Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/6CFB0FFCF65711EB8988A924C4F9AE02.roa
File: 6CFB0FFCF65711EB8988A924C4F9AE02.roa (raw, json)
Hash identifier: 0e9NIIe4Eh6DQ3FvIOOg4nTVMnHbYlzq1N/yU/4pzQY=
Subject key identifier: D0:E4:1F:FB:D8:82:69:E4:C2:13:18:99:05:9E:DB:B4:B3:E6:70:1C
Certificate issuer: /CN=A919AAA0/serialNumber=2AD526DFD9C7E90CA30C31FCA4E182501B700753
Certificate serial: 05F7
Authority key identifier: 2A:D5:26:DF:D9:C7:E9:0C:A3:0C:31:FC:A4:E1:82:50:1B:70:07:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KtUm39nH6QyjDDH8pOGCUBtwB1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/6CFB0FFCF65711EB8988A924C4F9AE02.roa
Signing time: Mon 02 Dec 2024 23:02:03 +0000
ROA not before: Mon 02 Dec 2024 23:02:03 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 139787
IP address blocks: 2001:df1:fd80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1527 (0x5f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919AAA0
Validity
Not Before: Dec 2 23:02:03 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e3c6b-8759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0f:ad:cc:c0:b5:77:fd:df:70:e2:1b:98:ab:
29:3c:fe:37:1e:69:7e:55:28:e1:99:ec:d0:b5:96:
0a:f6:13:49:29:67:05:60:c3:b2:1a:40:57:07:53:
e1:a6:9b:05:6d:b9:ff:2f:a4:b0:fe:b2:5c:27:00:
54:25:cf:aa:29:38:37:4b:54:d0:c0:51:51:72:50:
88:ce:ff:26:38:15:8b:ea:6e:f7:3f:53:c5:ca:4f:
bf:3a:29:ba:c1:da:ad:1d:51:5a:74:61:fb:1a:27:
7e:0e:0d:00:d8:86:12:10:03:3f:25:9c:15:42:a3:
17:fa:67:aa:9f:ff:56:ca:97:27:70:f5:9e:7d:6e:
0b:aa:fd:8b:34:a1:1d:4d:67:80:75:78:4b:f7:e4:
fb:b9:00:f0:d5:47:72:c6:0e:af:05:67:d6:4b:4a:
d2:5a:a0:ba:3e:c2:b0:66:6b:71:47:cf:56:b1:08:
94:10:4a:a7:f0:c9:8f:3e:d6:b8:85:39:f4:d8:58:
48:20:49:3b:ca:7a:e9:f7:a0:e5:86:67:26:a1:7b:
f0:26:ab:1b:b1:b9:04:3d:5c:ce:0d:a5:43:32:95:
b1:6b:6e:05:2e:4e:db:71:1e:31:4d:3a:4f:c8:e9:
2e:4c:9d:19:80:5b:33:28:ca:d3:1f:5b:ac:e7:b7:
c2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E4:1F:FB:D8:82:69:E4:C2:13:18:99:05:9E:DB:B4:B3:E6:70:1C
X509v3 Authority Key Identifier:
keyid:2A:D5:26:DF:D9:C7:E9:0C:A3:0C:31:FC:A4:E1:82:50:1B:70:07:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/KtUm39nH6QyjDDH8pOGCUBtwB1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KtUm39nH6QyjDDH8pOGCUBtwB1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919AAA0/228396BA95F411EBB31B8F66C4F9AE02/6CFB0FFCF65711EB8988A924C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:fd80::/48
