Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/95B5C59E2DCE11EEB652B16FC4F9AE02.roa
File: 95B5C59E2DCE11EEB652B16FC4F9AE02.roa (raw, json)
Hash identifier: esENVVA6EiNHoh8zYMrrGIlsPVgfxlInP1Q1Dqp1TX0=
Subject key identifier: E8:D5:47:29:7A:36:0F:4E:25:EB:D7:E1:05:02:E5:CE:CE:41:43:21
Certificate issuer: /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Certificate serial: 3431
Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/95B5C59E2DCE11EEB652B16FC4F9AE02.roa
Signing time: Tue 20 Aug 2024 15:31:16 +0000
ROA not before: Tue 20 Aug 2024 15:31:16 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 148003
IP address blocks: 240a:eff6::/32 maxlen: 32
240a:eff7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13361 (0x3431)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09
Validity
Not Before: Aug 20 15:31:16 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66c4b6c3-f307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bc:75:26:a2:5e:f0:6a:07:00:93:43:91:7d:
8e:54:09:b6:c4:29:f2:de:12:01:8f:36:0d:39:e8:
c0:66:e6:a9:5e:38:ea:77:6f:82:2f:75:83:df:0e:
32:7d:3b:35:b2:bc:1a:c6:f6:00:81:37:7e:d2:cd:
de:d0:5e:88:cd:53:6c:0c:d6:67:63:4c:80:a0:3b:
e3:7d:7a:c4:95:ae:b3:58:91:97:84:2a:8d:a7:2d:
5a:74:bd:76:79:84:fe:d2:c7:f0:f6:80:aa:0c:8b:
7d:9f:46:1c:21:95:4e:89:ce:e7:79:87:64:cf:8c:
76:88:90:c6:5c:37:5a:6c:1b:5e:78:89:aa:a4:88:
05:9c:b2:99:d3:69:84:86:6c:c6:e4:4e:6f:4a:97:
8d:84:da:0f:9d:6a:a4:02:ec:9f:f3:e8:96:98:5a:
24:16:cc:9d:8d:69:10:73:c3:a8:4c:9f:10:f3:1c:
64:42:1b:66:2d:cf:18:b9:fc:7e:88:51:73:7b:df:
b9:b6:d0:f1:f9:12:66:01:b4:30:80:70:68:61:af:
42:b4:80:6f:c9:d3:be:a7:e1:67:86:f5:1a:11:42:
1e:26:be:88:60:0d:f7:ee:e9:2a:3c:98:28:db:14:
4b:80:02:ce:d0:19:34:23:3d:9b:e6:b4:a1:9d:d8:
ce:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D5:47:29:7A:36:0F:4E:25:EB:D7:E1:05:02:E5:CE:CE:41:43:21
X509v3 Authority Key Identifier:
keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/95B5C59E2DCE11EEB652B16FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:eff6::/31
Signature Algorithm: sha256WithRSAEncryption
33:ba:67:cd:8d:93:80:7c:6d:b7:d9:b9:86:bf:19:73:a5:a5:
06:a0:32:6b:da:a5:f9:cb:0a:cb:7a:cc:b0:4a:62:67:4e:81:
08:a4:81:26:04:94:b5:51:34:59:d9:0f:38:eb:a6:aa:e8:0b:
d7:20:d1:55:ec:38:5e:fe:b8:28:36:fe:c2:b7:c4:ef:93:3e:
99:66:55:3f:d2:83:f2:33:24:ba:da:04:d2:d9:51:eb:ed:96:
a9:d7:69:05:c5:a9:45:6c:44:0f:10:8b:d5:4c:5a:5e:4c:47:
8b:6d:6f:e2:a8:5f:51:d7:c8:ab:a0:06:6f:34:24:bc:c1:fb:
27:19:f5:3c:e1:0e:71:05:9e:49:43:e1:ed:a0:69:22:32:7f:
d2:f3:ca:46:9c:ee:e5:01:26:d7:70:49:f6:cd:82:89:ec:3c:
a8:93:8c:e1:ad:e1:cc:c6:d2:6b:44:d7:7c:e3:b2:3e:24:0f:
4b:df:13:24:cf:4e:6e:3d:91:bb:dd:b6:de:a7:d0:cf:ac:ee:
28:f0:7c:2f:11:63:0e:0c:8a:52:6e:0e:be:53:f4:32:0c:73:
61:f7:25:68:05:07:da:4a:4a:53:88:c7:a9:f0:1b:33:14:8e:
1a:83:58:fe:a7:42:6d:27:c2:66:d8:ab:a3:6d:fb:12:c3:e6:
f8:a9:a1:9b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICNDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3
QTQ3QTVGMDkwHhcNMjQwODIwMTUzMTE2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0YjZjMy1mMzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArbx1JqJe8GoHAJNDkX2OVAm2xCny3hIBjzYNOejAZuapXjjqd2+CL3WD3w4y
fTs1srwaxvYAgTd+0s3e0F6IzVNsDNZnY0yAoDvjfXrEla6zWJGXhCqNpy1adL12
eYT+0sfw9oCqDIt9n0YcIZVOic7neYdkz4x2iJDGXDdabBteeImqpIgFnLKZ02mE
hmzG5E5vSpeNhNoPnWqkAuyf8+iWmFokFsydjWkQc8OoTJ8Q8xxkQhtmLc8Yufx+
iFFze9+5ttDx+RJmAbQwgHBoYa9CtIBvydO+p+FnhvUaEUIeJr6IYA337ukqPJgo
2xRLgALO0Bk0Iz2b5rShndjO2QIDAQABo4ICljCCApIwHQYDVR0OBBYEFOjVRyl6
Ng9OJevX4QUC5c7OQUMhMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1
MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJDN0EvNEM1MjhGNzg0NTAzMTFFMkJEQ0ExRjczMjk3OUJCMjAvOTVCNUM1OUUy
RENFMTFFRUI2NTJCMTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQEkCu/2MA0GCSqGSIb3DQEBCwUAA4IBAQAzumfNjZOAfG23
2bmGvxlzpaUGoDJr2qX5ywrLesywSmJnToEIpIEmBJS1UTRZ2Q8466aq6AvXINFV
7Dhe/rgoNv7Ct8Tvkz6ZZlU/0oPyMyS62gTS2VHr7Zap12kFxalFbEQPEIvVTFpe
TEeLbW/iqF9R18iroAZvNCS8wfsnGfU84Q5xBZ5JQ+HtoGkiMn/S88pGnO7lASbX
cEn2zYKJ7Dyok4zhreHMxtJrRNd847I+JA9L3xMkz05uPZG73bbep9DPrO4o8Hwv
EWMODIpSbg6+U/QyDHNh9yVoBQfaSkpTiMep8BszFI4ag1j+p0JtJ8Jm2KujbfsS
w+b4qaGb
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:35:24 2025 by rpki-client