Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa
File: DCE70C6EF9B911ED8314C10EC4F9AE02.roa (raw, json)
Hash identifier: 9rL5P9zHSC/zuIwV8jLjeMHlPXI3Jer8IGE3VjIcIMA=
Subject key identifier: 39:F8:EA:76:B3:91:20:3B:6A:1A:D8:4F:50:1D:EC:21:63:74:08:B4
Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42
Certificate serial: 025E
Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa
Signing time: Wed 03 Jul 2024 03:24:43 +0000
ROA not before: Wed 03 Jul 2024 03:24:43 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 3573
IP address blocks: 2404:3d00:41c2::/47 maxlen: 47
2404:3d00:41c2::/48 maxlen: 48
2404:3d00:41c3::/48 maxlen: 48
2404:3d00:41dc::/47 maxlen: 47
2404:3d00:41dc::/48 maxlen: 48
2404:3d00:41dd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 606 (0x25e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB4AF
Validity
Not Before: Jul 3 03:24:43 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6684c47a-3305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:82:06:81:93:bc:9e:69:1f:9e:4d:1e:81:
16:44:00:ad:1e:5a:ac:cb:fe:76:a1:8c:12:5f:9a:
b0:47:f4:e2:f5:cd:fb:10:15:55:32:ec:2f:6c:96:
71:6c:52:d2:8a:a5:02:ea:86:f0:fb:94:3c:4c:a8:
f8:d8:19:cf:54:7c:3c:f6:24:76:ff:a4:78:03:db:
76:fe:68:74:43:dc:b0:ce:b7:47:87:2f:21:a2:a6:
eb:a7:02:64:3b:a0:f5:fd:7b:0d:3f:18:a4:f5:9e:
4c:7f:87:7e:34:b5:a7:47:9b:ea:07:d6:bf:6a:16:
de:04:b0:03:f5:1c:0c:f8:4c:95:bb:15:87:b1:4e:
84:75:00:3c:d6:c6:0b:e0:ec:78:67:b1:f6:1e:66:
f9:d6:0d:33:62:f6:d8:94:cd:a2:a4:cf:a3:1c:12:
ed:ff:b4:70:57:00:cf:9f:5d:37:ea:9b:dc:a8:c6:
ec:6a:47:0c:1e:2e:73:54:69:3a:97:44:7f:4e:a1:
d1:68:e3:48:c3:35:83:78:44:64:f8:3a:e5:10:88:
2f:2c:4d:3c:68:cb:79:d8:cc:05:bb:2e:e3:0e:1b:
c7:3f:51:c8:25:ec:c7:dd:3e:ca:0d:08:96:b2:a1:
54:bf:d4:86:26:62:e5:c9:0d:7d:86:f9:cb:c6:f3:
4b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F8:EA:76:B3:91:20:3B:6A:1A:D8:4F:50:1D:EC:21:63:74:08:B4
X509v3 Authority Key Identifier:
keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:3d00:41c2::/47
2404:3d00:41dc::/47
Signature Algorithm: sha256WithRSAEncryption
70:cb:49:87:90:77:0d:82:81:ac:56:45:12:cd:c3:b9:4f:3c:
db:d3:44:2f:d8:d0:b3:7c:dc:48:c9:29:c5:59:0c:e6:b5:1a:
0b:aa:d3:9f:b1:66:59:b2:8b:dd:23:66:e8:fc:dc:51:db:9e:
73:38:2d:84:9c:2d:6f:d8:4e:3d:ee:cc:e9:bb:b1:11:8e:4a:
38:10:b1:49:ba:34:75:5c:eb:49:1b:db:82:fd:02:eb:c7:d3:
bc:e4:c1:f8:1d:57:fc:31:33:88:b5:cd:dd:b9:c5:cc:48:a4:
94:c3:c3:86:4b:ce:bf:df:7f:9d:a7:a3:86:36:9f:33:18:bb:
36:22:5d:77:9c:94:fa:ad:04:24:ed:2e:0c:c6:d4:31:6b:a1:
81:75:05:ad:ab:4b:48:49:73:b5:4c:23:1f:66:01:8f:db:0d:
23:55:fe:0b:81:7d:00:5c:8a:64:c4:66:c2:12:04:38:8e:d8:
ec:c9:31:cd:65:67:8f:5b:ec:a4:be:ff:c4:a7:39:2f:bb:ed:
42:e5:45:ae:b2:7d:e3:71:c6:27:c2:59:f6:46:b2:90:9f:af:
71:71:6a:29:6d:5e:b1:a8:2d:b9:fc:16:c7:5c:d5:64:3a:e5:
7a:d0:2f:2e:82:27:4a:72:d1:13:99:17:67:71:a8:68:e8:da:
d1:3f:e9:25
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB
NTJDMzRCNDIwHhcNMjQwNzAzMDMyNDQzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0YzQ3YS0zMzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJyCBoGTvJ5pH55NHoEWRACtHlqsy/52oYwSX5qwR/Ti9c37EBVVMuwvbJZx
bFLSiqUC6obw+5Q8TKj42BnPVHw89iR2/6R4A9t2/mh0Q9ywzrdHhy8hoqbrpwJk
O6D1/XsNPxik9Z5Mf4d+NLWnR5vqB9a/ahbeBLAD9RwM+EyVuxWHsU6EdQA81sYL
4Ox4Z7H2Hmb51g0zYvbYlM2ipM+jHBLt/7RwVwDPn1036pvcqMbsakcMHi5zVGk6
l0R/TqHRaONIwzWDeERk+DrlEIgvLE08aMt52MwFuy7jDhvHP1HIJezH3T7KDQiW
sqFUv9SGJmLlyQ19hvnLxvNLoQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDn46naz
kSA7ahrYT1Ad7CFjdAi0MB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD
QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT
MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUI0QUYvQ0M3QjI1NUFEQ0E5MTFFQzk0RTNFMDI5QzRGOUFFMDIvRENFNzBDNkVG
OUI5MTFFRDgzMTRDMTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwEkBD0AQcIDBwEkBD0AQdwwDQYJKoZIhvcNAQELBQADggEB
AHDLSYeQdw2CgaxWRRLNw7lPPNvTRC/Y0LN83EjJKcVZDOa1Gguq05+xZlmyi90j
Zuj83FHbnnM4LYScLW/YTj3uzOm7sRGOSjgQsUm6NHVc60kb24L9AuvH07zkwfgd
V/wxM4i1zd25xcxIpJTDw4ZLzr/ff52no4Y2nzMYuzYiXXeclPqtBCTtLgzG1DFr
oYF1Ba2rS0hJc7VMIx9mAY/bDSNV/guBfQBcimTEZsISBDiO2OzJMc1lZ49b7KS+
/8SnOS+77ULlRa6yfeNxxifCWfZGspCfr3FxailtXrGoLbn8Fsdc1WQ65XrQLy6C
J0py0ROZF2dxqGjo2tE/6SU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:27:23 2025 by rpki-client