Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/7A5A3018369911EEA7B51070C4F9AE02.roa
File: 7A5A3018369911EEA7B51070C4F9AE02.roa (raw, json)
Hash identifier: Og8kLNzaVhBQKU3tbt1hgn1OVRSVfiYrmCnuH8rD/SI=
Subject key identifier: D3:00:C0:95:80:36:E4:38:9B:0C:19:B6:B5:ED:76:D6:2D:24:C1:5B
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 03D4
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/7A5A3018369911EEA7B51070C4F9AE02.roa
Signing time: Thu 06 Mar 2025 14:53:31 +0000
ROA not before: Thu 06 Mar 2025 14:53:31 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 141039
IP address blocks: 2407:e8c0:10::/48 maxlen: 48
2407:e8c0:14::/48 maxlen: 48
2407:e8c0:15::/48 maxlen: 48
2407:e8c0:16::/48 maxlen: 48
2407:e8c0:17::/48 maxlen: 48
2407:e8c0:18::/48 maxlen: 48
2407:e8c0:19::/48 maxlen: 48
2407:e8c0:1a::/48 maxlen: 48
2407:e8c0:1b::/48 maxlen: 48
2407:e8c0:1c::/48 maxlen: 48
2407:e8c0:1d::/48 maxlen: 48
2407:e8c0:1e::/48 maxlen: 48
2407:e8c0:4000::/40 maxlen: 40
2407:e8c0:4100::/40 maxlen: 40
2407:e8c0:4200::/40 maxlen: 40
2407:e8c0:4300::/40 maxlen: 40
2407:e8c0:4400::/40 maxlen: 40
2407:e8c0:4500::/40 maxlen: 40
2407:e8c0:4600::/40 maxlen: 40
2407:e8c0:4700::/40 maxlen: 40
2407:e8c0:4800::/40 maxlen: 40
2407:e8c0:4900::/40 maxlen: 40
2407:e8c0:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 980 (0x3d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1
Validity
Not Before: Mar 6 14:53:31 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c9b6eb-4de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:97:36:4d:e0:0c:b4:5f:86:8a:36:ea:2a:f1:
e8:2e:90:2c:78:76:27:ff:88:e2:ca:8f:51:c1:a5:
81:65:9c:2f:c6:2c:8e:94:4a:62:23:a4:42:0a:65:
83:6d:ce:be:cc:db:ff:80:19:8e:86:dd:51:ae:5b:
76:5f:7f:15:dc:dc:33:af:f3:42:71:07:24:05:29:
90:b9:2c:19:5c:1f:d2:91:f3:2c:48:bb:cd:5a:a6:
3d:9f:51:df:b3:4a:1c:87:fd:07:0d:66:a3:b7:c6:
dd:45:65:e8:e5:79:27:6f:64:0d:1d:2f:8f:a2:71:
e9:a0:bf:b0:25:4f:97:09:9b:07:09:b4:a2:22:15:
c3:f1:86:c2:a0:5a:60:57:10:5a:4f:af:7b:ff:79:
2e:51:37:d3:62:c0:4f:e0:2f:d4:2c:3a:64:14:02:
cd:56:ee:3f:25:34:12:a2:6a:5a:d7:66:7b:b0:e2:
bc:0c:f2:ae:f6:36:b6:2c:09:ff:14:29:1e:41:12:
4e:e1:14:ad:8b:41:71:4e:58:6c:22:25:c1:e8:ce:
d5:30:7b:94:92:b4:40:6b:82:36:85:7d:8e:76:2c:
4b:41:99:67:88:fb:92:d8:20:62:e5:61:4f:00:6e:
fa:fb:0d:4d:d6:93:1c:1e:fd:14:e9:7a:73:0f:29:
b8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:00:C0:95:80:36:E4:38:9B:0C:19:B6:B5:ED:76:D6:2D:24:C1:5B
