Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/F6A8B3960A1511F0BB6C770DC4F9AE02.roa
File: F6A8B3960A1511F0BB6C770DC4F9AE02.roa (raw, json)
Hash identifier: n0hZf8SnzH9l6EO9lSPm/WcouXJHThPcn/CT1MilQ1w=
Subject key identifier: 9D:C0:1A:19:37:1A:53:1E:BC:8E:05:20:F9:7C:0A:8F:4B:74:F2:A5
Certificate issuer: /CN=A9112FE1/serialNumber=3D1FCB7255C52503E10AE584B1189A15CF56074E
Certificate serial: 11
Authority key identifier: 3D:1F:CB:72:55:C5:25:03:E1:0A:E5:84:B1:18:9A:15:CF:56:07:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR_LclXFJQPhCuWEsRiaFc9WB04.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/F6A8B3960A1511F0BB6C770DC4F9AE02.roa
Signing time: Wed 26 Mar 2025 08:29:14 +0000
ROA not before: Wed 26 Mar 2025 08:29:14 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 150706
IP address blocks: 2404:de80::/32 maxlen: 32
2404:de80::/39 maxlen: 39
2404:de80:0:1::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9112FE1
Validity
Not Before: Mar 26 08:29:14 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67e3bad9-d0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d8:c3:95:a5:81:44:40:3c:97:67:2c:c9:c3:
a7:6c:24:4d:c4:f3:32:30:d1:b2:3c:7f:af:f4:72:
88:ce:56:98:fc:e9:e5:30:04:b6:26:93:36:dd:8f:
02:80:60:03:97:6e:0d:0b:9b:5c:6f:33:c4:be:f4:
b3:45:4b:ee:6c:57:2e:bb:83:36:c5:82:63:99:a1:
44:ed:ff:1e:34:6f:ea:02:56:8d:63:c8:30:83:12:
65:d2:fd:a4:18:c4:b5:76:df:60:74:e5:05:11:dc:
d0:52:21:66:71:2e:f4:6e:c1:e4:66:4f:83:ce:51:
3e:a0:ca:11:ff:1b:f2:4e:2d:58:3e:ef:20:a0:29:
3f:67:f2:1c:22:2c:74:7a:ca:a9:f1:1a:04:3c:de:
5d:aa:14:af:90:28:18:fd:4f:53:55:73:84:d9:70:
01:51:a0:9a:fd:9c:e9:16:54:ae:c7:56:a2:74:54:
a7:cc:21:70:6d:cc:79:ed:40:a6:f8:e6:19:7f:d7:
89:dc:30:31:42:e8:5e:59:33:7f:3f:fb:1b:20:d6:
fd:9c:04:e0:99:39:53:fa:88:bc:0b:97:c4:9f:66:
47:de:19:aa:cf:9a:1f:47:b9:32:be:af:b2:e4:0e:
1a:58:50:55:92:b1:84:08:e9:ba:72:98:bc:b6:c5:
1d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C0:1A:19:37:1A:53:1E:BC:8E:05:20:F9:7C:0A:8F:4B:74:F2:A5
X509v3 Authority Key Identifier:
keyid:3D:1F:CB:72:55:C5:25:03:E1:0A:E5:84:B1:18:9A:15:CF:56:07:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/PR_LclXFJQPhCuWEsRiaFc9WB04.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR_LclXFJQPhCuWEsRiaFc9WB04.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/F6A8B3960A1511F0BB6C770DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:de80::/32
Signature Algorithm: sha256WithRSAEncryption
