Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/72F911C2B24B11EDBFA30B4FC4F9AE02.roa
File: 72F911C2B24B11EDBFA30B4FC4F9AE02.roa (raw, json)
Hash identifier: PKpTUFyxF521J6UNGfDUevxqUHtv+EQ4vxWxH5IWesE=
Subject key identifier: D8:B6:66:C0:8C:AE:5E:F5:80:DB:BD:D6:80:F5:3F:8D:20:BA:C0:77
Certificate issuer: /CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Certificate serial: 011B
Authority key identifier: 84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/72F911C2B24B11EDBFA30B4FC4F9AE02.roa
Signing time: Wed 22 Feb 2023 00:54:24 +0000
ROA not before: Wed 22 Feb 2023 00:54:24 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 12345679
IP address blocks: 2401:4600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283 (0x11b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Validity
Not Before: Feb 22 00:54:24 2023 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=63f567c0-81a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7a:63:1e:52:11:09:e4:57:8c:c5:8f:bd:dd:
83:d8:60:f6:49:d0:7b:85:fd:86:7d:5b:e6:77:9f:
79:03:69:d4:4a:7d:a9:94:41:9e:6c:ff:2d:c0:d4:
f8:90:20:28:77:af:0a:f3:c6:fa:4c:85:eb:12:40:
66:04:f3:2c:12:39:7e:92:6c:82:4c:be:53:96:1f:
38:fe:10:7e:02:90:31:50:51:60:dc:14:ad:49:91:
02:c6:5e:30:92:03:22:76:87:f7:4f:bc:35:9c:8c:
73:d9:05:b2:80:8a:0f:d9:1f:75:e7:26:92:33:d4:
42:05:9d:9d:92:a9:fc:46:f9:c7:b5:f1:df:fc:ec:
ec:4f:42:a5:ce:fa:5d:fc:f2:20:b2:d2:d1:aa:ac:
84:0d:3e:a0:ce:7c:d4:f5:2c:a1:b5:39:52:e3:99:
98:ea:ee:1f:02:15:9f:16:ca:5e:e7:a5:7e:7f:8d:
c2:a9:02:a3:e5:04:0b:ea:7a:9b:ba:ca:9c:fb:f2:
89:ab:c0:58:ce:2b:55:9a:28:45:7e:7d:20:eb:49:
dc:a4:12:0d:48:4f:9b:f4:ec:5d:d3:de:63:42:2b:
df:5c:ca:aa:29:16:1c:ed:a3:aa:b9:c1:91:25:b8:
33:80:7c:d3:4d:55:93:ab:b0:2c:44:d8:0d:d6:1c:
d6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B6:66:C0:8C:AE:5E:F5:80:DB:BD:D6:80:F5:3F:8D:20:BA:C0:77
X509v3 Authority Key Identifier:
keyid:84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/hHAUsVr6eB0igZK-BUFT22Zn1XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/72F911C2B24B11EDBFA30B4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:4600::/32
Signature Algorithm: sha256WithRSAEncryption
58:44:3a:28:c0:03:6b:56:a6:0d:e2:73:73:c2:5e:3b:b0:7f:
17:48:39:ee:6b:82:0a:6f:c7:14:3b:a6:71:1f:13:d7:eb:3a:
e3:c9:57:a9:d7:55:b6:e4:f8:1e:e8:b1:35:bf:8b:bf:f6:d6:
cd:19:5d:e0:b6:0a:be:06:75:19:cb:55:42:ef:92:6c:09:53:
3c:44:f7:ef:30:5d:2e:6d:d0:93:eb:81:f2:89:c3:52:c3:c4:
13:8a:e7:19:a3:2d:32:0e:e2:b0:d1:e6:af:e6:09:3a:e0:5f:
19:cf:f8:c1:1e:4f:35:b2:18:49:49:16:dd:5d:4b:30:3c:33:
29:68:b5:c9:a7:b2:35:c2:46:1a:2a:10:f0:22:db:b1:d6:5c:
ba:e9:e0:4e:95:ae:6f:de:e1:5b:18:75:fe:d5:c4:1c:bc:86:
cd:63:50:a7:e3:28:c0:7f:b2:2e:40:35:6a:34:0f:fa:7a:41:
40:06:d9:e6:ac:d2:cf:5e:0d:01:72:9e:2a:c3:79:35:ca:06:
7b:81:9f:6b:fb:2e:43:7a:99:43:7a:fa:24:cf:a6:84:e4:96:
0d:8b:aa:c2:8c:6a:5f:aa:e3:c9:48:15:c6:aa:b6:8c:63:40:
60:2d:95:80:a6:d2:b0:da:6b:df:bb:27:cf:0d:9e:7a:3d:82:
b4:9a:96:5e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICARswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEMyODcxMTAvBgNVBAUTKDg0NzAxNEIxNUFGQTc4MUQyMjgxOTJCRTA1NDE1M0RC
NjY2N0Q1NzYwHhcNMjMwMjIyMDA1NDI0WhcNMzgwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y1NjdjMC04MWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv3pjHlIRCeRXjMWPvd2D2GD2SdB7hf2GfVvmd595A2nUSn2plEGebP8twNT4
kCAod68K88b6TIXrEkBmBPMsEjl+kmyCTL5Tlh84/hB+ApAxUFFg3BStSZECxl4w
kgMidof3T7w1nIxz2QWygIoP2R915yaSM9RCBZ2dkqn8RvnHtfHf/OzsT0Klzvpd
/PIgstLRqqyEDT6gznzU9SyhtTlS45mY6u4fAhWfFspe56V+f43CqQKj5QQL6nqb
usqc+/KJq8BYzitVmihFfn0g60ncpBINSE+b9Oxd095jQivfXMqqKRYc7aOqucGR
JbgzgHzTTVWTq7AsRNgN1hzWiwIDAQABo4ICljCCApIwHQYDVR0OBBYEFNi2ZsCM
rl71gNu91oD1P40gusB3MB8GA1UdIwQYMBaAFIRwFLFa+ngdIoGSvgVBU9tmZ9V2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzI4Ny84NjFGRDg3QUY1
QUExMUVDQkYxNUU3NzRDNEY5QUUwMi9oSEFVc1ZyNmVCMGlnWkstQlVGVDIyWm4x
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hIQVVzVnI2ZUIwaWdaSy1CVUZUMjJabjFYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMyODcvODYxRkQ4N0FGNUFBMTFFQ0JGMTVFNzc0QzRGOUFFMDIvNzJGOTExQzJC
MjRCMTFFREJGQTMwQjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAUYAMA0GCSqGSIb3DQEBCwUAA4IBAQBYRDoowANrVqYN
4nNzwl47sH8XSDnua4IKb8cUO6ZxHxPX6zrjyVep11W25Pge6LE1v4u/9tbNGV3g
tgq+BnUZy1VC75JsCVM8RPfvMF0ubdCT64HyicNSw8QTiucZoy0yDuKw0eav5gk6
4F8Zz/jBHk81shhJSRbdXUswPDMpaLXJp7I1wkYaKhDwItux1ly66eBOla5v3uFb
GHX+1cQcvIbNY1Cn4yjAf7IuQDVqNA/6ekFABtnmrNLPXg0Bcp4qw3k1ygZ7gZ9r
+y5DeplDevokz6aE5JYNi6rCjGpfquPJSBXGqraMY0BgLZWAptKw2mvfuyfPDZ56
PYK0mpZe
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org