Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1130D9E6170F11EFA759BB28C4F9AE02.roa
File: 1130D9E6170F11EFA759BB28C4F9AE02.roa (raw, json)
Hash identifier: CypHmnPrz/VEsPMtR3qxoopQjrHcXWcp/eYcNOnRCsg=
Subject key identifier: 15:B1:E4:A8:0B:0E:2D:66:2A:D3:4A:67:84:30:83:47:DC:A2:D4:9D
Certificate issuer: /CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Certificate serial: 98
Authority key identifier: D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1130D9E6170F11EFA759BB28C4F9AE02.roa
Signing time: Tue 21 May 2024 01:11:36 +0000
ROA not before: Tue 21 May 2024 01:11:36 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 137443
IP address blocks: 2403:1a40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152 (0x98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB07D/serialNumber=D4310690DCEB7EE4A18DA3579ACAD174818646A3
Validity
Not Before: May 21 01:11:36 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=664bf4c7-c9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:03:32:19:df:3a:63:0b:53:e9:9c:66:b2:50:
59:b2:54:a5:7a:8f:a6:3d:32:a3:ef:75:e7:a2:bd:
a6:6d:c7:26:f4:aa:dd:5f:02:85:d1:94:58:fa:63:
1f:9f:16:9d:1f:91:ba:2d:92:1c:7e:19:cc:28:58:
03:50:60:1e:88:b3:a4:11:49:e3:e6:0b:d2:8e:de:
f4:2e:33:01:b4:2f:35:f1:3c:54:a8:5a:fc:fb:9c:
3f:a1:b4:f0:7b:9f:e9:52:43:63:1d:32:e4:34:f2:
47:6b:96:96:5d:4d:24:89:a8:d8:54:e9:e6:98:78:
8a:28:82:7e:d3:15:94:ac:f2:7d:ad:3d:24:f3:79:
0e:9a:a1:56:ad:a8:3d:ee:22:8b:17:b8:60:b6:fd:
fc:e9:89:fa:60:c9:85:0d:03:47:eb:00:98:a8:7a:
db:6d:71:e6:cc:23:3a:b5:80:c0:fc:96:f7:d1:bc:
ef:2e:6d:9c:41:a7:c7:33:53:38:54:21:03:83:e5:
a2:e9:e8:53:af:f0:15:d4:3d:2e:1b:09:4a:7e:8f:
f9:b8:cc:14:b0:d5:aa:ab:31:02:42:9e:fa:3b:6f:
8a:bf:6b:75:48:38:fe:dc:8c:85:8a:0a:1d:d9:98:
67:b2:bb:8b:e0:c3:c2:f9:75:80:f7:c5:73:f5:65:
94:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B1:E4:A8:0B:0E:2D:66:2A:D3:4A:67:84:30:83:47:DC:A2:D4:9D
X509v3 Authority Key Identifier:
keyid:D4:31:06:90:DC:EB:7E:E4:A1:8D:A3:57:9A:CA:D1:74:81:86:46:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1DEGkNzrfuShjaNXmsrRdIGGRqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DEGkNzrfuShjaNXmsrRdIGGRqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB07D/E9B4853C4AC411EE9839386FC4F9AE02/1130D9E6170F11EFA759BB28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
73:17:1f:95:f2:4f:83:c3:ca:41:34:92:9e:d2:99:47:9f:53:
