Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913BDEF/711FC11C8A2C11E88C3DF81EC4F9AE02/BE82FBEAA2FF11EDA19DA837C4F9AE02.roa
File: BE82FBEAA2FF11EDA19DA837C4F9AE02.roa (raw, json)
Hash identifier: PYK1xiNxzmQM7+krhpTy+GAUkinZS0gQgVvbrcDzeHo=
Subject key identifier: 5D:9C:D0:AE:28:E2:E3:49:0E:A1:7D:2C:BA:15:5A:FF:A8:98:74:69
Certificate issuer: /CN=A913BDEF/serialNumber=75ACBE1D4E4AACB6BF731B7597D43839E24DA3E7
Certificate serial: 127F
Authority key identifier: 75:AC:BE:1D:4E:4A:AC:B6:BF:73:1B:75:97:D4:38:39:E2:4D:A3:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/day-HU5KrLa_cxt1l9Q4OeJNo-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913BDEF/711FC11C8A2C11E88C3DF81EC4F9AE02/BE82FBEAA2FF11EDA19DA837C4F9AE02.roa
Signing time: Tue 18 Jul 2023 17:34:25 +0000
ROA not before: Tue 18 Jul 2023 17:34:25 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 134090
IP address blocks: 2402:7940::/32 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4735 (0x127f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913BDEF/serialNumber=75ACBE1D4E4AACB6BF731B7597D43839E24DA3E7
Validity
Not Before: Jul 18 17:34:25 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64b6cd21-351b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:79:20:44:ff:65:d6:7c:a8:31:92:74:09:cd:
16:81:cd:86:39:b9:f9:7b:bc:8b:81:70:2a:53:63:
65:fb:63:a8:cc:fa:96:5f:54:c4:a7:c2:8e:83:7b:
03:a4:32:af:cb:3b:ea:9d:50:c4:a3:45:42:1e:e6:
30:53:fc:bb:fd:99:90:fb:73:a7:6f:43:32:98:3d:
9d:99:0a:f4:b7:89:8c:47:1e:35:01:55:d2:85:c0:
9e:5a:93:37:2e:d8:e6:ea:88:28:aa:6f:7c:b1:ce:
c0:21:7b:b7:69:15:22:7d:64:cd:3c:c4:6a:d6:c8:
46:2b:6b:82:99:e7:92:42:8c:fc:5b:71:e5:f7:58:
55:39:b8:0b:68:65:51:00:f5:ac:5d:46:87:ae:c6:
5e:e7:85:75:58:3e:9c:12:2c:ca:62:db:82:d8:e3:
5d:d9:f6:53:cd:69:c1:3f:09:de:0f:7e:41:8c:10:
2b:5e:95:91:ff:34:f2:3e:24:48:fd:55:df:8a:ad:
69:56:08:2a:5a:0d:fa:55:dd:e5:0c:10:c0:c7:4c:
a6:ae:73:a3:c4:5b:5f:db:c5:2c:60:80:8e:d1:fb:
f9:44:97:7d:30:e6:84:7e:77:95:91:47:cb:b5:a5:
20:f4:f0:8d:ca:cc:94:b5:5f:06:2b:8f:9b:4c:84:
b2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9C:D0:AE:28:E2:E3:49:0E:A1:7D:2C:BA:15:5A:FF:A8:98:74:69
X509v3 Authority Key Identifier:
keyid:75:AC:BE:1D:4E:4A:AC:B6:BF:73:1B:75:97:D4:38:39:E2:4D:A3:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913BDEF/711FC11C8A2C11E88C3DF81EC4F9AE02/day-HU5KrLa_cxt1l9Q4OeJNo-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/day-HU5KrLa_cxt1l9Q4OeJNo-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913BDEF/711FC11C8A2C11E88C3DF81EC4F9AE02/BE82FBEAA2FF11EDA19DA837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:7940::/32
