Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/12004368A41611EFA0D7CD42C4F9AE02.roa
File: 12004368A41611EFA0D7CD42C4F9AE02.roa (raw, json)
Hash identifier: 9YzGJkxen0bF7ZOSO15+u2xKU2H/RKyzN947mBYbnYU=
Subject key identifier: 74:66:BF:5D:18:B4:6C:B9:A0:00:A6:0B:AB:E7:E9:9D:39:EE:79:4C
Certificate issuer: /CN=A9171BF0/serialNumber=DB3DFD86CEBFEAED3AAF15DEAEE6965234746A29
Certificate serial: 02
Authority key identifier: DB:3D:FD:86:CE:BF:EA:ED:3A:AF:15:DE:AE:E6:96:52:34:74:6A:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2z39hs6_6u06rxXeruaWUjR0aik.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/12004368A41611EFA0D7CD42C4F9AE02.roa
Signing time: Sat 16 Nov 2024 12:26:57 +0000
ROA not before: Sat 16 Nov 2024 12:26:57 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 153399
IP address blocks: 2401:d520::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171BF0/serialNumber=DB3DFD86CEBFEAED3AAF15DEAEE6965234746A29
Validity
Not Before: Nov 16 12:26:57 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67388f91-9a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d1:26:f3:97:9e:df:ff:ae:31:af:8c:f7:d4:
ff:25:24:5f:76:06:b5:ea:a2:4f:65:15:af:1d:1c:
9b:5b:e1:92:ed:70:29:ad:c3:7d:27:f6:c1:9b:05:
8b:e9:0d:58:13:33:c3:e6:0e:22:c8:85:a6:62:bb:
74:43:b0:6a:f2:fc:bb:a4:94:08:32:f8:52:ca:4a:
db:ea:e5:7d:04:7a:a4:5d:8f:9b:a8:c7:18:a7:5b:
20:a7:51:06:0d:1f:8c:5e:1f:7e:5f:41:27:cf:4c:
24:8a:6e:57:0b:76:f9:b6:f4:26:da:0e:15:1b:fb:
03:87:92:cc:e0:37:35:3e:d3:5e:fc:92:48:4a:80:
db:6a:6f:37:05:e9:73:37:3e:84:0d:9a:33:36:50:
b4:07:a8:4c:cf:ed:a5:ac:42:7d:e2:2f:e4:e3:a3:
4b:6b:d6:88:e8:8f:1a:73:b4:04:d6:b8:f8:fa:14:
5b:ac:b4:3c:89:18:a7:a5:d7:6a:e8:58:e2:f4:13:
a7:b9:6a:24:e9:73:e4:23:71:0f:e7:32:c9:ab:2c:
9a:c4:de:ba:39:47:15:5f:58:ec:a3:58:57:b7:8f:
d3:98:a4:f6:8e:34:00:d3:9f:8c:e7:70:af:4e:32:
5e:0c:dc:a3:0d:5e:2c:39:d2:81:7c:32:77:4f:86:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:66:BF:5D:18:B4:6C:B9:A0:00:A6:0B:AB:E7:E9:9D:39:EE:79:4C
X509v3 Authority Key Identifier:
keyid:DB:3D:FD:86:CE:BF:EA:ED:3A:AF:15:DE:AE:E6:96:52:34:74:6A:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/2z39hs6_6u06rxXeruaWUjR0aik.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2z39hs6_6u06rxXeruaWUjR0aik.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171BF0/A78F1B12A41511EFA14FBD3FC4F9AE02/12004368A41611EFA0D7CD42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:d520::/32
