Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BA82/FBDDAC24CE5A11EE8C3BD03AC4F9AE02/4BFDDACCEB3311EE9D65C57DC4F9AE02.roa
File: 4BFDDACCEB3311EE9D65C57DC4F9AE02.roa (raw, json)
Hash identifier: l2/AcYIuuEmWmC/Xu8FUURnDfGYw2qZ7H+y/uBwBrJE=
Subject key identifier: D8:3F:29:90:72:21:F4:55:A9:AD:C6:DC:A4:B3:B1:58:07:CE:45:3E
Certificate issuer: /CN=A912BA82/serialNumber=AFB8FFE1E8686296B996C63AA902EA9C128F48FE
Certificate serial: 16
Authority key identifier: AF:B8:FF:E1:E8:68:62:96:B9:96:C6:3A:A9:02:EA:9C:12:8F:48:FE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r7j_4ehoYpa5lsY6qQLqnBKPSP4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BA82/FBDDAC24CE5A11EE8C3BD03AC4F9AE02/4BFDDACCEB3311EE9D65C57DC4F9AE02.roa
Signing time: Tue 26 Mar 2024 05:40:05 +0000
ROA not before: Tue 26 Mar 2024 05:40:05 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152332
IP address blocks: 2401:76e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BA82/serialNumber=AFB8FFE1E8686296B996C63AA902EA9C128F48FE
Validity
Not Before: Mar 26 05:40:05 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66025fb4-6828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:dc:f6:50:d3:71:33:30:51:07:cd:ff:30:4f:
18:83:7e:15:51:14:ac:9b:21:3b:0d:a1:88:e2:62:
8b:2e:ac:70:98:8f:65:2a:ba:e0:94:17:0e:5e:db:
e2:f4:97:d6:50:62:7f:37:b9:d5:a3:f3:66:95:f8:
78:98:05:48:bc:b0:da:ed:0a:03:aa:89:74:f8:14:
c9:05:fb:b4:f5:d1:b8:53:3d:4c:5a:9a:d5:42:ae:
e8:b8:86:a4:a8:8e:d6:f5:f8:3f:b0:5d:56:8e:d1:
55:82:7c:b6:ce:96:0d:65:34:81:dd:67:6b:d2:c7:
8d:91:15:2d:1c:5d:d1:90:a1:29:eb:eb:6a:84:ef:
fe:8f:5d:8f:40:4e:96:1c:a6:7b:6a:10:96:8b:01:
59:2e:e8:a9:8a:bb:b5:a5:14:1c:93:d9:48:71:4e:
d7:c6:4d:57:b3:b2:36:c9:d8:19:af:6c:4a:4e:d1:
75:34:ad:71:0f:00:95:9d:5f:4b:10:07:f0:4c:3a:
86:a7:4a:10:51:d0:c7:cc:43:1f:34:33:80:f5:f8:
6b:a2:fe:0e:22:b5:3c:06:5a:90:2a:00:01:21:28:
16:a5:c7:82:f8:6b:7d:bc:2a:24:24:da:9f:bf:81:
72:cf:5e:f2:8e:8e:20:4b:4c:33:3b:5b:85:ab:82:
db:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3F:29:90:72:21:F4:55:A9:AD:C6:DC:A4:B3:B1:58:07:CE:45:3E
X509v3 Authority Key Identifier:
keyid:AF:B8:FF:E1:E8:68:62:96:B9:96:C6:3A:A9:02:EA:9C:12:8F:48:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BA82/FBDDAC24CE5A11EE8C3BD03AC4F9AE02/r7j_4ehoYpa5lsY6qQLqnBKPSP4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r7j_4ehoYpa5lsY6qQLqnBKPSP4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BA82/FBDDAC24CE5A11EE8C3BD03AC4F9AE02/4BFDDACCEB3311EE9D65C57DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:76e0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:bc:f8:2e:47:30:a7:6d:92:3a:46:4f:3d:5d:02:1e:6c:b3:
