Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/725700F8B24B11EDBFA30B4FC4F9AE02.roa
File: 725700F8B24B11EDBFA30B4FC4F9AE02.roa (raw, json)
Hash identifier: CBN1Ldp8p5gJanOP4cIdnxJXhFQqssQhZfjDZEzIwJ8=
Subject key identifier: 6A:BA:3E:48:E1:AA:47:B0:2A:2D:FC:8C:C3:66:F6:A0:94:2F:15:14
Certificate issuer: /CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Certificate serial: 011A
Authority key identifier: 84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/725700F8B24B11EDBFA30B4FC4F9AE02.roa
Signing time: Wed 22 Feb 2023 00:54:23 +0000
ROA not before: Wed 22 Feb 2023 00:54:23 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 12345678
IP address blocks: 2401:4600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282 (0x11a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Validity
Not Before: Feb 22 00:54:23 2023 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=63f567bf-d5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:87:0a:46:fd:c1:a3:b6:d1:0c:53:1b:3e:
54:15:60:61:ee:9d:ee:0a:95:f1:9b:e5:72:f0:a3:
4d:c1:ac:2f:af:9f:ca:d9:1f:e8:80:a1:60:d1:bd:
d9:1b:1d:83:78:b3:6e:82:44:f8:17:42:99:b1:82:
dd:9e:31:4e:e8:b5:b3:eb:de:f0:70:a0:c2:2b:6e:
e9:af:87:6e:f9:3a:76:8a:d8:31:01:a3:b2:73:3e:
8b:be:6b:d9:47:5f:c7:3c:06:c6:66:1c:bd:bb:12:
d0:41:2a:ad:d9:33:f4:94:f1:8b:7e:d0:74:86:3f:
76:0c:d3:02:70:70:23:65:64:1c:b3:b5:b2:0b:06:
f7:bd:d7:e0:1b:ff:69:8d:67:3e:91:a0:b9:c5:d2:
a0:11:ba:62:f3:a3:55:92:2f:d3:13:ad:e3:a6:b5:
37:c1:1a:b2:eb:bc:e4:64:ad:35:a7:bb:89:41:d6:
c9:c9:b4:01:c1:83:c9:3b:4b:0e:bc:2c:8b:0d:dc:
87:1a:f6:3f:5c:52:e3:af:c9:66:ec:dd:7e:cd:de:
a8:ea:38:d8:60:86:d9:4c:5a:b2:04:2b:38:2d:1d:
b9:3e:9d:60:c2:18:6c:b4:23:ee:cc:86:7e:42:c9:
75:6a:1e:a8:2d:a2:bf:c5:01:d3:20:b1:43:3e:9c:
63:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BA:3E:48:E1:AA:47:B0:2A:2D:FC:8C:C3:66:F6:A0:94:2F:15:14
X509v3 Authority Key Identifier:
keyid:84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/hHAUsVr6eB0igZK-BUFT22Zn1XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/725700F8B24B11EDBFA30B4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:4600::/32
Signature Algorithm: sha256WithRSAEncryption
5a:c4:6e:fa:19:52:04:cb:82:55:05:ab:1d:13:0c:38:32:73:
42:fd:06:39:ab:57:fa:76:3c:e4:b1:f8:06:12:89:2a:58:a6:
37:a9:b1:b6:f3:09:a5:5d:e0:e0:02:53:03:58:00:29:0d:92:
9f:e9:3c:0c:8d:1b:bf:d3:97:50:7b:46:dc:15:3e:ee:f3:66:
2a:64:98:97:03:7b:45:ce:b4:7f:57:7c:73:e5:74:26:35:e8:
21:4d:d1:f5:dd:bf:12:12:db:3e:c4:09:67:31:c4:c9:e6:18:
d7:92:ef:f6:19:8a:d2:a0:cf:29:5d:28:82:bf:79:8e:d3:74:
3e:55:2e:a2:84:32:84:cc:0b:e3:ed:26:85:6a:f1:29:8d:b3:
34:e9:25:38:13:74:e4:8d:5c:59:33:6f:85:1f:23:1b:7e:f4:
50:7d:80:d7:5b:e3:76:a5:b1:f2:2d:dd:29:20:3f:02:b8:c3:
5d:c5:b5:a4:82:bd:42:67:f7:e2:44:97:e8:d4:2a:51:be:fd:
f4:6a:f7:47:51:ac:8b:7f:1c:d5:80:2b:4a:e7:22:db:ca:0b:
cc:82:c1:85:7b:88:89:d5:59:4c:34:16:c2:a9:63:9b:e4:74:
9e:76:b9:eb:54:6b:18:d3:65:89:cf:16:c9:2e:28:c1:6c:d5:
cf:4a:de:fc
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEMyODcxMTAvBgNVBAUTKDg0NzAxNEIxNUFGQTc4MUQyMjgxOTJCRTA1NDE1M0RC
NjY2N0Q1NzYwHhcNMjMwMjIyMDA1NDIzWhcNMzgwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y1NjdiZi1kNWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvuOHCkb9waO20QxTGz5UFWBh7p3uCpXxm+Vy8KNNwawvr5/K2R/ogKFg0b3Z
Gx2DeLNugkT4F0KZsYLdnjFO6LWz697wcKDCK27pr4du+Tp2itgxAaOycz6LvmvZ
R1/HPAbGZhy9uxLQQSqt2TP0lPGLftB0hj92DNMCcHAjZWQcs7WyCwb3vdfgG/9p
jWc+kaC5xdKgEbpi86NVki/TE63jprU3wRqy67zkZK01p7uJQdbJybQBwYPJO0sO
vCyLDdyHGvY/XFLjr8lm7N1+zd6o6jjYYIbZTFqyBCs4LR25Pp1gwhhstCPuzIZ+
Qsl1ah6oLaK/xQHTILFDPpxjvwIDAQABo4ICljCCApIwHQYDVR0OBBYEFGq6Pkjh
qkewKi38jMNm9qCULxUUMB8GA1UdIwQYMBaAFIRwFLFa+ngdIoGSvgVBU9tmZ9V2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzI4Ny84NjFGRDg3QUY1
QUExMUVDQkYxNUU3NzRDNEY5QUUwMi9oSEFVc1ZyNmVCMGlnWkstQlVGVDIyWm4x
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hIQVVzVnI2ZUIwaWdaSy1CVUZUMjJabjFYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMyODcvODYxRkQ4N0FGNUFBMTFFQ0JGMTVFNzc0QzRGOUFFMDIvNzI1NzAwRjhC
MjRCMTFFREJGQTMwQjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAUYAMA0GCSqGSIb3DQEBCwUAA4IBAQBaxG76GVIEy4JV
BasdEww4MnNC/QY5q1f6djzksfgGEokqWKY3qbG28wmlXeDgAlMDWAApDZKf6TwM
jRu/05dQe0bcFT7u82YqZJiXA3tFzrR/V3xz5XQmNeghTdH13b8SEts+xAlnMcTJ
5hjXku/2GYrSoM8pXSiCv3mO03Q+VS6ihDKEzAvj7SaFavEpjbM06SU4E3TkjVxZ
M2+FHyMbfvRQfYDXW+N2pbHyLd0pID8CuMNdxbWkgr1CZ/fiRJfo1CpRvv30avdH
UayLfxzVgCtK5yLbygvMgsGFe4iJ1VlMNBbCqWOb5HSedrnrVGsY02WJzxbJLijB
bNXPSt78
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org