Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDA0E/BF94AB6C0AD711E7AD6FE621C4F9AE02/9D99E5569D4F11EE83951D5DC4F9AE02.roa
File: 9D99E5569D4F11EE83951D5DC4F9AE02.roa (raw, json)
Hash identifier: /JgwOTt+veaQCmR0Ub9iCz3VCj49ROxo7TWwW2Bfj2s=
Subject key identifier: 8F:D2:34:C1:E4:B4:17:6A:3F:39:93:0D:6B:F8:82:50:4B:6E:F4:EC
Certificate issuer: /CN=A91BDA0E/serialNumber=18B879EB8186F34920686ACE8BDB8F3C143C8501
Certificate serial: 1AA4
Authority key identifier: 18:B8:79:EB:81:86:F3:49:20:68:6A:CE:8B:DB:8F:3C:14:3C:85:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLh564GG80kgaGrOi9uPPBQ8hQE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDA0E/BF94AB6C0AD711E7AD6FE621C4F9AE02/9D99E5569D4F11EE83951D5DC4F9AE02.roa
Signing time: Mon 18 Dec 2023 02:46:17 +0000
ROA not before: Mon 18 Dec 2023 02:46:17 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 64098
IP address blocks: 2403:780::/32 maxlen: 32
2403:780::/35 maxlen: 40
2403:780:f::/48 maxlen: 48
2403:780:2000::/35 maxlen: 40
2403:780:4000::/35 maxlen: 40
2403:780:6000::/35 maxlen: 40
2403:780:8000::/35 maxlen: 40
2403:780:a000::/35 maxlen: 40
2403:780:c000::/35 maxlen: 40
2403:780:e000::/35 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6820 (0x1aa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDA0E/serialNumber=18B879EB8186F34920686ACE8BDB8F3C143C8501
Validity
Not Before: Dec 18 02:46:17 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=657fb278-bca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:36:4a:4c:54:2e:bb:e4:5c:dd:29:6c:e9:ce:
5a:88:c7:07:f4:6e:cb:db:83:ca:85:a3:b4:cc:4e:
1c:b3:42:f2:28:ab:c3:c7:d5:43:7d:d8:d7:96:ac:
07:99:1e:65:34:55:d9:90:91:29:49:c7:23:9b:a5:
da:ea:e7:a6:f4:46:08:25:2a:80:af:ce:d7:ed:66:
d0:73:40:ad:94:82:00:19:ee:d9:c0:9e:81:97:44:
8c:89:ac:aa:be:73:14:00:59:69:bc:71:d7:2f:cb:
70:39:da:3a:ff:4f:39:be:8c:e9:b9:52:af:00:08:
6c:44:3d:4f:3a:55:64:a3:cb:7b:2e:b9:dd:b0:b9:
10:c4:c9:af:56:1b:de:8e:fa:5d:16:25:7a:4b:8c:
d8:2b:9a:f7:ed:6b:91:3d:6b:ab:ac:c4:5b:d1:12:
92:4f:fa:db:25:7d:0d:23:1c:89:7e:80:38:fe:b6:
61:ff:28:9d:0d:f1:6c:42:d1:26:7a:99:86:ac:a8:
14:b3:00:bc:fe:99:e5:3d:38:eb:bb:90:f2:b7:61:
d2:2e:8c:c5:31:80:5b:a3:63:ae:d5:30:9d:39:2e:
5c:54:f2:b0:f9:ae:95:29:5b:49:e3:2a:70:67:26:
81:05:bd:dd:1e:a4:31:36:40:b3:7a:6b:9d:39:be:
30:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D2:34:C1:E4:B4:17:6A:3F:39:93:0D:6B:F8:82:50:4B:6E:F4:EC
X509v3 Authority Key Identifier:
keyid:18:B8:79:EB:81:86:F3:49:20:68:6A:CE:8B:DB:8F:3C:14:3C:85:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDA0E/BF94AB6C0AD711E7AD6FE621C4F9AE02/GLh564GG80kgaGrOi9uPPBQ8hQE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLh564GG80kgaGrOi9uPPBQ8hQE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDA0E/BF94AB6C0AD711E7AD6FE621C4F9AE02/9D99E5569D4F11EE83951D5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:780::/32
