Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A129B/4033C1D4343E11E680B1E72CC4F9AE02/3CBCBEB4344011E6A0B7E830C4F9AE02.roa
File: 3CBCBEB4344011E6A0B7E830C4F9AE02.roa (raw, json)
Hash identifier: 7Ym3ke69u6Sca2swOcWcWelbNaYBlCy7qjgYG5i+cwE=
Subject key identifier: B4:41:24:07:C0:5A:60:5B:B0:BD:6E:DD:85:46:BA:7E:44:67:95:61
Certificate issuer: /CN=A91A129B/serialNumber=6BB6C7FDFF5A69C8FEEF732FAD5D1B0A490C6B7D
Certificate serial: 1CE4
Authority key identifier: 6B:B6:C7:FD:FF:5A:69:C8:FE:EF:73:2F:AD:5D:1B:0A:49:0C:6B:7D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a7bH_f9aacj-73MvrV0bCkkMa30.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A129B/4033C1D4343E11E680B1E72CC4F9AE02/3CBCBEB4344011E6A0B7E830C4F9AE02.roa
Signing time: Thu 19 May 2022 04:39:28 +0000
ROA not before: Thu 19 May 2022 04:39:28 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 3598
IP address blocks: 2404:f801::/32 maxlen: 32
2404:f801:8028::/48 maxlen: 48
2404:f801:8058::/48 maxlen: 48
2404:f801:9000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7396 (0x1ce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A129B/serialNumber=6BB6C7FDFF5A69C8FEEF732FAD5D1B0A490C6B7D
Validity
Not Before: May 19 04:39:28 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6285ca00-7abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:28:df:d4:c4:a8:7d:af:50:ca:4a:c2:5c:78:
c3:96:4e:4a:a9:ce:73:8b:9c:63:b0:aa:08:ef:6f:
9d:be:7e:7b:41:7e:82:99:10:01:06:17:23:bf:7c:
24:5e:30:15:92:1e:70:ff:da:8c:d7:4b:8a:3b:2e:
c6:49:e6:0c:eb:73:d4:e0:b9:02:51:35:85:ce:56:
6a:45:a8:33:c6:63:96:c3:b8:3a:39:c3:85:fc:c5:
cd:c1:47:16:b1:c4:74:f6:42:e9:0e:e3:59:02:22:
23:2f:68:b8:46:47:0d:c6:26:01:7f:f7:ad:81:57:
f2:91:45:ab:53:ef:45:29:16:9e:20:3a:14:ba:6e:
12:8c:09:ed:98:ab:fd:f4:14:ba:95:fc:3b:f0:50:
e3:3f:d0:a6:20:78:c8:c0:eb:be:83:fa:2e:a0:ed:
ff:97:98:c6:ee:2e:af:ab:7b:50:02:cc:7f:a6:25:
be:d5:46:ee:47:34:68:53:d4:ea:86:25:ba:95:83:
07:ba:ca:25:c0:b3:7d:db:8c:66:25:09:5d:a9:e9:
6c:78:79:5b:a2:82:50:20:f5:73:5d:66:40:ab:25:
64:af:ff:98:fc:82:9e:0f:b7:b4:27:d5:7f:53:88:
3f:a8:32:6d:33:97:ff:ae:41:66:71:a3:24:63:a9:
86:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:41:24:07:C0:5A:60:5B:B0:BD:6E:DD:85:46:BA:7E:44:67:95:61
X509v3 Authority Key Identifier:
keyid:6B:B6:C7:FD:FF:5A:69:C8:FE:EF:73:2F:AD:5D:1B:0A:49:0C:6B:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A129B/4033C1D4343E11E680B1E72CC4F9AE02/a7bH_f9aacj-73MvrV0bCkkMa30.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a7bH_f9aacj-73MvrV0bCkkMa30.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A129B/4033C1D4343E11E680B1E72CC4F9AE02/3CBCBEB4344011E6A0B7E830C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:f801::/32
