Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/62A13EA8C2BB11EFB6DDD916C4F9AE02.roa
File: 62A13EA8C2BB11EFB6DDD916C4F9AE02.roa (raw, json)
Hash identifier: hcHOPLuMNkisewopR+NQ3tc+D2wfV1ZacOTrWXXFxCE=
Subject key identifier: E6:A1:20:3A:E8:B9:7D:D9:23:8B:3A:97:28:86:25:A0:A0:08:2C:C1
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 48F3
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/62A13EA8C2BB11EFB6DDD916C4F9AE02.roa
Signing time: Wed 25 Dec 2024 12:25:54 +0000
ROA not before: Wed 25 Dec 2024 12:25:54 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 152935
IP address blocks: 2001:df4:b840::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18675 (0x48f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Dec 25 12:25:54 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=676bf9d2-ff00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:77:b2:6a:fb:63:46:b3:7d:7d:74:55:99:98:
17:2a:f6:96:55:2d:c0:b8:dc:00:f0:c1:e7:41:96:
ca:77:fa:ec:57:4c:db:44:e8:92:82:4a:2b:b8:68:
1d:a2:db:78:b7:6c:da:3d:0c:f4:98:c1:8b:d6:63:
2d:b8:2e:0a:20:dc:b1:88:55:27:db:c8:f0:54:6e:
db:a7:9e:dc:64:a2:14:5c:f2:83:9d:98:a9:f5:e7:
8f:03:c3:5f:d0:f1:84:43:47:d4:77:6a:26:4d:a6:
4b:c3:19:ca:cc:82:47:c0:2a:6e:b7:80:33:70:52:
c1:5d:b6:d7:13:ce:b2:1f:ef:4c:30:52:82:68:06:
8c:77:15:97:07:52:e7:73:a3:d9:0b:0f:95:a5:dd:
72:66:19:1b:a5:bf:e3:3c:2b:7f:15:19:aa:d2:a2:
02:1b:ba:c0:5d:98:b1:8e:1d:de:ef:31:b7:d6:34:
b4:1b:db:42:39:b9:62:3a:9e:2b:2c:e1:93:ec:a5:
70:b9:c3:17:cc:a0:49:fc:12:33:d8:8c:27:52:be:
c3:3b:60:6d:3f:47:66:13:19:9e:87:13:bd:e3:fc:
8d:41:c5:6f:6a:5d:b7:1d:08:7c:82:bc:e8:29:f4:
6c:04:61:5b:de:4f:02:ec:4c:c7:ca:c8:10:a5:4a:
54:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A1:20:3A:E8:B9:7D:D9:23:8B:3A:97:28:86:25:A0:A0:08:2C:C1
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/62A13EA8C2BB11EFB6DDD916C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:b840::/48
Signature Algorithm: sha256WithRSAEncryption
ae:94:a8:c4:ca:f3:1a:59:f5:5f:95:9f:4b:d8:37:87:5e:a5:
c7:cf:08:0c:20:84:6f:e1:6d:c7:fe:a7:e9:ee:17:b8:19:9d:
ac:84:8d:17:52:01:02:13:a0:b9:c5:e0:07:3e:cc:3e:46:2d:
6f:9f:b7:53:a6:c5:9e:8e:7f:49:c2:81:b6:5f:80:80:aa:ad:
3f:3e:89:50:3c:11:71:40:e9:d0:37:3c:f6:ac:f6:09:66:3a:
15:12:51:07:d8:51:fe:39:e1:39:ab:be:98:84:23:63:0a:43:
48:cb:61:b6:14:f1:65:29:35:21:56:10:97:59:3c:21:00:c7:
9d:20:54:92:39:e4:7f:b3:95:b7:16:b9:7c:b8:19:fc:45:14:
ed:bd:7b:d3:6a:de:35:cc:7f:17:77:8e:3b:82:7e:f6:96:d4:
d8:1a:55:ff:e6:3a:bc:9a:aa:f2:d7:f8:b3:af:a7:c6:64:91:
02:2e:56:16:64:a6:bd:21:c6:b8:05:a9:65:05:22:0e:81:36:
74:a9:59:16:01:9a:47:01:6c:3f:ca:d7:47:25:c0:1e:f2:f6:
bd:56:f9:3f:d4:09:56:12:37:c1:16:2e:86:b1:1e:bb:ee:53:
b0:a6:17:96:50:f4:d5:86:24:e0:c9:4a:51:17:10:9e:3a:6e:
81:09:c3:a7
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICSPMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMjI1MTIyNTU0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiZjlkMi1mZjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxXeyavtjRrN9fXRVmZgXKvaWVS3AuNwA8MHnQZbKd/rsV0zbROiSgkoruGgd
ott4t2zaPQz0mMGL1mMtuC4KINyxiFUn28jwVG7bp57cZKIUXPKDnZip9eePA8Nf
0PGEQ0fUd2omTaZLwxnKzIJHwCput4AzcFLBXbbXE86yH+9MMFKCaAaMdxWXB1Ln
c6PZCw+Vpd1yZhkbpb/jPCt/FRmq0qICG7rAXZixjh3e7zG31jS0G9tCObliOp4r
LOGT7KVwucMXzKBJ/BIz2IwnUr7DO2BtP0dmExmehxO94/yNQcVval23HQh8grzo
KfRsBGFb3k8C7EzHysgQpUpU9wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFOahIDro
uX3ZI4s6lyiGJaCgCCzBMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNjJBMTNFQThD
MkJCMTFFRkI2REREOTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ30uEAwDQYJKoZIhvcNAQELBQADggEBAK6UqMTK8xpZ
9V+Vn0vYN4depcfPCAwghG/hbcf+p+nuF7gZnayEjRdSAQIToLnF4Ac+zD5GLW+f
t1OmxZ6Of0nCgbZfgICqrT8+iVA8EXFA6dA3PPas9glmOhUSUQfYUf454TmrvpiE
I2MKQ0jLYbYU8WUpNSFWEJdZPCEAx50gVJI55H+zlbcWuXy4GfxFFO29e9Nq3jXM
fxd3jjuCfvaW1NgaVf/mOryaqvLX+LOvp8ZkkQIuVhZkpr0hxrgFqWUFIg6BNnSp
WRYBmkcBbD/K10clwB7y9r1W+T/UCVYSN8EWLoaxHrvuU7CmF5ZQ9NWGJODJSlEX
EJ46boEJw6c=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:02:34 2025 by rpki-client