Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/3632957E441311EE8A03A472C4F9AE02.roa
File: 3632957E441311EE8A03A472C4F9AE02.roa (raw, json)
Hash identifier: hc0GUtEKKEGW9gMZlTO39H3fWKoJ6wdGBAjVqIVrLxQ=
Subject key identifier: A0:47:A9:93:A1:22:2E:76:B2:04:B6:0F:62:81:67:CC:C0:73:48:29
Certificate issuer: /CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Certificate serial: 020C
Authority key identifier: E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/3632957E441311EE8A03A472C4F9AE02.roa
Signing time: Sat 03 Aug 2024 03:54:54 +0000
ROA not before: Sat 03 Aug 2024 03:54:54 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 148996
IP address blocks: 2400:9ce0:6000::/36 maxlen: 36
2400:9ce0:7000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 524 (0x20c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BAC5
Validity
Not Before: Aug 3 03:54:54 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66adaa0e-328e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:52:59:cd:8f:9d:33:82:a0:de:43:7d:49:f0:
e5:c5:4f:86:83:e7:a9:f3:44:4b:71:d8:ca:2b:95:
a7:0d:f6:8a:93:dc:f9:5c:0f:27:a0:25:9c:06:1e:
32:ba:54:07:17:64:a6:87:8c:49:80:2b:65:44:4b:
07:5d:86:d8:ae:f0:7b:21:3b:17:41:5d:44:bf:4f:
a0:1c:e2:c3:12:da:21:d6:cc:e6:23:a9:69:6f:9b:
19:cd:3c:63:93:da:21:a5:6a:66:59:f5:30:15:09:
6c:d7:e5:b0:6f:fb:59:bc:2c:0a:56:dd:51:66:f7:
08:aa:e7:33:ff:60:ba:05:1a:db:51:fa:fb:e9:1e:
b4:88:2d:3e:de:e8:31:13:0b:76:d8:df:a3:bd:7d:
1b:3e:24:0a:2e:6c:cf:83:1d:fb:d0:86:ae:cc:2c:
8d:13:4b:22:db:f2:08:2e:66:e1:eb:b7:f0:11:9f:
79:f4:ff:f7:49:9e:23:d9:09:3d:08:32:04:77:b6:
ee:b1:98:ab:40:aa:2c:73:73:c4:b5:7f:43:f5:8c:
0c:ac:14:28:af:0d:a4:60:8e:1d:94:a5:71:7d:a2:
a4:bb:d7:db:53:68:18:c8:e8:dc:db:16:1a:98:02:
41:17:e1:e2:8b:dc:2e:90:a1:4f:81:ff:95:e2:bb:
08:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:47:A9:93:A1:22:2E:76:B2:04:B6:0F:62:81:67:CC:C0:73:48:29
X509v3 Authority Key Identifier:
keyid:E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/4QiBh_ZAlCY92mdJqV9zqmwasGM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/3632957E441311EE8A03A472C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:9ce0:6000::/35
Signature Algorithm: sha256WithRSAEncryption
1b:d5:75:6b:60:1f:66:b8:98:19:02:1e:94:cb:03:2f:6f:d0:
0a:68:48:65:b3:d0:c2:0e:17:75:b3:f7:6c:bb:c7:38:14:15:
03:3d:de:1b:af:7e:8c:d6:c9:42:38:a9:62:61:4b:0d:79:4f:
e0:2b:d2:20:63:ca:a2:5d:23:01:54:2f:48:b6:af:58:19:f8:
6e:c3:86:a6:92:71:db:58:b8:dc:c8:94:57:b7:9b:64:dd:c3:
84:32:f4:07:9a:58:6b:53:58:91:a2:ee:dd:f7:d5:81:56:5a:
6a:ad:b2:57:ec:e6:e1:d1:39:a5:bf:8f:74:f0:e3:4a:2b:22:
4e:c5:56:67:94:50:f5:36:16:07:e7:c4:84:d1:f4:f9:88:ab:
76:f8:d8:70:01:bd:4a:7f:e8:94:5e:8d:22:7f:10:8b:6d:7a:
01:04:c8:4f:06:c9:e3:fc:40:68:28:cc:b0:be:af:cd:70:03:
06:7a:53:b5:81:58:34:7f:49:3e:62:53:34:6a:29:35:93:31:
7e:d8:2a:51:40:9a:cc:aa:e6:2d:5c:47:1b:6b:93:44:d6:a7:
49:5f:1e:46:53:97:bd:10:77:a1:db:ac:99:cd:90:fb:3a:a5:
8c:67:95:06:51:c7:8b:47:3a:bb:1e:e7:aa:56:15:f6:aa:f5:
e3:af:f4:55
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICAgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JBQzUxMTAvBgNVBAUTKEUxMDg4MTg3RjY0MDk0MjYzRERBNjc0OUE5NUY3M0FB
NkMxQUIwNjMwHhcNMjQwODAzMDM1NDU0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkYWEwZS0zMjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3VJZzY+dM4Kg3kN9SfDlxU+Gg+ep80RLcdjKK5WnDfaKk9z5XA8noCWcBh4y
ulQHF2Smh4xJgCtlREsHXYbYrvB7ITsXQV1Ev0+gHOLDEtoh1szmI6lpb5sZzTxj
k9ohpWpmWfUwFQls1+Wwb/tZvCwKVt1RZvcIqucz/2C6BRrbUfr76R60iC0+3ugx
Ewt22N+jvX0bPiQKLmzPgx370IauzCyNE0si2/IILmbh67fwEZ959P/3SZ4j2Qk9
CDIEd7busZirQKosc3PEtX9D9YwMrBQorw2kYI4dlKVxfaKku9fbU2gYyOjc2xYa
mAJBF+Hii9wukKFPgf+V4rsI5wIDAQABo4IClzCCApMwHQYDVR0OBBYEFKBHqZOh
Ii52sgS2D2KBZ8zAc0gpMB8GA1UdIwQYMBaAFOEIgYf2QJQmPdpnSalfc6psGrBj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkFDNS80NzBBNjIwNDE1
MzAxMUVEQkFBM0QwMjdDNEY5QUUwMi80UWlCaF9aQWxDWTkybWRKcVY5enFtd2Fz
R00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRRaUJoX1pBbENZOTJtZEpxVjl6cW13YXNHTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JBQzUvNDcwQTYyMDQxNTMwMTFFREJBQTNEMDI3QzRGOUFFMDIvMzYzMjk1N0U0
NDEzMTFFRThBMDNBNDcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgUkAJzgYDANBgkqhkiG9w0BAQsFAAOCAQEAG9V1a2AfZriY
GQIelMsDL2/QCmhIZbPQwg4XdbP3bLvHOBQVAz3eG69+jNbJQjipYmFLDXlP4CvS
IGPKol0jAVQvSLavWBn4bsOGppJx21i43MiUV7ebZN3DhDL0B5pYa1NYkaLu3ffV
gVZaaq2yV+zm4dE5pb+PdPDjSisiTsVWZ5RQ9TYWB+fEhNH0+YirdvjYcAG9Sn/o
lF6NIn8Qi216AQTITwbJ4/xAaCjMsL6vzXADBnpTtYFYNH9JPmJTNGopNZMxftgq
UUCazKrmLVxHG2uTRNanSV8eRlOXvRB3odusmc2Q+zqljGeVBlHHi0c6ux7nqlYV
9qr146/0VQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:10:48 2025 by rpki-client