Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170D3E/BDEE9E249FD711EF9E38A837C4F9AE02/232F490A9FD811EFA92BE338C4F9AE02.roa
File: 232F490A9FD811EFA92BE338C4F9AE02.roa (raw, json)
Hash identifier: oshENdblJra/vyPm3h+L7O2yi470pUSFRiQdE49uRfI=
Subject key identifier: 25:7E:FD:79:85:E6:FF:24:41:92:BE:DF:21:4A:AF:F2:8A:84:E4:3B
Certificate issuer: /CN=A9170D3E/serialNumber=07F31B474713B3A152C6A5F8F48DED2097DC241F
Certificate serial: 02
Authority key identifier: 07:F3:1B:47:47:13:B3:A1:52:C6:A5:F8:F4:8D:ED:20:97:DC:24:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B_MbR0cTs6FSxqX49I3tIJfcJB8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170D3E/BDEE9E249FD711EF9E38A837C4F9AE02/232F490A9FD811EFA92BE338C4F9AE02.roa
Signing time: Mon 11 Nov 2024 02:53:32 +0000
ROA not before: Mon 11 Nov 2024 02:53:32 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138667
IP address blocks: 2001:df4:9340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170D3E/serialNumber=07F31B474713B3A152C6A5F8F48DED2097DC241F
Validity
Not Before: Nov 11 02:53:32 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=673171ac-e9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6e:e5:a3:b1:97:aa:b9:56:f4:00:8c:b3:af:
fa:46:0a:59:6e:31:5a:cb:67:ae:3b:b7:f5:c5:42:
a4:f4:64:f4:11:44:0b:b7:56:f4:99:e7:17:ce:dd:
ff:a6:d2:aa:67:f6:ff:d2:65:77:c0:7a:d3:3c:be:
37:9f:c6:72:aa:e7:a2:1c:62:11:db:d0:4d:32:70:
0a:e3:04:45:6d:6a:27:4e:46:81:24:f2:42:1e:e7:
3c:7b:d5:a1:28:01:3e:d5:5c:3c:ed:26:c6:ed:de:
96:dd:df:74:5e:0a:a7:fe:1c:3e:2e:3a:f1:13:6a:
f4:d5:d2:4c:d1:75:19:2e:0b:37:f1:2b:c5:94:21:
d8:a8:6c:ed:77:75:e3:b4:0b:9a:65:d0:00:e6:3b:
47:39:a7:62:eb:ea:ab:3a:f1:39:cb:69:73:61:87:
43:e9:2d:66:9a:fb:4d:67:d4:9b:70:ce:c7:13:00:
75:24:ff:a5:b7:a5:68:8e:f7:25:ed:10:1c:1b:de:
ed:71:10:b9:c6:af:9d:c1:a0:52:f1:73:ee:35:35:
4f:01:19:f9:9d:b7:ed:93:98:5f:f4:60:e8:88:94:
b8:3a:c3:99:df:82:68:8a:23:68:80:14:c5:91:8a:
db:2f:78:35:b9:2e:ed:b8:05:6a:49:ff:14:ae:c1:
09:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7E:FD:79:85:E6:FF:24:41:92:BE:DF:21:4A:AF:F2:8A:84:E4:3B
X509v3 Authority Key Identifier:
keyid:07:F3:1B:47:47:13:B3:A1:52:C6:A5:F8:F4:8D:ED:20:97:DC:24:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170D3E/BDEE9E249FD711EF9E38A837C4F9AE02/B_MbR0cTs6FSxqX49I3tIJfcJB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B_MbR0cTs6FSxqX49I3tIJfcJB8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170D3E/BDEE9E249FD711EF9E38A837C4F9AE02/232F490A9FD811EFA92BE338C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:9340::/48
