Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/364089B4D75511EF80E68A39C4F9AE02.roa
File: 364089B4D75511EF80E68A39C4F9AE02.roa (raw, json)
Hash identifier: +GfFG8a92/6/e1SPONilMIvPHcJ1t193OnonNOBg/KI=
Subject key identifier: E1:B6:ED:28:82:32:86:20:A3:32:5B:DB:81:DB:7B:F1:C6:C8:76:1A
Certificate issuer: /CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24
Certificate serial: 067E
Authority key identifier: EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/364089B4D75511EF80E68A39C4F9AE02.roa
Signing time: Mon 20 Jan 2025 17:37:26 +0000
ROA not before: Mon 20 Jan 2025 17:37:26 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 967
IP address blocks: 2401:e9e0:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1662 (0x67e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24
Validity
Not Before: Jan 20 17:37:26 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=678e89d5-8fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:36:d9:a9:07:fe:7f:75:10:78:f7:d2:d9:18:
00:f8:15:39:8e:f1:bd:50:d5:1b:45:37:35:aa:e3:
ec:cd:9a:27:44:fc:a8:f2:ea:f6:bc:c6:4d:a5:87:
b8:b0:e7:72:1a:60:08:b9:46:f7:a3:5f:63:5a:4d:
af:29:ab:6e:78:3d:03:ba:a4:b0:f4:4a:89:95:34:
62:8f:a8:ee:48:9c:4d:ae:f1:3b:25:a7:c5:53:b6:
c1:c9:9e:94:9b:47:c2:3a:d5:e5:5e:b6:16:a0:39:
09:eb:8b:b8:a2:82:a9:e1:bf:64:d3:f1:6b:6f:ff:
15:0b:78:3c:0b:f6:a1:60:b2:60:03:9f:30:68:c8:
88:bf:18:c1:7a:f2:c3:d6:e8:c9:06:df:a3:0d:7b:
a0:a2:42:ca:84:15:05:5d:67:01:af:82:53:d4:4a:
4d:37:90:d2:8f:3b:86:4c:35:46:f7:49:3a:0d:16:
a9:9a:96:43:1b:7e:3c:46:c1:27:66:2d:00:61:f6:
8c:a6:8e:1e:6a:2c:30:ac:0f:16:f1:da:2d:58:07:
ca:9c:2b:c4:0e:63:cb:87:c4:91:c6:96:37:8b:45:
d1:71:74:00:b2:7d:22:0d:24:40:80:b4:ee:95:98:
90:5b:fc:bc:fa:f6:9a:f2:e8:13:a0:a0:e3:99:a4:
8e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B6:ED:28:82:32:86:20:A3:32:5B:DB:81:DB:7B:F1:C6:C8:76:1A
X509v3 Authority Key Identifier:
keyid:EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/364089B4D75511EF80E68A39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e9e0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
89:79:29:a0:c9:7d:15:74:ee:f2:c0:ce:ad:ef:95:32:18:1b:
20:d1:11:de:55:d3:d1:8c:bc:dc:35:0d:d1:2c:40:b6:0c:24:
54:35:01:92:af:6c:b5:bc:a5:41:f3:58:b2:2b:4f:9b:85:94:
42:d7:2e:1b:c6:79:1b:42:99:14:c3:e3:2d:99:fd:a7:19:ef:
89:6a:b3:83:55:2c:79:c2:16:a5:70:f6:3b:8b:34:43:32:cb:
e5:cf:f1:b2:70:9d:3d:4c:ad:d9:55:71:1d:cc:15:cf:1a:23:
83:5d:4c:2e:09:ce:ba:31:a1:81:6b:d9:3c:4e:47:ad:b7:e7:
70:4a:57:22:7e:71:16:2f:69:c0:b8:5c:45:e4:d6:ad:76:df:
e3:de:da:09:d6:bb:fe:38:b7:29:0b:81:b7:32:9c:5a:e9:c4:
bb:12:aa:b8:a9:51:e5:41:80:3d:fe:f4:ee:b1:9a:c1:f0:04:
c3:cf:0b:c3:87:7c:ce:0e:d4:00:73:ad:1d:fd:bd:d3:bf:6f:
44:e3:53:54:8b:82:31:4a:49:27:be:cf:61:f0:d1:8c:1d:e5:
ee:33:be:86:22:aa:0d:74:4e:06:ee:8b:df:a1:93:01:5b:c3:
4f:7f:2e:73:fc:47:34:49:c3:cd:e9:5b:9f:6b:7f:fe:c3:39:
06:d2:1c:e2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICBn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJCNEQxMTAvBgNVBAUTKEVGNDAzNjQzRUE5ODIwQUU2RDlENjIyRjlBRUZEN0E0
QzkxNTRGMjQwHhcNMjUwMTIwMTczNzI2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhlODlkNS04ZmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzbZqQf+f3UQePfS2RgA+BU5jvG9UNUbRTc1quPszZonRPyo8ur2vMZNpYe4
sOdyGmAIuUb3o19jWk2vKatueD0DuqSw9EqJlTRij6juSJxNrvE7JafFU7bByZ6U
m0fCOtXlXrYWoDkJ64u4ooKp4b9k0/Frb/8VC3g8C/ahYLJgA58waMiIvxjBevLD
1ujJBt+jDXugokLKhBUFXWcBr4JT1EpNN5DSjzuGTDVG90k6DRapmpZDG348RsEn
Zi0AYfaMpo4eaiwwrA8W8dotWAfKnCvEDmPLh8SRxpY3i0XRcXQAsn0iDSRAgLTu
lZiQW/y8+vaa8ugToKDjmaSOtwIDAQABo4IClzCCApMwHQYDVR0OBBYEFOG27SiC
MoYgozJb24Hbe/HGyHYaMB8GA1UdIwQYMBaAFO9ANkPqmCCubZ1iL5rv16TJFU8k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkI0RC9DQTU2M0JFODY1
MjIxMUVCODBGNkU5NEJDNEY5QUUwMi83MEEyUS1xWUlLNXRuV0l2bXVfWHBNa1ZU
eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcwQTJRLXFZSUs1dG5XSXZtdV9YcE1rVlR5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJCNEQvQ0E1NjNCRTg2NTIyMTFFQjgwRjZFOTRCQzRGOUFFMDIvMzY0MDg5QjRE
NzU1MTFFRjgwRTY4QTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgQkAengEDANBgkqhkiG9w0BAQsFAAOCAQEAiXkpoMl9FXTu
8sDOre+VMhgbINER3lXT0Yy83DUN0SxAtgwkVDUBkq9stbylQfNYsitPm4WUQtcu
G8Z5G0KZFMPjLZn9pxnviWqzg1UsecIWpXD2O4s0QzLL5c/xsnCdPUyt2VVxHcwV
zxojg11MLgnOujGhgWvZPE5HrbfncEpXIn5xFi9pwLhcReTWrXbf497aCda7/ji3
KQuBtzKcWunEuxKquKlR5UGAPf707rGawfAEw88Lw4d8zg7UAHOtHf29079vRONT
VIuCMUpJJ77PYfDRjB3l7jO+hiKqDXROBu6L36GTAVvDT38uc/xHNEnDzelbn2t/
/sM5BtIc4g==
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:34:35 2025 by rpki-client