Signature Algorithm: sha256WithRSAEncryption
11:d4:e2:0e:95:75:f2:37:24:d3:ed:a9:24:de:36:b5:f8:fd:
b2:33:09:b0:71:ca:0f:6f:5d:6b:8a:e6:e8:a9:e9:b9:51:49:
27:34:98:e6:21:77:ee:6e:3f:73:f6:2d:82:47:4c:40:55:31:
ae:3f:b7:aa:ab:e2:12:b8:da:74:c4:b0:d3:bd:77:b6:5d:ae:
0a:5d:ce:db:cf:59:86:65:fb:c0:70:8b:d4:ad:61:ac:94:b9:
13:a4:f4:16:6e:2f:f1:d3:cd:e6:8f:66:1f:d0:8c:01:b3:b6:
51:6e:43:3f:cd:58:61:20:20:79:2d:52:07:19:53:6e:bd:f4:
64:5b:b1:c6:ae:e3:00:93:a9:ef:3a:89:e6:c0:b1:b1:3a:1a:
bb:9e:7f:69:6f:ea:34:ab:82:ba:09:1d:4a:50:6e:c4:03:e0:
3c:e7:39:3c:9a:0d:5e:10:8d:ee:62:f3:d9:53:90:f2:36:d3:
c0:34:24:3f:de:16:bd:9b:03:3b:3a:fd:1c:0e:c6:5e:e2:87:
90:b4:65:e9:1b:91:98:f1:f4:99:e8:08:8b:05:2e:4b:18:00:
bd:f9:8a:7e:a9:06:1a:84:7e:3a:18:b6:0b:aa:18:cf:60:b9:
83:9f:bb:b6:2f:94:81:37:22:5b:b6:08:be:b9:d4:4a:71:7b:
60:7c:aa:45
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICEn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0JERUYxMTAvBgNVBAUTKDc1QUNCRTFENEU0QUFDQjZCRjczMUI3NTk3RDQzODM5
RTI0REEzRTcwHhcNMjMwNzE4MTczNDI1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI2Y2QyMS0zNTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4HkgRP9l1nyoMZJ0Cc0Wgc2GObn5e7yLgXAqU2Nl+2OozPqWX1TEp8KOg3sD
pDKvyzvqnVDEo0VCHuYwU/y7/ZmQ+3Onb0MymD2dmQr0t4mMRx41AVXShcCeWpM3
Ltjm6ogoqm98sc7AIXu3aRUifWTNPMRq1shGK2uCmeeSQoz8W3Hl91hVObgLaGVR
APWsXUaHrsZe54V1WD6cEizKYtuC2ONd2fZTzWnBPwneD35BjBArXpWR/zTyPiRI
/VXfiq1pVggqWg36Vd3lDBDAx0ymrnOjxFtf28UsYICO0fv5RJd9MOaEfneVkUfL
taUg9PCNysyUtV8GK4+bTISyhQIDAQABo4ICljCCApIwHQYDVR0OBBYEFF2c0K4o
4uNJDqF9LLoVWv+omHRpMB8GA1UdIwQYMBaAFHWsvh1OSqy2v3MbdZfUODniTaPn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQkRFRi83MTFGQzExQzhB
MkMxMUU4OEMzREY4MUVDNEY5QUUwMi9kYXktSFU1S3JMYV9jeHQxbDlRNE9lSk5v
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RheS1IVTVLckxhX2N4dDFsOVE0T2VKTm8tYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0JERUYvNzExRkMxMUM4QTJDMTFFODhDM0RGODFFQzRGOUFFMDIvQkU4MkZCRUFB
MkZGMTFFREExOURBODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAnlAMA0GCSqGSIb3DQEBCwUAA4IBAQAR1OIOlXXyNyTT
7akk3ja1+P2yMwmwccoPb11riuboqem5UUknNJjmIXfubj9z9i2CR0xAVTGuP7eq
q+ISuNp0xLDTvXe2Xa4KXc7bz1mGZfvAcIvUrWGslLkTpPQWbi/x083mj2Yf0IwB
s7ZRbkM/zVhhICB5LVIHGVNuvfRkW7HGruMAk6nvOonmwLGxOhq7nn9pb+o0q4K6
CR1KUG7EA+A85zk8mg1eEI3uYvPZU5DyNtPANCQ/3ha9mwM7Ov0cDsZe4oeQtGXp
G5GY8fSZ6AiLBS5LGAC9+Yp+qQYahH46GLYLqhjPYLmDn7u2L5SBNyJbtgi+udRK
cXtgfKpF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org