Signature Algorithm: sha256WithRSAEncryption
5a:8b:db:66:61:86:fb:ca:31:d3:b2:ee:c3:23:f9:66:0a:93:
e2:cd:b2:87:ae:0f:bb:1b:b5:c2:33:b2:5e:ea:d5:50:2e:b1:
7d:78:fa:8e:43:fc:76:4b:9e:05:36:d7:80:0a:ee:fb:5b:8d:
dc:fa:0e:ed:a2:cf:6f:58:40:d9:d9:28:86:34:f4:7b:6c:94:
46:cf:7c:b0:ae:fa:9f:d8:2e:59:a0:55:42:fd:c8:63:42:35:
3d:02:be:0f:ae:4b:53:7c:14:e0:c7:eb:ef:16:ee:81:46:57:
5b:de:f9:56:fd:50:03:a4:96:74:7f:68:6f:dc:3c:79:52:bc:
c0:c1:5c:05:37:93:e5:de:1e:2b:78:f0:76:2b:b5:ca:1e:03:
80:07:07:03:d9:58:c7:7e:5e:23:b4:b7:93:a1:df:5a:1d:35:
e0:60:b1:72:d7:aa:2b:6f:5b:ec:ef:4f:43:49:92:b6:b1:bc:
c0:79:25:22:0e:ac:7b:4e:34:b1:1e:bf:e0:9d:cb:9e:b6:85:
b8:80:d8:4e:01:7b:03:ca:b6:ab:cc:ac:a0:cf:cd:9c:47:95:
a4:0c:f6:fd:17:44:25:f4:09:76:92:f1:eb:24:0e:0e:9f:86:
06:d9:f9:1c:44:3d:f8:f8:98:d6:7b:4a:ce:a0:0c:07:0f:92:
36:d6:57:3d
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUFBQTAxMTAvBgNVBAUTKDJBRDUyNkRGRDlDN0U5MENBMzBDMzFGQ0E0RTE4MjUw
MUI3MDA3NTMwHhcNMjQxMjAyMjMwMjAzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlM2M2Yi04NzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoA+tzMC1d/3fcOIbmKspPP43Hml+VSjhmezQtZYK9hNJKWcFYMOyGkBXB1Ph
ppsFbbn/L6Sw/rJcJwBUJc+qKTg3S1TQwFFRclCIzv8mOBWL6m73P1PFyk+/Oim6
wdqtHVFadGH7Gid+Dg0A2IYSEAM/JZwVQqMX+meqn/9WypcncPWefW4Lqv2LNKEd
TWeAdXhL9+T7uQDw1Udyxg6vBWfWS0rSWqC6PsKwZmtxR89WsQiUEEqn8MmPPta4
hTn02FhIIEk7ynrp96DlhmcmoXvwJqsbsbkEPVzODaVDMpWxa24FLk7bcR4xTTpP
yOkuTJ0ZgFszKMrTH1us57fClwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNDkH/vY
gmnkwhMYmQWe27Sz5nAcMB8GA1UdIwQYMBaAFCrVJt/Zx+kMowwx/KThglAbcAdT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QUFBMC8yMjgzOTZCQTk1
RjQxMUVCQjMxQjhGNjZDNEY5QUUwMi9LdFVtMzluSDZReWpEREg4cE9HQ1VCdHdC
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0t0VW0zOW5INlF5akRESDhwT0dDVUJ0d0IxTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUFBQTAvMjI4Mzk2QkE5NUY0MTFFQkIzMUI4RjY2QzRGOUFFMDIvNkNGQjBGRkNG
NjU3MTFFQjg5ODhBOTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3x/YAwDQYJKoZIhvcNAQELBQADggEBAFqL22ZhhvvK
MdOy7sMj+WYKk+LNsoeuD7sbtcIzsl7q1VAusX14+o5D/HZLngU214AK7vtbjdz6
Du2iz29YQNnZKIY09HtslEbPfLCu+p/YLlmgVUL9yGNCNT0Cvg+uS1N8FODH6+8W
7oFGV1ve+Vb9UAOklnR/aG/cPHlSvMDBXAU3k+XeHit48HYrtcoeA4AHBwPZWMd+
XiO0t5Oh31odNeBgsXLXqitvW+zvT0NJkraxvMB5JSIOrHtONLEev+Cdy562hbiA
2E4BewPKtqvMrKDPzZxHlaQM9v0XRCX0CXaS8eskDg6fhgbZ+RxEPfj4mNZ7Ss6g
DAcPkjbWVz0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:30:56 2025 by rpki-client