Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2CCE39A0B94411EFB9819B2CC4F9AE02.roa
File: 2CCE39A0B94411EFB9819B2CC4F9AE02.roa (raw, json)
Hash identifier: pSJkiK2lHGmsgojnMtxla1ciO8Lx8AgLJ/g9c8mzsLo=
Subject key identifier: 4F:78:A2:E8:66:9D:72:C5:43:60:5E:84:1F:6C:A0:16:A0:92:21:A0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9F18
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2CCE39A0B94411EFB9819B2CC4F9AE02.roa
Signing time: Fri 13 Dec 2024 11:19:53 +0000
ROA not before: Fri 13 Dec 2024 11:19:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151108
IP address blocks: 2401:1e20::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40728 (0x9f18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 13 11:19:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=675c1859-97a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9d:32:fa:6c:9d:dd:2d:11:35:e8:2f:23:d6:
e0:2f:d7:93:df:85:3e:ba:d7:fe:d1:30:7d:f1:9f:
59:4f:b6:44:4e:2e:0a:c7:58:76:ba:b1:fc:31:23:
f0:33:5d:d0:a4:5c:36:ba:25:fa:23:f8:c4:99:66:
61:e5:bc:86:64:da:8b:55:a7:08:88:96:0d:4a:d4:
78:55:ee:1f:9b:58:62:3a:c2:18:b2:21:2f:97:1f:
e4:a3:68:34:d1:ff:7d:a0:01:0e:bc:ad:fb:2b:1a:
44:46:b0:fb:db:a3:4c:72:64:0a:c7:3e:44:c4:e1:
2b:e1:f2:ad:36:6c:0d:95:78:54:9c:97:c9:f9:02:
99:68:57:d2:94:6d:04:3b:16:8e:27:60:dd:dd:a2:
c1:2a:49:0b:ee:9f:7b:07:12:98:38:7e:fc:bd:ab:
74:54:a4:0f:61:f4:68:73:32:56:9e:4a:59:75:f6:
87:30:1c:87:6e:cf:d6:bc:2b:f6:19:3d:66:40:fb:
79:5a:55:6b:bf:d8:8a:63:ea:a0:1e:d9:87:d8:21:
c7:e3:d5:1e:4f:3c:8b:20:3a:66:48:8f:b1:05:6c:
1b:16:ea:0c:91:64:10:37:87:c7:41:48:c0:e6:6f:
bd:3d:e6:7d:1f:81:f2:e1:2d:6a:cf:12:c8:e2:c2:
2a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:78:A2:E8:66:9D:72:C5:43:60:5E:84:1F:6C:A0:16:A0:92:21:A0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2CCE39A0B94411EFB9819B2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:1e20::/32
Signature Algorithm: sha256WithRSAEncryption
93:52:dd:91:b8:b3:04:0f:3c:83:91:7b:15:ab:c5:32:58:8c:
d0:dc:b8:95:4c:41:37:d9:ab:04:e2:5b:6d:62:aa:47:e8:f5:
fb:5b:f9:49:d6:63:55:60:7e:89:b4:d5:f1:66:99:69:11:2b:
3a:40:d7:bc:63:a6:b9:14:db:68:7d:f3:93:20:1a:78:b6:ca:
d0:39:b8:df:f8:90:97:9e:ae:df:c0:e5:50:ad:63:d2:fc:2b:
30:c6:e7:b5:e7:d9:4c:50:37:9e:7d:66:3a:c4:19:29:49:2d:
c0:79:3d:3f:a9:aa:94:b9:f1:85:3a:f8:f6:fe:6c:cb:80:c7:
e5:6b:ec:64:bf:9b:99:4d:0c:51:19:bb:5d:1f:08:26:be:c8:
b0:e8:4e:36:29:98:b2:f2:39:d3:02:6f:e7:20:05:0e:46:88:
b6:a7:62:78:d1:38:81:a9:8a:e4:5d:b1:fe:d1:1a:11:60:01:
f2:ca:a1:01:bf:29:a6:a8:6b:17:af:d1:f2:a4:98:1b:46:3a:
8b:f6:37:b0:d6:70:bd:ec:6b:00:58:90:84:90:b9:47:e0:94:
16:41:be:d8:46:d5:59:04:1f:a7:9e:81:75:00:1d:55:e0:9b:
bb:8e:c0:c6:cf:18:b8:54:c5:b7:98:96:60:3f:eb:27:ad:e7:
e5:a0:66:14
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIDAJ8YMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIxMzExMTk1M1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc1YzE4NTktOTdhMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2dMvpsnd0tETXoLyPW4C/Xk9+FPrrX/tEwffGfWU+2RE4uCsdYdrqx/DEj
8DNd0KRcNrol+iP4xJlmYeW8hmTai1WnCIiWDUrUeFXuH5tYYjrCGLIhL5cf5KNo
NNH/faABDryt+ysaREaw+9ujTHJkCsc+RMThK+HyrTZsDZV4VJyXyfkCmWhX0pRt
BDsWjidg3d2iwSpJC+6fewcSmDh+/L2rdFSkD2H0aHMyVp5KWXX2hzAch27P1rwr
9hk9ZkD7eVpVa7/YimPqoB7Zh9ghx+PVHk88iyA6ZkiPsQVsGxbqDJFkEDeHx0FI
wOZvvT3mfR+B8uEtas8SyOLCKqECAwEAAaOCApYwggKSMB0GA1UdDgQWBBRPeKLo
Zp1yxUNgXoQfbKAWoJIhoDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJDQ0UzOUEw
Qjk0NDExRUZCOTgxOUIyQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCAGCCsGAQUFBwEHAQH/
BBEwDzANBAIAAjAHAwUAJAEeIDANBgkqhkiG9w0BAQsFAAOCAQEAk1LdkbizBA88
g5F7FavFMliM0Ny4lUxBN9mrBOJbbWKqR+j1+1v5SdZjVWB+ibTV8WaZaRErOkDX
vGOmuRTbaH3zkyAaeLbK0Dm43/iQl56u38DlUK1j0vwrMMbntefZTFA3nn1mOsQZ
KUktwHk9P6mqlLnxhTr49v5sy4DH5WvsZL+bmU0MURm7XR8IJr7IsOhONimYsvI5
0wJv5yAFDkaItqdieNE4gamK5F2x/tEaEWAB8sqhAb8ppqhrF6/R8qSYG0Y6i/Y3
sNZwvexrAFiQhJC5R+CUFkG+2EbVWQQfp56BdQAdVeCbu47Axs8YuFTFt5iWYD/r
J63n5aBmFA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:15:59 2025 by rpki-client