1c:79:44:ef:56:cb:17:e9:15:c5:60:22:9d:e6:3b:41:ae:1a:
c4:3a:66:7a:2f:8b:76:a6:83:5f:9c:95:ad:e1:ae:7f:d8:ad:
25:b5:06:ef:2a:f1:9a:98:a8:c0:68:2a:d3:e0:9a:fb:cc:62:
db:a4:01:22:e4:e8:b8:98:ac:1d:9a:77:8c:5a:87:cf:e3:71:
33:9a:a3:4b:2f:17:d0:c6:94:52:73:59:df:95:b0:14:20:b4:
df:80:36:f9:87:45:4d:60:72:2b:af:d8:80:f1:27:aa:20:a7:
98:2c:88:d1:18:d4:c7:68:e9:ce:e4:7d:02:93:4c:84:52:06:
79:ce:27:62:ac:fc:95:63:cd:22:45:cf:4f:33:dd:57:47:d5:
a3:27:b1:e0:3f:c3:8b:0c:7b:ad:ff:e5:30:46:f0:13:c3:e3:
fc:61:f0:56:54:e6:23:a1:27:8b:9b:0d:c2:76:01:39:be:7a:
34:66:17:87:2a:a4:fc:c4:b0:8a:59:6a:60:da:7d:e2:7a:78:
cf:16:1d:8f:51:82:04:55:5a:89:27:0b:0d:c1:a0:45:26:48:
56:bd:fd:a2:45:7e:35:c8:3b:75:c5:b7:0a:c3:43:b1:a2:31:
a5:99:a0:6f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
QkE4MjExMC8GA1UEBRMoQUZCOEZGRTFFODY4NjI5NkI5OTZDNjNBQTkwMkVBOUMx
MjhGNDhGRTAeFw0yNDAzMjYwNTQwMDVaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDI1ZmI0LTY4MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDs3PZQ03EzMFEHzf8wTxiDfhVRFKybITsNoYjiYosurHCYj2UquuCUFw5e2+L0
l9ZQYn83udWj82aV+HiYBUi8sNrtCgOqiXT4FMkF+7T10bhTPUxamtVCrui4hqSo
jtb1+D+wXVaO0VWCfLbOlg1lNIHdZ2vSx42RFS0cXdGQoSnr62qE7/6PXY9ATpYc
pntqEJaLAVku6KmKu7WlFByT2UhxTtfGTVezsjbJ2BmvbEpO0XU0rXEPAJWdX0sQ
B/BMOoanShBR0MfMQx80M4D1+Gui/g4itTwGWpAqAAEhKBalx4L4a328KiQk2p+/
gXLPXvKOjiBLTDM7W4Wrgtu7AgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU2D8pkHIh
9FWprcbcpLOxWAfORT4wHwYDVR0jBBgwFoAUr7j/4ehoYpa5lsY6qQLqnBKPSP4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJCQTgyL0ZCRERBQzI0Q0U1
QTExRUU4QzNCRDAzQUM0RjlBRTAyL3I3al80ZWhvWXBhNWxzWTZxUUxxbkJLUFNQ
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcjdqXzRlaG9ZcGE1bHNZNnFRTHFuQktQU1A0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QkE4Mi9GQkREQUMyNENFNUExMUVFOEMzQkQwM0FDNEY5QUUwMi80QkZEREFDQ0VC
MzMxMUVFOUQ2NUM1N0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBduAwDQYJKoZIhvcNAQELBQADggEBABq8+C5HMKdtkjpG
Tz1dAh5ssxx5RO9WyxfpFcVgIp3mO0GuGsQ6Znovi3amg1+cla3hrn/YrSW1Bu8q
8ZqYqMBoKtPgmvvMYtukASLk6LiYrB2ad4xah8/jcTOao0svF9DGlFJzWd+VsBQg
tN+ANvmHRU1gciuv2IDxJ6ogp5gsiNEY1Mdo6c7kfQKTTIRSBnnOJ2Ks/JVjzSJF
z08z3VdH1aMnseA/w4sMe63/5TBG8BPD4/xh8FZU5iOhJ4ubDcJ2ATm+ejRmF4cq
pPzEsIpZamDafeJ6eM8WHY9RggRVWoknCw3BoEUmSFa9/aJFfjXIO3XFtwrDQ7Gi
MaWZoG8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:43:54 2025 by rpki-client