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/7A5A3018369911EEA7B51070C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:e8c0:10::/48
2407:e8c0:14::-2407:e8c0:1e:ffff:ffff:ffff:ffff:ffff
2407:e8c0:4000::-2407:e8c0:49ff:ffff:ffff:ffff:ffff:ffff
2407:e8c0:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:c2:8f:5e:f5:1f:17:a8:7d:83:1b:62:d0:26:57:3d:bf:0c:
d5:30:bb:e3:7f:41:a6:e4:7f:9e:9b:84:b4:fb:08:cd:87:41:
43:34:fb:0e:eb:51:3a:95:0f:f4:1b:88:16:c8:b0:31:40:01:
61:ad:b2:52:7e:47:3b:0f:02:48:c0:05:7c:4a:d6:42:ef:de:
f2:b3:2e:b0:76:79:a5:0c:65:f3:8b:92:e7:4b:1b:b8:f8:8c:
ea:dd:da:88:b5:2e:9d:be:4b:0c:e1:cc:98:3c:71:6d:b7:e3:
4e:09:5e:9d:a9:8f:69:92:3e:37:2c:0c:9c:5d:56:37:d1:77:
d7:b5:f7:6e:be:58:00:42:9a:ea:e2:db:28:c7:d1:ce:ca:99:
99:47:af:d3:22:1c:a4:41:73:fb:a5:7a:b6:5a:15:41:49:de:
61:48:64:a4:6c:50:2d:f9:f5:aa:83:de:dc:95:f2:5d:c8:ab:
1a:0e:0e:f8:34:d5:5f:61:14:9c:bc:c9:f9:19:4e:16:51:87:
dc:0b:1b:07:7f:25:b2:cc:18:52:e7:1f:e9:dc:88:84:68:a0:
46:97:bd:97:42:02:65:f5:7e:74:fe:7e:92:5d:c6:9c:62:34:
47:96:fd:48:36:a9:6d:f3:58:f9:c4:36:89:1f:6d:b7:28:23:
42:93:18:2a
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICA9QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUwMzA2MTQ1MzMxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M5YjZlYi00ZGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoZc2TeAMtF+GijbqKvHoLpAseHYn/4jiyo9RwaWBZZwvxiyOlEpiI6RCCmWD
bc6+zNv/gBmOht1Rrlt2X38V3Nwzr/NCcQckBSmQuSwZXB/SkfMsSLvNWqY9n1Hf
s0och/0HDWajt8bdRWXo5Xknb2QNHS+PonHpoL+wJU+XCZsHCbSiIhXD8YbCoFpg
VxBaT697/3kuUTfTYsBP4C/ULDpkFALNVu4/JTQSompa12Z7sOK8DPKu9ja2LAn/
FCkeQRJO4RSti0FxTlhsIiXB6M7VMHuUkrRAa4I2hX2OdixLQZlniPuS2CBi5WFP
AG76+w1N1pMcHv0U6XpzDym4GQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFNMAwJWA
NuQ4mwwZtrXtdtYtJMFbMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvN0E1QTMwMTgz
Njk5MTFFRUE3QjUxMDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MD0EAgACMDcDBwAkB+jAABAwEgMHAiQH6MAAFAMHACQH6MAAHjAQAwYGJAfo
wEADBgEkB+jASAMGACQH6MBgMA0GCSqGSIb3DQEBCwUAA4IBAQB/wo9e9R8XqH2D
G2LQJlc9vwzVMLvjf0Gm5H+em4S0+wjNh0FDNPsO61E6lQ/0G4gWyLAxQAFhrbJS
fkc7DwJIwAV8StZC797ysy6wdnmlDGXzi5LnSxu4+Izq3dqItS6dvksM4cyYPHFt
t+NOCV6dqY9pkj43LAycXVY30XfXtfduvlgAQprq4tsox9HOypmZR6/TIhykQXP7
pXq2WhVBSd5hSGSkbFAt+fWqg97clfJdyKsaDg74NNVfYRScvMn5GU4WUYfcCxsH
fyWyzBhS5x/p3IiEaKBGl72XQgJl9X50/n6SXcacYjRHlv1INqlt81j5xDaJH223
KCNCkxgq
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:51:42 2025 by rpki-client