
mnqMfxEkEjavStJiZcgQ60/v0M3kJ/mAMZC/x7FccnsQFFMC8qie8rd5MPo00MzE
ljvAGg2B6vDN+qswzJY2xSNk5ZKOHTUJD57Hes80Q+3uXJ4CSZkjYRrlKTlnCz41
Lm1R926u6VR0Db8yuOeBmHLILCsVO0nahcj+2X3IU5zEBmP4tk+RKGKdEXIs6WPg
4CZv6fFWoYhlTFmGzwlTHxlPEDi4HynUSspA6NfS6i7iR+PL4DIz7f9Y88e9eNU8
8jBzLJs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:20:03 2025 by rpki-client