Signature Algorithm: sha256WithRSAEncryption
63:a8:e6:99:d0:43:33:8a:5b:4b:f4:f9:ed:90:51:a6:80:84:
d2:b7:19:21:c5:c6:d7:bf:94:36:13:f6:fa:a6:28:26:e4:ad:
d0:03:00:38:93:97:6f:81:aa:b2:85:33:61:c8:9f:00:1a:56:
92:ec:19:c9:d1:f9:b8:f2:29:ed:55:ba:bd:35:d6:c7:59:a8:
ff:9e:2a:39:9f:6f:32:0e:0d:a9:a6:29:27:70:02:a0:e5:d5:
f8:ed:47:a5:69:25:2a:84:32:8a:4f:ec:2d:26:a4:2d:8f:21:
8e:16:95:8a:8d:bf:91:49:db:ce:14:b8:b0:31:9c:7c:c2:3e:
0c:4c:d0:18:ad:69:94:3e:05:cd:53:2a:32:10:1b:50:bb:22:
f0:bb:bd:78:fc:f0:a0:8f:d2:9b:1f:26:aa:d8:3b:6e:12:3a:
8f:e9:7b:54:c9:16:ce:a9:02:19:68:38:4f:5c:90:73:87:d2:
24:cd:a1:34:38:f7:96:23:ed:25:c3:8a:e9:41:7f:cc:cb:d3:
d2:ce:cd:e8:72:43:14:82:55:b7:af:6b:54:5e:70:24:d8:5e:
f0:e1:09:29:7c:79:b2:f0:7c:46:51:c5:82:2d:d3:f5:68:81:
72:29:b9:10:f1:88:d6:d3:84:35:78:ae:d2:1e:a9:13:25:52:
0e:82:31:a6
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICGqQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkRBMEUxMTAvBgNVBAUTKDE4Qjg3OUVCODE4NkYzNDkyMDY4NkFDRThCREI4RjND
MTQzQzg1MDEwHhcNMjMxMjE4MDI0NjE3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdmYjI3OC1iY2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxTZKTFQuu+Rc3Sls6c5aiMcH9G7L24PKhaO0zE4cs0LyKKvDx9VDfdjXlqwH
mR5lNFXZkJEpSccjm6Xa6uem9EYIJSqAr87X7WbQc0CtlIIAGe7ZwJ6Bl0SMiayq
vnMUAFlpvHHXL8twOdo6/085vozpuVKvAAhsRD1POlVko8t7LrndsLkQxMmvVhve
jvpdFiV6S4zYK5r37WuRPWurrMRb0RKST/rbJX0NIxyJfoA4/rZh/yidDfFsQtEm
epmGrKgUswC8/pnlPTjru5Dyt2HSLozFMYBbo2Ou1TCdOS5cVPKw+a6VKVtJ4ypw
ZyaBBb3dHqQxNkCzemudOb4wYwIDAQABo4ICljCCApIwHQYDVR0OBBYEFI/SNMHk
tBdqPzmTDWv4glBLbvTsMB8GA1UdIwQYMBaAFBi4eeuBhvNJIGhqzovbjzwUPIUB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREEwRS9CRjk0QUI2QzBB
RDcxMUU3QUQ2RkU2MjFDNEY5QUUwMi9HTGg1NjRHRzgwa2dhR3JPaTl1UFBCUTho
UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dMaDU2NEdHODBrZ2FHck9pOXVQUEJROGhRRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkRBMEUvQkY5NEFCNkMwQUQ3MTFFN0FENkZFNjIxQzRGOUFFMDIvOUQ5OUU1NTY5
RDRGMTFFRTgzOTUxRDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAweAMA0GCSqGSIb3DQEBCwUAA4IBAQBjqOaZ0EMziltL
9PntkFGmgITStxkhxcbXv5Q2E/b6pigm5K3QAwA4k5dvgaqyhTNhyJ8AGlaS7BnJ
0fm48intVbq9NdbHWaj/nio5n28yDg2ppikncAKg5dX47UelaSUqhDKKT+wtJqQt
jyGOFpWKjb+RSdvOFLiwMZx8wj4MTNAYrWmUPgXNUyoyEBtQuyLwu714/PCgj9Kb
Hyaq2DtuEjqP6XtUyRbOqQIZaDhPXJBzh9IkzaE0OPeWI+0lw4rpQX/My9PSzs3o
ckMUglW3r2tUXnAk2F7w4QkpfHmy8HxGUcWCLdP1aIFyKbkQ8YjW04Q1eK7SHqkT
JVIOgjGm
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org