Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F025BAB69D5911EEAA9F0413C4F9AE02.roa
File: F025BAB69D5911EEAA9F0413C4F9AE02.roa (raw, json)
Hash identifier: YU4YZ74T7xW8XI8cuLhtjNp6mdFgmcLPCumM3sCTd+o=
Subject key identifier: 43:81:81:EE:A6:AF:DA:04:F4:2D:62:2B:26:CB:21:1D:83:82:94:7D
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3ED1
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F025BAB69D5911EEAA9F0413C4F9AE02.roa
Signing time: Mon 02 Sep 2024 14:50:11 +0000
ROA not before: Mon 02 Sep 2024 14:50:11 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 3970
IP address blocks: 2001:df7:5380::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16081 (0x3ed1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E
Validity
Not Before: Sep 2 14:50:11 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66d5d0a3-ec69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fa:f6:60:1b:42:e9:8e:9b:81:66:06:be:73:
ac:31:64:02:bf:b7:66:78:77:b5:e7:23:b0:c1:ff:
11:67:f6:a4:73:7a:d7:8a:60:cb:50:d7:dd:6b:76:
38:c0:eb:53:81:48:35:9a:48:d1:9f:82:5e:a3:ce:
dd:46:64:d2:97:72:87:b4:e3:8a:5f:1e:cd:01:5c:
dc:21:df:56:65:ce:70:2c:e9:6e:85:6c:2d:1b:64:
1b:e6:80:33:f0:75:5a:87:f1:82:12:0c:f2:4e:ae:
93:16:db:28:75:42:66:9a:f2:ff:c7:bc:a1:ad:9a:
7c:ae:30:49:ee:11:4b:3e:83:fc:48:5c:5d:37:1b:
c9:65:6c:84:64:89:9d:86:ef:39:d0:2e:87:fe:bd:
ab:63:93:44:30:05:cb:8b:27:f2:6d:c7:ba:ac:e2:
95:b3:80:f6:52:64:30:cc:c5:15:1b:15:be:21:8a:
40:cb:f2:55:a9:c6:d8:b8:6c:7b:51:ce:56:97:cd:
08:a0:99:12:d2:c0:13:3d:bf:36:32:28:91:e4:54:
7d:62:22:2d:31:09:df:84:46:c4:a9:83:16:0c:9a:
d2:93:8f:5a:29:71:22:ed:87:40:16:1e:22:0c:68:
5d:46:33:a9:0a:ef:5d:43:9f:83:b3:e6:24:8b:6a:
2e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:81:81:EE:A6:AF:DA:04:F4:2D:62:2B:26:CB:21:1D:83:82:94:7D
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/F025BAB69D5911EEAA9F0413C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df7:5380::/48
Signature Algorithm: sha256WithRSAEncryption
5e:86:e5:f9:fd:0a:07:c5:37:ab:5f:8d:d2:53:53:b4:31:0e:
99:41:6c:fe:7a:68:89:f1:43:71:94:b9:24:43:30:71:4a:7e:
fe:8b:6a:9e:61:25:1b:96:8d:db:e0:dd:08:dd:0e:b2:04:e6:
63:7c:b2:81:1e:53:56:83:28:ce:47:0f:14:90:81:c0:9a:b8:
b6:98:2f:b6:86:3a:5a:b6:14:18:9d:fb:db:98:21:3d:47:8c:
23:0b:07:54:78:1a:c6:ba:af:91:a9:42:09:b8:5c:96:63:ed:
48:ba:21:f6:9a:25:37:ab:a2:16:c7:be:66:ed:ac:b0:c7:8e:
07:d5:fb:55:b3:2d:3c:69:ff:cd:cd:99:65:e0:b5:f4:2f:8b:
a7:70:ff:8f:5e:ea:09:13:7e:1f:c4:45:c4:5c:26:dc:d2:af:
24:49:10:69:53:30:94:2c:aa:d2:31:47:13:a5:93:3f:0a:7b:
7e:84:6e:de:70:82:f6:c4:9d:65:ce:cc:76:c9:3f:2b:52:9e:
0e:a8:50:84:16:ff:ef:c8:c0:25:97:44:1e:c2:97:fc:31:34:
05:dc:9c:24:44:8b:0e:cb:86:a8:52:57:13:0e:e9:75:af:28:
4b:e3:04:11:7b:6a:30:3e:09:c0:e2:35:33:d0:75:2a:7a:02:
73:a2:d6:2a
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICPtEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjQwOTAyMTQ1MDExWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1ZDBhMy1lYzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfr2YBtC6Y6bgWYGvnOsMWQCv7dmeHe15yOwwf8RZ/akc3rXimDLUNfda3Y4
wOtTgUg1mkjRn4Jeo87dRmTSl3KHtOOKXx7NAVzcId9WZc5wLOluhWwtG2Qb5oAz
8HVah/GCEgzyTq6TFtsodUJmmvL/x7yhrZp8rjBJ7hFLPoP8SFxdNxvJZWyEZImd
hu850C6H/r2rY5NEMAXLiyfybce6rOKVs4D2UmQwzMUVGxW+IYpAy/JVqcbYuGx7
Uc5Wl80IoJkS0sATPb82MiiR5FR9YiItMQnfhEbEqYMWDJrSk49aKXEi7YdAFh4i
DGhdRjOpCu9dQ5+Ds+Yki2ouGQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFEOBge6m
r9oE9C1iKybLIR2DgpR9MB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvRjAyNUJBQjY5
RDU5MTFFRUFBOUYwNDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ33U4AwDQYJKoZIhvcNAQELBQADggEBAF6G5fn9CgfF
N6tfjdJTU7QxDplBbP56aInxQ3GUuSRDMHFKfv6Lap5hJRuWjdvg3QjdDrIE5mN8
soEeU1aDKM5HDxSQgcCauLaYL7aGOlq2FBid+9uYIT1HjCMLB1R4Gsa6r5GpQgm4
XJZj7Ui6IfaaJTerohbHvmbtrLDHjgfV+1WzLTxp/83NmWXgtfQvi6dw/49e6gkT
fh/ERcRcJtzSryRJEGlTMJQsqtIxRxOlkz8Ke36Ebt5wgvbEnWXOzHbJPytSng6o
UIQW/+/IwCWXRB7Cl/wxNAXcnCREiw7LhqhSVxMO6XWvKEvjBBF7ajA+CcDiNTPQ
dSp6AnOi1io=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:40:20 2025 by rpki-client