Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A31E/C1FA082CC8CB11E790A88138C4F9AE02/2B04CC143D9F11EEACFF646FC4F9AE02.roa
File: 2B04CC143D9F11EEACFF646FC4F9AE02.roa (raw, json)
Hash identifier: ukI4z4ZMWUWet1XkTlAm00Pda4+ffxxraVEq+pStj8k=
Subject key identifier: 41:0E:02:B8:BD:87:6C:E3:08:D8:AA:AF:EA:D9:91:ED:2B:86:89:07
Certificate issuer: /CN=A916A31E/serialNumber=E1BB1E625DBDEBB3220FF923CD6A11A2CE245196
Certificate serial: 17B4
Authority key identifier: E1:BB:1E:62:5D:BD:EB:B3:22:0F:F9:23:CD:6A:11:A2:CE:24:51:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bseYl2967MiD_kjzWoRos4kUZY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A31E/C1FA082CC8CB11E790A88138C4F9AE02/2B04CC143D9F11EEACFF646FC4F9AE02.roa
Signing time: Sat 04 Jan 2025 16:34:36 +0000
ROA not before: Sat 04 Jan 2025 16:34:36 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 23738
IP address blocks: 2401:f9c0:fac0::/48 maxlen: 48
2401:f9c0:fac1::/48 maxlen: 48
2401:f9c0:fac2::/48 maxlen: 48
2401:f9c0:fac3::/48 maxlen: 48
2401:f9c0:fac4::/48 maxlen: 48
2401:f9c0:fac5::/48 maxlen: 48
2401:f9c0:fac6::/48 maxlen: 48
2401:f9c0:fac7::/48 maxlen: 48
2401:f9c0:fac8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6068 (0x17b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A31E/serialNumber=E1BB1E625DBDEBB3220FF923CD6A11A2CE245196
Validity
Not Before: Jan 4 16:34:36 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6779631b-7728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:87:3a:60:48:6d:4c:c8:27:eb:89:6b:65:1d:
44:89:f1:c1:e2:29:dc:14:ee:07:70:c7:bb:10:b0:
08:32:c1:28:79:50:6b:ac:ba:ac:5f:10:a8:39:17:
81:c9:77:2f:09:37:0b:43:38:a0:a3:f2:16:0a:3d:
af:b4:d2:a5:d3:a4:6d:0a:4d:60:94:22:10:dc:85:
56:5a:86:1a:b7:2a:25:d6:90:07:c3:82:50:13:d8:
3a:58:23:28:c0:c8:51:ff:dd:53:47:e8:9e:c6:5e:
4c:d2:60:35:17:ac:24:86:92:db:28:9b:30:2b:cb:
be:b1:4b:af:f2:0c:79:51:c6:cc:99:f6:e1:c5:fc:
34:74:31:10:cb:6e:1e:85:d0:16:10:87:39:64:e8:
e6:8e:2f:5f:6c:7b:e9:dd:5c:9a:15:ab:77:6b:91:
96:47:fb:10:0a:a9:b9:28:e9:d2:91:e0:b9:c2:63:
16:00:fa:c9:f8:c4:69:99:91:b5:d3:51:34:b0:f7:
66:1a:21:53:47:34:70:50:7d:67:ef:7a:07:06:46:
5f:00:b3:e2:54:37:b6:a3:52:60:e0:ef:36:91:02:
5c:22:82:13:c6:2d:77:61:cf:4b:e1:df:5c:e3:73:
32:3b:7f:0e:1e:da:a9:5a:cb:13:b9:6c:8d:d6:88:
b2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:0E:02:B8:BD:87:6C:E3:08:D8:AA:AF:EA:D9:91:ED:2B:86:89:07
X509v3 Authority Key Identifier:
keyid:E1:BB:1E:62:5D:BD:EB:B3:22:0F:F9:23:CD:6A:11:A2:CE:24:51:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A31E/C1FA082CC8CB11E790A88138C4F9AE02/4bseYl2967MiD_kjzWoRos4kUZY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4bseYl2967MiD_kjzWoRos4kUZY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A31E/C1FA082CC8CB11E790A88138C4F9AE02/2B04CC143D9F11EEACFF646FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:f9c0:fac0::-2401:f9c0:fac8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:02:4e:65:b0:7c:12:48:00:71:e3:5e:7c:5b:fd:10:77:a0:
