Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/3FF5E6A2AD4411EEB7A3885EC4F9AE02.roa
File: 3FF5E6A2AD4411EEB7A3885EC4F9AE02.roa (raw, json)
Hash identifier: uQVmimIu5C0uIGVl4Ddjs28DhQWWGhXHrRmY49EYK/I=
Subject key identifier: 47:50:D0:23:DB:00:A5:B9:E8:25:1A:28:8A:04:2A:5C:C5:F6:D0:84
Certificate issuer: /CN=A919D772/serialNumber=21E7499E2180BD212FAAA0D1521D165677D8BDEE
Certificate serial: 0EAD
Authority key identifier: 21:E7:49:9E:21:80:BD:21:2F:AA:A0:D1:52:1D:16:56:77:D8:BD:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IedJniGAvSEvqqDRUh0WVnfYve4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/3FF5E6A2AD4411EEB7A3885EC4F9AE02.roa
Signing time: Sun 07 Jan 2024 10:05:14 +0000
ROA not before: Sun 07 Jan 2024 10:05:14 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 152300
IP address blocks: 2402:ca40::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3757 (0xead)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D772/serialNumber=21E7499E2180BD212FAAA0D1521D165677D8BDEE
Validity
Not Before: Jan 7 10:05:14 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=659a775a-97c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:0d:36:3f:02:22:5b:5c:10:60:f4:42:0b:b7:
e7:97:d3:6d:29:19:eb:be:ce:7a:6e:85:88:61:ca:
c9:bd:50:d6:e7:f3:65:04:42:73:04:98:84:e4:9d:
27:79:18:ac:7e:3d:27:47:28:66:3b:90:a8:dd:f5:
d4:49:59:b3:97:b9:53:d3:a2:87:65:b6:7d:4c:87:
ce:48:f7:70:04:b0:f9:19:4a:8c:cd:3f:d1:d9:d1:
06:90:d8:50:5e:b1:df:6e:2a:e3:8c:bd:30:1b:7a:
7b:44:bb:ea:6d:de:c8:8c:12:e1:f5:3e:f3:d8:78:
b4:e2:73:c4:ad:e1:de:27:42:7a:1e:03:84:3f:de:
fe:d1:1b:cb:d6:ce:cc:40:62:ff:b8:07:e5:90:37:
b5:e9:34:27:9c:9d:09:7c:e6:39:52:1d:79:2c:32:
72:18:d6:ae:b9:0e:57:b3:80:b2:32:8c:e9:d1:6f:
31:41:b4:ae:c4:c7:64:2c:1c:e0:c5:aa:03:a4:d2:
49:ea:13:4a:ae:e4:82:c2:43:59:a8:15:75:78:b4:
22:f8:f6:2d:43:43:b9:30:04:e4:af:ca:67:be:64:
7c:32:62:5a:2f:84:43:7b:08:da:97:e8:26:0d:e0:
e7:a1:2e:48:d0:69:e1:fc:6b:a0:26:55:89:a7:fe:
c5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:50:D0:23:DB:00:A5:B9:E8:25:1A:28:8A:04:2A:5C:C5:F6:D0:84
X509v3 Authority Key Identifier:
keyid:21:E7:49:9E:21:80:BD:21:2F:AA:A0:D1:52:1D:16:56:77:D8:BD:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/IedJniGAvSEvqqDRUh0WVnfYve4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IedJniGAvSEvqqDRUh0WVnfYve4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D772/C625FF2E6A6311E9B9DAFC6DC4F9AE02/3FF5E6A2AD4411EEB7A3885EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