Signature Algorithm: sha256WithRSAEncryption
46:10:a5:0c:fc:fe:d5:90:62:ba:76:58:9d:2c:f0:d4:03:01:
3d:65:d9:0c:08:78:5e:f7:e3:d5:ab:0a:5f:d3:a9:f3:f9:d7:
96:ed:ba:6c:4f:43:d9:00:77:9a:3c:31:a9:9e:aa:a5:44:b8:
11:af:d5:63:35:7c:7e:8b:2c:2c:65:b0:7d:23:ea:e5:8e:04:
18:78:c9:c2:83:5f:4d:f2:76:0c:8d:e3:6c:38:92:db:9a:5e:
37:8e:3f:1b:e0:65:12:5c:9b:f0:73:aa:42:fc:11:80:15:80:
e6:31:e4:5f:91:4f:99:34:5e:61:2f:15:77:5c:f0:cd:c7:a5:
46:65:5c:08:d8:06:64:e3:6c:85:1e:29:89:39:1d:fc:21:5d:
4b:b2:aa:e6:26:08:4e:cd:63:e9:96:15:64:ec:b5:d5:e4:1d:
f8:f0:59:73:ee:9a:2d:d2:a2:3a:e7:61:71:da:0d:94:53:eb:
b4:3c:37:e4:5d:53:50:68:6a:8e:92:8f:d0:cc:aa:2b:60:8d:
c4:c3:23:ba:09:e9:37:db:a0:89:b3:7d:f7:7b:ea:b6:0b:3e:
5a:9e:1c:31:c5:d1:b3:8a:92:bd:1f:44:06:b1:3f:ed:98:93:
74:4e:1f:37:81:d6:a4:1c:83:1a:fd:81:fd:2b:10:51:0a:ee:
8a:00:90:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MUJGMDExMC8GA1UEBRMoREIzREZEODZDRUJGRUFFRDNBQUYxNURFQUVFNjk2NTIz
NDc0NkEyOTAeFw0yNDExMTYxMjI2NTdaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Mzg4ZjkxLTlhMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDW0Sbzl57f/64xr4z31P8lJF92BrXqok9lFa8dHJtb4ZLtcCmtw30n9sGbBYvp
DVgTM8PmDiLIhaZiu3RDsGry/LuklAgy+FLKStvq5X0EeqRdj5uoxxinWyCnUQYN
H4xeH35fQSfPTCSKblcLdvm29CbaDhUb+wOHkszgNzU+0178kkhKgNtqbzcF6XM3
PoQNmjM2ULQHqEzP7aWsQn3iL+Tjo0tr1ojojxpztATWuPj6FFustDyJGKel12ro
WOL0E6e5aiTpc+QjcQ/nMsmrLJrE3ro5RxVfWOyjWFe3j9OYpPaONADTn4zncK9O
Ml4M3KMNXiw50oF8MndPho33AgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUdGa/XRi0
bLmgAKYLq+fpnTnueUwwHwYDVR0jBBgwFoAU2z39hs6/6u06rxXeruaWUjR0aikw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcxQkYwL0E3OEYxQjEyQTQx
NTExRUZBMTRGQkQzRkM0RjlBRTAyLzJ6MzloczZfNnUwNnJ4WGVydWFXVWpSMGFp
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMnozOWhzNl82dTA2cnhYZXJ1YVdValIwYWlrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MUJGMC9BNzhGMUIxMkE0MTUxMUVGQTE0RkJEM0ZDNEY5QUUwMi8xMjAwNDM2OEE0
MTYxMUVGQTBEN0NENDJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQB1SAwDQYJKoZIhvcNAQELBQADggEBAEYQpQz8/tWQYrp2
WJ0s8NQDAT1l2QwIeF7349WrCl/TqfP515btumxPQ9kAd5o8MameqqVEuBGv1WM1
fH6LLCxlsH0j6uWOBBh4ycKDX03ydgyN42w4ktuaXjeOPxvgZRJcm/BzqkL8EYAV
gOYx5F+RT5k0XmEvFXdc8M3HpUZlXAjYBmTjbIUeKYk5HfwhXUuyquYmCE7NY+mW
FWTstdXkHfjwWXPumi3SojrnYXHaDZRT67Q8N+RdU1Boao6Sj9DMqitgjcTDI7oJ
6TfboImzffd76rYLPlqeHDHF0bOKkr0fRAaxP+2Yk3ROHzeB1qQcgxr9gf0rEFEK
7ooAkDQ=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:17:20 2025 by rpki-client