78:1f:0f:f9:d5:23:b7:ad:cf:0f:73:d7:41:f4:a9:45:8b:b1:
7f:87:c8:8a:6f:f4:c2:ae:a9:e3:b3:93:2c:5a:dc:99:f4:39:
38:68:23:4a:c6:ed:83:65:f7:46:60:62:70:50:56:53:e7:a0:
00:c7:2a:5d:da:ad:9c:38:9a:d1:47:99:64:8e:6b:e6:aa:5e:
9d:d8:db:f9:a6:fe:04:b6:e1:e3:95:7e:1c:12:6b:03:dd:80:
e9:ac:64:87:2a:c1:9d:3a:50:2f:db:75:4a:8e:e8:d6:9e:39:
78:7b:43:43:7c:43:95:5b:a0:71:86:b1:f3:59:39:1b:46:bf:
91:53:c5:23:11:04:1f:11:99:08:f1:da:c7:9b:8b:42:70:28:
4d:57:35:8b:c4:9a:a8:e3:87:5e:f5:d5:98:7e:d0:85:d3:61:
2a:b8:7a:7b:f1:f4:7b:28:14:14:8f:a6:cd:c8:08:98:a5:38:
b6:bf:b6:f4:b8:3c:ce:09:1b:07:a0:20:31:d9:fa:67:4b:74:
21:90:76:12:a7:21:73:e9:4a:0b:d6:82:50:d6:7c:27:4b:4d:
29:dd:6e:1c:9d:81:41:70:0e:55:b7:6b:6e:ac:eb:a6:bf:9d:
e6:e9:fb:19
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICF7QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkEzMUUxMTAvBgNVBAUTKEUxQkIxRTYyNURCREVCQjMyMjBGRjkyM0NENkExMUEy
Q0UyNDUxOTYwHhcNMjUwMTA0MTYzNDM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc5NjMxYi03NzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzYc6YEhtTMgn64lrZR1EifHB4incFO4HcMe7ELAIMsEoeVBrrLqsXxCoOReB
yXcvCTcLQzigo/IWCj2vtNKl06RtCk1glCIQ3IVWWoYatyol1pAHw4JQE9g6WCMo
wMhR/91TR+iexl5M0mA1F6wkhpLbKJswK8u+sUuv8gx5UcbMmfbhxfw0dDEQy24e
hdAWEIc5ZOjmji9fbHvp3VyaFat3a5GWR/sQCqm5KOnSkeC5wmMWAPrJ+MRpmZG1
01E0sPdmGiFTRzRwUH1n73oHBkZfALPiVDe2o1Jg4O82kQJcIoITxi13Yc9L4d9c
43MyO38OHtqpWssTuWyN1oiy0QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFEEOAri9
h2zjCNiqr+rZke0rhokHMB8GA1UdIwQYMBaAFOG7HmJdveuzIg/5I81qEaLOJFGW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTMxRS9DMUZBMDgyQ0M4
Q0IxMUU3OTBBODgxMzhDNEY5QUUwMi80YnNlWWwyOTY3TWlEX2tqeldvUm9zNGtV
WlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRic2VZbDI5NjdNaURfa2p6V29Sb3M0a1VaWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkEzMUUvQzFGQTA4MkNDOENCMTFFNzkwQTg4MTM4QzRGOUFFMDIvMkIwNENDMTQz
RDlGMTFFRUFDRkY2NDZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgACMBQwEgMHBiQB+cD6wAMHACQB+cD6yDANBgkqhkiG9w0BAQsFAAOC
AQEADgJOZbB8EkgAceNefFv9EHegeB8P+dUjt63PD3PXQfSpRYuxf4fIim/0wq6p
47OTLFrcmfQ5OGgjSsbtg2X3RmBicFBWU+egAMcqXdqtnDia0UeZZI5r5qpendjb
+ab+BLbh45V+HBJrA92A6axkhyrBnTpQL9t1So7o1p45eHtDQ3xDlVugcYax81k5
G0a/kVPFIxEEHxGZCPHax5uLQnAoTVc1i8SaqOOHXvXVmH7QhdNhKrh6e/H0eygU
FI+mzcgImKU4tr+29Lg8zgkbB6AgMdn6Z0t0IZB2Eqchc+lKC9aCUNZ8J0tNKd1u
HJ2BQXAOVbdrbqzrpr+d5un7GQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:58:51 2025 by rpki-client