Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911FCFC/0EF3B3887D3E11EB9EDF687CC4F9AE02/3A542BE0BC7511EBBB084D27C4F9AE02.roa
File: 3A542BE0BC7511EBBB084D27C4F9AE02.roa (raw, json)
Hash identifier: DsJu31VmqRJ0VhuZIHzXvyh3HyPC4dntssT9G4PSpBE=
Subject key identifier: B4:E5:4A:54:24:93:D5:F0:C0:D7:7B:1F:65:B3:B0:47:8D:12:F5:D4
Certificate issuer: /CN=A911FCFC/serialNumber=3D265E401231437A910EC21FE4ED4EE3B1269C8D
Certificate serial: 05AF
Authority key identifier: 3D:26:5E:40:12:31:43:7A:91:0E:C2:1F:E4:ED:4E:E3:B1:26:9C:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PSZeQBIxQ3qRDsIf5O1O47EmnI0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911FCFC/0EF3B3887D3E11EB9EDF687CC4F9AE02/3A542BE0BC7511EBBB084D27C4F9AE02.roa
Signing time: Wed 01 May 2024 01:03:10 +0000
ROA not before: Wed 01 May 2024 01:03:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44103
IP address blocks: 2001:df6:2480::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1455 (0x5af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911FCFC
Validity
Not Before: May 1 01:03:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663194ce-d4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:95:d1:79:b8:6e:7d:f4:c1:95:0d:36:ee:64:
8f:9c:5f:8a:43:30:60:4f:98:6b:d3:7c:0c:5c:49:
a4:dc:cb:6e:14:66:4a:9f:1e:11:c4:67:a4:9c:b5:
9c:33:c2:3b:17:be:22:64:39:94:a3:19:b9:5a:55:
aa:e0:f0:fc:62:f0:7c:c8:3a:20:14:d0:0d:2d:84:
4c:18:85:f8:60:2a:aa:20:57:b3:61:cd:b3:fe:5c:
cd:80:6c:27:b9:62:16:27:3d:58:1b:fa:2d:4c:37:
1b:0f:c9:47:d5:14:f9:9b:2c:45:2f:7a:16:d3:e0:
46:7d:da:8e:2c:7b:38:c5:74:94:64:13:40:4f:a4:
68:93:f9:46:91:7e:ef:a2:68:bc:d4:87:f8:67:34:
96:c5:c3:98:1b:12:ae:29:61:a8:ed:14:5a:2d:9d:
67:ef:03:57:a9:f5:4a:2e:2b:24:0a:79:aa:00:33:
98:38:1c:39:d2:10:c2:93:17:b5:08:70:a2:4f:35:
25:44:9a:b6:a8:c6:59:d2:b2:a2:a9:73:96:1c:bb:
4a:ab:f0:83:e7:24:b2:f6:17:7e:d7:b7:ea:69:6c:
27:c1:78:00:52:47:3d:45:54:70:eb:27:94:62:03:
a0:c9:91:2c:0c:d4:6d:e4:6f:ad:e0:79:ab:32:bd:
84:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E5:4A:54:24:93:D5:F0:C0:D7:7B:1F:65:B3:B0:47:8D:12:F5:D4
X509v3 Authority Key Identifier:
keyid:3D:26:5E:40:12:31:43:7A:91:0E:C2:1F:E4:ED:4E:E3:B1:26:9C:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911FCFC/0EF3B3887D3E11EB9EDF687CC4F9AE02/PSZeQBIxQ3qRDsIf5O1O47EmnI0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PSZeQBIxQ3qRDsIf5O1O47EmnI0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FCFC/0EF3B3887D3E11EB9EDF687CC4F9AE02/3A542BE0BC7511EBBB084D27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df6:2480::/48
