Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CB608BD0D13311EE8B61C185C4F9AE02.roa
File: CB608BD0D13311EE8B61C185C4F9AE02.roa (raw, json)
Hash identifier: GhiisK+xkE915yTtyPUFYsaGYRY3S2Kd3NQqsg2cf3U=
Subject key identifier: DC:05:FC:72:67:5B:16:18:12:17:A7:8C:4E:3C:6B:5A:E8:AB:8D:BF
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3ECF
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CB608BD0D13311EE8B61C185C4F9AE02.roa
Signing time: Mon 02 Sep 2024 14:50:10 +0000
ROA not before: Mon 02 Sep 2024 14:50:10 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 10233
IP address blocks: 2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16079 (0x3ecf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E
Validity
Not Before: Sep 2 14:50:10 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66d5d0a1-bf1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:43:c6:40:42:62:3a:7a:1e:7b:28:b4:e1:50:
64:f2:6b:db:c8:4f:1a:d8:88:4c:06:b7:26:0a:a2:
6a:45:f0:ce:8b:3d:8d:69:07:4a:d4:29:3a:c1:4e:
79:99:70:0c:c5:17:f2:84:d7:ad:da:1d:95:9e:0d:
93:28:a5:5c:8c:01:8d:ed:03:db:17:53:3d:55:21:
fb:c8:35:be:68:25:49:e6:59:4b:04:45:be:32:2d:
2f:9e:36:72:74:14:bc:28:1c:9f:21:ca:6b:c6:a2:
de:a4:58:1a:2b:85:a7:5d:43:b6:12:a3:17:11:5b:
14:44:93:f3:75:0e:9e:01:a1:83:2c:d7:73:49:3d:
3b:a5:b0:ff:8e:1b:ae:5f:fd:c2:6e:ca:07:83:ea:
fb:61:5f:0d:5e:82:9a:22:6f:e8:c3:05:55:1f:b6:
c1:16:73:fc:23:2f:ba:6e:db:25:3b:4f:0f:ec:f4:
de:b7:a5:30:f5:ee:ee:73:57:8c:d9:67:4e:9a:14:
f8:25:55:d9:7a:0d:a3:ac:55:2a:1c:b1:61:fc:8f:
38:76:c2:97:90:86:0b:19:3a:b4:8b:9b:af:c3:e1:
5b:48:3a:58:98:d4:67:da:ae:09:bb:dd:c9:5d:89:
6b:db:45:06:61:55:f4:b3:a0:db:d9:23:2c:40:aa:
df:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:05:FC:72:67:5B:16:18:12:17:A7:8C:4E:3C:6B:5A:E8:AB:8D:BF
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CB608BD0D13311EE8B61C185C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
ac:cf:38:0b:4f:1a:b3:04:86:da:98:d5:ec:db:81:98:e4:c9:
3a:03:20:e7:af:fd:24:e4:3b:51:5c:dc:10:c7:73:c6:b3:67:
fd:a2:1b:45:cc:88:bb:87:2c:d4:d7:a0:85:bc:32:c3:78:27:
79:3a:0e:3f:45:a7:88:3d:79:c1:2c:01:5a:ab:0c:1f:a3:f4:
dd:a9:65:27:cc:b6:a4:07:a6:f3:fc:eb:de:65:6e:18:fd:76:
aa:2c:93:5a:68:2f:3f:41:e2:78:2d:03:b2:30:b4:64:4b:2f:
95:cb:f1:54:52:34:d2:96:67:16:c7:6f:38:5c:4d:5a:7d:68:
45:1a:4a:55:42:58:e7:cd:8d:9a:d5:2c:22:f3:b6:20:b1:f9:
d3:e1:ff:b2:4d:a2:af:dd:9f:69:ae:64:65:9b:9f:52:5d:ee:
ae:7f:1f:f8:bc:1d:22:1a:47:84:e8:ff:ff:67:6f:37:f8:0c:
d7:ca:25:28:9f:53:03:59:01:08:73:3f:24:41:d0:13:05:4c:
4d:b3:44:82:41:c1:0c:82:53:ff:dc:fe:28:0a:00:70:a2:39:
86:3d:78:53:2a:e0:5b:fd:af:9a:b2:8b:5d:e8:c4:82:7e:84:
f4:7d:30:68:56:42:37:40:c0:49:30:46:37:79:24:eb:0e:49:
b3:1b:63:12
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICPs8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjQwOTAyMTQ1MDEwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1ZDBhMS1iZjFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3kPGQEJiOnoeeyi04VBk8mvbyE8a2IhMBrcmCqJqRfDOiz2NaQdK1Ck6wU55
mXAMxRfyhNet2h2Vng2TKKVcjAGN7QPbF1M9VSH7yDW+aCVJ5llLBEW+Mi0vnjZy
dBS8KByfIcprxqLepFgaK4WnXUO2EqMXEVsURJPzdQ6eAaGDLNdzST07pbD/jhuu
X/3CbsoHg+r7YV8NXoKaIm/owwVVH7bBFnP8Iy+6btslO08P7PTet6Uw9e7uc1eM
2WdOmhT4JVXZeg2jrFUqHLFh/I84dsKXkIYLGTq0i5uvw+FbSDpYmNRn2q4Ju93J
XYlr20UGYVX0s6Db2SMsQKrfDwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNwF/HJn
WxYYEhenjE48a1roq42/MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQ0I2MDhCRDBE
MTMzMTFFRThCNjFDMTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEgAQ33U4AwDQYJKoZIhvcNAQELBQADggEBAKzPOAtPGrME
htqY1ezbgZjkyToDIOev/STkO1Fc3BDHc8azZ/2iG0XMiLuHLNTXoIW8MsN4J3k6
Dj9Fp4g9ecEsAVqrDB+j9N2pZSfMtqQHpvP8695lbhj9dqosk1poLz9B4ngtA7Iw
tGRLL5XL8VRSNNKWZxbHbzhcTVp9aEUaSlVCWOfNjZrVLCLztiCx+dPh/7JNoq/d
n2muZGWbn1Jd7q5/H/i8HSIaR4To//9nbzf4DNfKJSifUwNZAQhzPyRB0BMFTE2z
RIJBwQyCU//c/igKAHCiOYY9eFMq4Fv9r5qyi13oxIJ+hPR9MGhWQjdAwEkwRjd5
JOsOSbMbYxI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:11:45 2025 by rpki-client