3c:b6:dd:ec:4a:35:96:ac:94:d1:0b:6a:c9:c6:1e:22:a1:6c:
17:71:f5:1b:44:a6:e6:80:24:f3:81:c1:9a:0a:6d:7c:59:77:
dd:67:f5:91:05:4f:15:d4:f1:fb:e3:f2:41:ac:d2:5e:e2:3a:
ab:a1:99:8a:81:da:31:d1:56:42:56:94:8d:af:e2:5e:bf:46:
04:c8:ec:72:3c:6d:a2:54:38:3b:a5:52:34:d7:c2:ec:03:30:
ba:83:49:84:94:98:01:84:31:84:67:d3:9a:56:19:77:64:2a:
e0:a0:40:43:1e:27:c2:9b:94:1f:dd:f4:e2:a2:14:be:13:f5:
f0:09:17:ce:84:a9:6e:09:4c:f8:72:0e:5c:b8:3f:90:a6:f3:
63:a4:e7:a6:4e:07:c1:8e:5c:49:3b:c9:be:92:74:a1:2e:7e:
06:e6:62:f1:b5:eb:0e:72:50:41:cf:ab:57:8a:f1:84:68:ab:
95:3c:87:ce:53:61:d0:df:4f:6f:d7:ac:34:bb:6b:2e:ce:12:
c0:bb:28:5f:19:88:06:4b:a0:8b:b3:28:85:2f:af:78:28:55:
31:06:71:d9:14:1e:ed:3f:67:73:80:d3:f2:a8:89:7d:bb:e8:
d9:04:56:12:a6:99:39:70:aa:b2:55:27:ab:0b:eb:32:70:24:
1a:6a:12:71
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MkZFMTExMC8GA1UEBRMoM0QxRkNCNzI1NUM1MjUwM0UxMEFFNTg0QjExODlBMTVD
RjU2MDc0RTAeFw0yNTAzMjYwODI5MTRaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZTNiYWQ5LWQwYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCe2MOVpYFEQDyXZyzJw6dsJE3E8zIw0bI8f6/0cojOVpj86eUwBLYmkzbdjwKA
YAOXbg0Lm1xvM8S+9LNFS+5sVy67gzbFgmOZoUTt/x40b+oCVo1jyDCDEmXS/aQY
xLV232B05QUR3NBSIWZxLvRuweRmT4POUT6gyhH/G/JOLVg+7yCgKT9n8hwiLHR6
yqnxGgQ83l2qFK+QKBj9T1NVc4TZcAFRoJr9nOkWVK7HVqJ0VKfMIXBtzHntQKb4
5hl/14ncMDFC6F5ZM38/+xsg1v2cBOCZOVP6iLwLl8SfZkfeGarPmh9HuTK+r7Lk
DhpYUFWSsYQI6bpymLy2xR2RAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUncAaGTca
Ux68jgUg+XwKj0t08qUwHwYDVR0jBBgwFoAUPR/LclXFJQPhCuWEsRiaFc9WB04w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEyRkUxL0M0NTYxMDJFMDlG
MTExRjA4QjQ0QTMyNUM0RjlBRTAyL1BSX0xjbFhGSlFQaEN1V0VzUmlhRmM5V0Iw
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUFJfTGNsWEZKUVBoQ3VXRXNSaWFGYzlXQjA0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MkZFMS9DNDU2MTAyRTA5RjExMUYwOEI0NEEzMjVDNEY5QUUwMi9GNkE4QjM5NjBB
MTUxMUYwQkI2Qzc3MERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQE3oAwDQYJKoZIhvcNAQELBQADggEBADy23exKNZaslNEL
asnGHiKhbBdx9RtEpuaAJPOBwZoKbXxZd91n9ZEFTxXU8fvj8kGs0l7iOquhmYqB
2jHRVkJWlI2v4l6/RgTI7HI8baJUODulUjTXwuwDMLqDSYSUmAGEMYRn05pWGXdk
KuCgQEMeJ8KblB/d9OKiFL4T9fAJF86EqW4JTPhyDly4P5Cm82Ok56ZOB8GOXEk7
yb6SdKEufgbmYvG16w5yUEHPq1eK8YRoq5U8h85TYdDfT2/XrDS7ay7OEsC7KF8Z
iAZLoIuzKIUvr3goVTEGcdkUHu0/Z3OA0/KoiX276NkEVhKmmTlwqrJVJ6sL6zJw
JBpqEnE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:37:41 2025 by rpki-client