Signature Algorithm: sha256WithRSAEncryption
6b:03:69:d8:6b:25:d7:d5:ad:e0:e1:4d:05:dc:22:77:b9:36:
2e:06:c3:e4:30:f3:7c:1a:d7:54:d8:37:2c:df:e3:16:cf:fa:
8d:69:c6:72:03:b4:16:03:27:88:a8:e0:f9:9a:78:ab:ab:d0:
99:f4:05:9f:81:52:ff:e6:3a:c6:63:28:eb:86:2e:5e:41:14:
4a:ac:23:74:fc:4c:3e:30:c0:d9:04:0e:a7:5f:28:8f:ae:23:
1b:76:e7:25:f5:52:97:2e:90:3d:a7:7b:ec:66:d8:c8:7f:19:
71:7c:2b:1c:2d:b2:ad:0d:f2:f0:e5:5c:fb:ba:25:d3:e3:af:
5d:26:19:30:36:bb:62:99:5a:e2:58:98:3d:03:59:02:c1:c6:
92:57:c5:08:0d:4f:51:90:5f:cd:4b:6e:12:da:27:fe:8c:6d:
88:72:a4:15:6e:9e:1a:ab:6b:60:f2:1c:ca:50:28:dd:90:88:
7b:9b:62:8f:2d:f2:fc:ce:7f:31:9b:67:ae:9e:be:fd:42:bd:
03:a3:a9:c8:a0:b1:f7:a5:82:6e:5d:d7:f7:e4:0d:89:fd:8e:
a1:ed:81:47:b3:39:78:1e:85:59:ed:2c:9b:88:51:b5:11:fb:
b1:fe:f9:f7:e5:31:13:90:44:e9:66:4e:8e:5e:ac:a6:ab:78:
21:dd:38:55
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUZDRkMxMTAvBgNVBAUTKDNEMjY1RTQwMTIzMTQzN0E5MTBFQzIxRkU0RUQ0RUUz
QjEyNjlDOEQwHhcNMjQwNTAxMDEwMzEwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxOTRjZS1kNGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy5XRebhuffTBlQ027mSPnF+KQzBgT5hr03wMXEmk3MtuFGZKnx4RxGeknLWc
M8I7F74iZDmUoxm5WlWq4PD8YvB8yDogFNANLYRMGIX4YCqqIFezYc2z/lzNgGwn
uWIWJz1YG/otTDcbD8lH1RT5myxFL3oW0+BGfdqOLHs4xXSUZBNAT6Rok/lGkX7v
omi81If4ZzSWxcOYGxKuKWGo7RRaLZ1n7wNXqfVKLiskCnmqADOYOBw50hDCkxe1
CHCiTzUlRJq2qMZZ0rKiqXOWHLtKq/CD5ySy9hd+17fqaWwnwXgAUkc9RVRw6yeU
YgOgyZEsDNRt5G+t4HmrMr2EQQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFLTlSlQk
k9XwwNd7H2WzsEeNEvXUMB8GA1UdIwQYMBaAFD0mXkASMUN6kQ7CH+TtTuOxJpyN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkNGQy8wRUYzQjM4ODdE
M0UxMUVCOUVERjY4N0NDNEY5QUUwMi9QU1plUUJJeFEzcVJEc0lmNU8xTzQ3RW1u
STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BTWmVRQkl4UTNxUkRzSWY1TzFPNDdFbW5JMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUZDRkMvMEVGM0IzODg3RDNFMTFFQjlFREY2ODdDQzRGOUFFMDIvM0E1NDJCRTBC
Qzc1MTFFQkJCMDg0RDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ32JIAwDQYJKoZIhvcNAQELBQADggEBAGsDadhrJdfV
reDhTQXcIne5Ni4Gw+Qw83wa11TYNyzf4xbP+o1pxnIDtBYDJ4io4PmaeKur0Jn0
BZ+BUv/mOsZjKOuGLl5BFEqsI3T8TD4wwNkEDqdfKI+uIxt25yX1UpcukD2ne+xm
2Mh/GXF8Kxwtsq0N8vDlXPu6JdPjr10mGTA2u2KZWuJYmD0DWQLBxpJXxQgNT1GQ
X81LbhLaJ/6MbYhypBVunhqra2DyHMpQKN2QiHubYo8t8vzOfzGbZ66evv1CvQOj
qcigsfelgm5d1/fkDYn9jqHtgUezOXgehVntLJuIUbUR+7H++fflMROQROlmTo5e
rKareCHdOFU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:57:22 2025 by rpki-client