Signature Algorithm: sha256WithRSAEncryption
99:d6:5c:c0:10:33:2f:fd:30:bc:7c:c1:21:46:46:1b:20:e6:
af:7c:69:d0:2d:ce:17:14:62:14:1d:c3:a1:cf:79:0b:da:18:
21:7b:b5:9c:d9:b2:ac:78:58:ca:36:2f:fd:e7:37:4a:d9:e5:
89:89:77:8d:96:d0:aa:35:be:c6:81:4f:14:df:46:d3:98:15:
af:f9:49:9d:92:ad:89:1c:13:1b:c3:df:3f:7a:01:2f:59:c7:
85:1e:7c:0c:79:b2:d5:6b:5a:e1:54:6d:f7:11:4c:04:2a:86:
77:c8:92:3e:13:2f:ac:e5:7b:23:fb:61:19:58:0c:6c:7e:c3:
6d:c0:77:ca:ea:8c:c3:46:9d:af:19:ea:7b:99:c9:ad:55:87:
d1:3a:02:7f:18:b2:8c:34:22:a4:4f:ee:95:e1:98:74:ad:8b:
7a:3c:d2:50:8a:4b:80:f1:bb:72:85:35:67:57:60:f4:b5:26:
46:bc:5a:e2:f3:d6:62:2d:a5:6d:79:65:24:5b:6a:ff:78:4e:
86:27:a3:95:87:33:58:de:64:4e:7d:6e:29:8e:97:40:17:3d:
2d:f0:cf:e1:f6:30:92:e4:5d:f6:12:89:f6:00:14:66:f2:db:
e9:d0:07:95:88:83:fa:c9:95:01:f5:21:32:67:93:c8:91:82:
0d:a7:e9:64
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICHOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTEyOUIxMTAvBgNVBAUTKDZCQjZDN0ZERkY1QTY5QzhGRUVGNzMyRkFENUQxQjBB
NDkwQzZCN0QwHhcNMjIwNTE5MDQzOTI4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg1Y2EwMC03YWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsyjf1MSofa9QykrCXHjDlk5Kqc5zi5xjsKoI72+dvn57QX6CmRABBhcjv3wk
XjAVkh5w/9qM10uKOy7GSeYM63PU4LkCUTWFzlZqRagzxmOWw7g6OcOF/MXNwUcW
scR09kLpDuNZAiIjL2i4RkcNxiYBf/etgVfykUWrU+9FKRaeIDoUum4SjAntmKv9
9BS6lfw78FDjP9CmIHjIwOu+g/ouoO3/l5jG7i6vq3tQAsx/piW+1UbuRzRoU9Tq
hiW6lYMHusolwLN924xmJQldqelseHlbooJQIPVzXWZAqyVkr/+Y/IKeD7e0J9V/
U4g/qDJtM5f/rkFmcaMkY6mGKwIDAQABo4ICljCCApIwHQYDVR0OBBYEFLRBJAfA
WmBbsL1u3YVGun5EZ5VhMB8GA1UdIwQYMBaAFGu2x/3/WmnI/u9zL61dGwpJDGt9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTI5Qi80MDMzQzFENDM0
M0UxMUU2ODBCMUU3MkNDNEY5QUUwMi9hN2JIX2Y5YWFjai03M012clYwYkNra01h
MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E3YkhfZjlhYWNqLTczTXZyVjBiQ2trTWEzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTEyOUIvNDAzM0MxRDQzNDNFMTFFNjgwQjFFNzJDQzRGOUFFMDIvM0NCQ0JFQjQz
NDQwMTFFNkEwQjdFODMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBPgBMA0GCSqGSIb3DQEBCwUAA4IBAQCZ1lzAEDMv/TC8
fMEhRkYbIOavfGnQLc4XFGIUHcOhz3kL2hghe7Wc2bKseFjKNi/95zdK2eWJiXeN
ltCqNb7GgU8U30bTmBWv+Umdkq2JHBMbw98/egEvWceFHnwMebLVa1rhVG33EUwE
KoZ3yJI+Ey+s5Xsj+2EZWAxsfsNtwHfK6ozDRp2vGep7mcmtVYfROgJ/GLKMNCKk
T+6V4Zh0rYt6PNJQikuA8btyhTVnV2D0tSZGvFri89ZiLaVteWUkW2r/eE6GJ6OV
hzNY3mROfW4pjpdAFz0t8M/h9jCS5F32Eon2ABRm8tvp0AeViIP6yZUB9SEyZ5PI
kYINp+lk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org