64:c0:3c:47:fb:93:5a:b1:e6:84:c7:28:20:fd:28:b0:1e:0e:
a5:87:54:30:39:a5:7a:f0:9d:bd:fb:e3:0e:15:ae:c0:cd:86:
71:49:71:35:b3:f7:13:f2:25:24:f2:b6:d1:af:68:ac:9e:36:
95:63:c1:84:b7:b1:a2:35:04:e6:0d:9a:ad:65:ed:86:de:8d:
7f:a6:06:51:94:5a:f0:d0:61:e3:bd:84:38:88:b2:b8:76:f2:
92:fc:2d:9c:fd:fd:96:01:e5:24:9a:12:a6:86:8e:44:67:43:
5d:62:93:71:00:a9:74:96:95:46:da:40:1e:84:d9:b6:f1:cd:
bc:1b:e2:76:1e:51:08:a2:68:fa:f0:ac:a5:dc:c1:72:d1:7f:
55:90:5e:92:22:c9:73:32:a9:fb:b8:bc:a3:4d:ec:13:81:db:
35:ec:9e:df:4b:41:3c:8c:66:c4:51:c3:1f:d1:98:da:c2:81:
87:be:89:31:63:5a:78:c3:21:4b:49:10:d7:cd:21:96:64:22:
68:8d:bc:9e:00:70:c7:4a:ba:8e:d1:b3:06:4b:49:68:ea:dc:
6d:58:30:95:b5:31:51:b7:0f:cf:0a:1e:e8:1a:25:f6:74:6c:
e9:97:89:5c:5c:b0:c2:fe:e9:fe:be:3d:2a:ee:45:6b:08:dd:
7b:d9:5e:8d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICDq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ3NzIxMTAvBgNVBAUTKDIxRTc0OTlFMjE4MEJEMjEyRkFBQTBEMTUyMUQxNjU2
NzdEOEJERUUwHhcNMjQwMTA3MTAwNTE0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTlhNzc1YS05N2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9Q02PwIiW1wQYPRCC7fnl9NtKRnrvs56boWIYcrJvVDW5/NlBEJzBJiE5J0n
eRisfj0nRyhmO5Co3fXUSVmzl7lT06KHZbZ9TIfOSPdwBLD5GUqMzT/R2dEGkNhQ
XrHfbirjjL0wG3p7RLvqbd7IjBLh9T7z2Hi04nPEreHeJ0J6HgOEP97+0RvL1s7M
QGL/uAflkDe16TQnnJ0JfOY5Uh15LDJyGNauuQ5Xs4CyMozp0W8xQbSuxMdkLBzg
xaoDpNJJ6hNKruSCwkNZqBV1eLQi+PYtQ0O5MATkr8pnvmR8MmJaL4RDewjal+gm
DeDnoS5I0Gnh/GugJlWJp/7FewIDAQABo4ICljCCApIwHQYDVR0OBBYEFEdQ0CPb
AKW56CUaKIoEKlzF9tCEMB8GA1UdIwQYMBaAFCHnSZ4hgL0hL6qg0VIdFlZ32L3u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDc3Mi9DNjI1RkYyRTZB
NjMxMUU5QjlEQUZDNkRDNEY5QUUwMi9JZWRKbmlHQXZTRXZxcURSVWgwV1ZuZll2
ZTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0llZEpuaUdBdlNFdnFxRFJVaDBXVm5mWXZlNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ3NzIvQzYyNUZGMkU2QTYzMTFFOUI5REFGQzZEQzRGOUFFMDIvM0ZGNUU2QTJB
RDQ0MTFFRUI3QTM4ODVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAspAMA0GCSqGSIb3DQEBCwUAA4IBAQBkwDxH+5NaseaE
xygg/SiwHg6lh1QwOaV68J29++MOFa7AzYZxSXE1s/cT8iUk8rbRr2isnjaVY8GE
t7GiNQTmDZqtZe2G3o1/pgZRlFrw0GHjvYQ4iLK4dvKS/C2c/f2WAeUkmhKmho5E
Z0NdYpNxAKl0lpVG2kAehNm28c28G+J2HlEIomj68Kyl3MFy0X9VkF6SIslzMqn7
uLyjTewTgds17J7fS0E8jGbEUcMf0ZjawoGHvokxY1p4wyFLSRDXzSGWZCJojbye
AHDHSrqO0bMGS0lo6txtWDCVtTFRtw/PCh7oGiX2dGzpl4lcXLDC/un+vj0q7kVr
CN172V6N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org