Signature Algorithm: sha256WithRSAEncryption
7e:d2:aa:e6:9c:1a:cb:5c:c7:a9:75:aa:23:94:cc:34:1b:26:
25:f6:24:e5:98:86:65:c5:4b:b7:c6:c3:46:18:80:3b:cc:37:
dd:d6:b5:51:48:1a:d8:02:59:5a:b0:b1:84:3b:69:2f:35:2e:
90:5a:be:0c:eb:ec:cc:b1:3f:a1:93:aa:b0:8e:07:55:9d:69:
52:e8:b4:75:b9:e0:0b:61:a8:47:a8:48:ee:9f:fb:7d:a8:cf:
db:a1:aa:eb:93:e2:9f:75:66:fa:5f:87:85:2d:2f:b8:6b:99:
b3:06:1b:0e:8c:49:96:be:fd:2b:44:c5:05:d2:60:2d:7d:1b:
d4:fd:b7:84:7e:f8:2d:f2:4c:8b:59:f1:74:a9:9a:aa:82:99:
fb:30:14:c1:af:9b:7f:0c:5f:cf:a9:6e:f4:9c:33:30:5d:48:
86:ba:29:1b:25:cd:2b:33:2b:ab:0b:8a:ec:78:88:fc:96:92:
77:95:79:e7:be:0a:ce:3c:98:28:0f:f6:08:03:0b:4c:16:d7:
ee:d6:86:13:79:94:85:70:fd:b7:e0:bc:40:dd:91:4e:06:c0:
6d:64:0e:a4:8a:44:bd:32:6b:dd:56:38:1f:df:63:26:76:a9:
56:6f:f1:e4:d9:74:ec:d6:5b:27:28:8f:a6:c1:4e:2e:7b:68:
1a:8f:df:e5
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MEQzRTExMC8GA1UEBRMoMDdGMzFCNDc0NzEzQjNBMTUyQzZBNUY4RjQ4REVEMjA5
N0RDMjQxRjAeFw0yNDExMTEwMjUzMzJaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MzE3MWFjLWU5ZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHbuWjsZequVb0AIyzr/pGClluMVrLZ647t/XFQqT0ZPQRRAu3VvSZ5xfO3f+m
0qpn9v/SZXfAetM8vjefxnKq56IcYhHb0E0ycArjBEVtaidORoEk8kIe5zx71aEo
AT7VXDztJsbt3pbd33ReCqf+HD4uOvETavTV0kzRdRkuCzfxK8WUIdiobO13deO0
C5pl0ADmO0c5p2Lr6qs68TnLaXNhh0PpLWaa+01n1JtwzscTAHUk/6W3pWiO9yXt
EBwb3u1xELnGr53BoFLxc+41NU8BGfmdt+2TmF/0YOiIlLg6w5nfgmiKI2iAFMWR
itsveDW5Lu24BWpJ/xSuwQnZAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUJX79eYXm
/yRBkr7fIUqv8oqE5DswHwYDVR0jBBgwFoAUB/MbR0cTs6FSxqX49I3tIJfcJB8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRDNFL0JERUU5RTI0OUZE
NzExRUY5RTM4QTgzN0M0RjlBRTAyL0JfTWJSMGNUczZGU3hxWDQ5STN0SUpmY0pC
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQl9NYlIwY1RzNkZTeHFYNDlJM3RJSmZjSkI4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEQzRS9CREVFOUUyNDlGRDcxMUVGOUUzOEE4MzdDNEY5QUUwMi8yMzJGNDkwQTlG
RDgxMUVGQTkyQkUzMzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfSTQDANBgkqhkiG9w0BAQsFAAOCAQEAftKq5pway1zH
qXWqI5TMNBsmJfYk5ZiGZcVLt8bDRhiAO8w33da1UUga2AJZWrCxhDtpLzUukFq+
DOvszLE/oZOqsI4HVZ1pUui0dbngC2GoR6hI7p/7fajP26Gq65Pin3Vm+l+HhS0v
uGuZswYbDoxJlr79K0TFBdJgLX0b1P23hH74LfJMi1nxdKmaqoKZ+zAUwa+bfwxf
z6lu9JwzMF1IhropGyXNKzMrqwuK7HiI/JaSd5V5574KzjyYKA/2CAMLTBbX7taG
E3mUhXD9t+C8QN2RTgbAbWQOpIpEvTJr3VY4H99jJnapVm/x5Nl07NZbJyiPpsFO
LntoGo/f5Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:44:18 2025 by rpki-client