6d:ad:fa:4a:6b:58:10:f8:82:0b:72:af:7c:6c:1d:d2:12:03:
3a:a4:24:08:7a:51:c5:de:72:1d:08:0c:f6:0b:24:ec:14:67:
d0:5d:64:5a:8b:c8:fc:ef:46:53:35:bc:68:bf:6a:0c:82:45:
cd:bd:3f:09:ad:be:05:5b:a7:78:3b:e5:ff:0f:f9:a2:0e:6c:
60:9b:a5:5b:c2:32:52:3b:10:c2:10:ad:47:8f:7a:0f:7f:7e:
79:3d:04:ad:0c:43:8a:c8:62:5d:b2:18:9f:76:bd:f2:41:fd:
d0:c8:7e:cc:09:6d:dc:6f:c1:c4:24:0e:e8:88:f0:06:04:0a:
ba:d0:e4:90:aa:fd:7b:7d:39:5d:2a:6a:b6:46:a8:8c:cc:b3:
6c:14:0d:7b:90:ba:0c:6b:f6:36:c4:fb:8f:88:c9:e8:89:8d:
53:17:c8:4a:fd:d7:c9:9d:6a:23:28:d3:3b:59:8c:36:58:ee:
d1:1c:46:5b:73:b8:5f:2d:3a:2c:5c:fa:55:64:b2:1b:26:c1:
17:1c:e6:f7:9f:a4:71:01:8c:dd:3d:33:0c:52:7d:cd:8d:3c:
cc:d6:6a:c0:df:3f:b3:37:65:13:02:ea:b5:38:aa:a2:de:e8:
30:7e:9c:c3
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkIwN0QxMTAvBgNVBAUTKEQ0MzEwNjkwRENFQjdFRTRBMThEQTM1NzlBQ0FEMTc0
ODE4NjQ2QTMwHhcNMjQwNTIxMDExMTM2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiZjRjNy1jOWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAogMyGd86YwtT6ZxmslBZslSleo+mPTKj73Xnor2mbccm9KrdXwKF0ZRY+mMf
nxadH5G6LZIcfhnMKFgDUGAeiLOkEUnj5gvSjt70LjMBtC818TxUqFr8+5w/obTw
e5/pUkNjHTLkNPJHa5aWXU0kiajYVOnmmHiKKIJ+0xWUrPJ9rT0k83kOmqFWrag9
7iKLF7hgtv386Yn6YMmFDQNH6wCYqHrbbXHmzCM6tYDA/Jb30bzvLm2cQafHM1M4
VCEDg+Wi6ehTr/AV1D0uGwlKfo/5uMwUsNWqqzECQp76O2+Kv2t1SDj+3IyFigod
2ZhnsruL4MPC+XWA98Vz9WWUIwIDAQABo4ICljCCApIwHQYDVR0OBBYEFBWx5KgL
Di1mKtNKZ4Qwg0fcotSdMB8GA1UdIwQYMBaAFNQxBpDc637koY2jV5rK0XSBhkaj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjA3RC9FOUI0ODUzQzRB
QzQxMUVFOTgzOTM4NkZDNEY5QUUwMi8xREVHa056cmZ1U2hqYU5YbXNyUmRJR0dS
cU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFERUdrTnpyZnVTaGphTlhtc3JSZElHR1JxTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkIwN0QvRTlCNDg1M0M0QUM0MTFFRTk4MzkzODZGQzRGOUFFMDIvMTEzMEQ5RTYx
NzBGMTFFRkE3NTlCQjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAxpAMA0GCSqGSIb3DQEBCwUAA4IBAQBzFx+V8k+Dw8pB
NJKe0plHn1NtrfpKa1gQ+IILcq98bB3SEgM6pCQIelHF3nIdCAz2CyTsFGfQXWRa
i8j870ZTNbxov2oMgkXNvT8Jrb4FW6d4O+X/D/miDmxgm6VbwjJSOxDCEK1Hj3oP
f355PQStDEOKyGJdshifdr3yQf3QyH7MCW3cb8HEJA7oiPAGBAq60OSQqv17fTld
Kmq2RqiMzLNsFA17kLoMa/Y2xPuPiMnoiY1TF8hK/dfJnWojKNM7WYw2WO7RHEZb
c7hfLTosXPpVZLIbJsEXHOb3n6RxAYzdPTMMUn3NjTzM1mrA3z+zN2UTAuq1OKqi
3ugwfpzD
-----END CERTIFICATE-----
Generated at Fri Jun 7 01:38:35 2024 by rpki-client on console-fra.rpki-client.org