Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/4D189DD4728311EFA9CECE43C4F9AE02.roa
File: 4D189DD4728311EFA9CECE43C4F9AE02.roa (raw, json)
Hash identifier: Ge+55CQegGWCZISlkeWVyEDQbw8xhE1lFYLjXYnwl5I=
Subject key identifier: A2:C6:BE:BD:71:5B:EF:49:71:89:B2:9B:6A:91:EE:72:37:4B:E2:61
Certificate issuer: /CN=A91CEE85/serialNumber=BBE803FB757E0C47D32045452187B74AE27111F0
Certificate serial: 60
Authority key identifier: BB:E8:03:FB:75:7E:0C:47:D3:20:45:45:21:87:B7:4A:E2:71:11:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/4D189DD4728311EFA9CECE43C4F9AE02.roa
Signing time: Thu 09 Jan 2025 05:19:54 +0000
ROA not before: Thu 09 Jan 2025 05:19:54 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152317
IP address blocks: 2401:b760::/32 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96 (0x60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEE85/serialNumber=BBE803FB757E0C47D32045452187B74AE27111F0
Validity
Not Before: Jan 9 05:19:54 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677f5c7a-7e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:68:29:6d:8f:94:86:c7:4b:c1:03:f5:71:58:
0d:a7:c0:cc:d7:dc:6f:da:cb:58:ba:57:f8:d4:2a:
a9:e3:18:5e:1b:8f:08:36:e0:c3:2f:22:82:8f:e7:
ed:e0:72:2d:87:f0:21:bd:5f:9e:2c:6a:c6:b9:c6:
1f:34:98:2f:37:96:19:05:b3:1c:ba:e3:f1:bd:2a:
d3:fb:af:30:ed:06:c0:5f:95:1d:12:99:80:99:40:
42:0f:ad:fe:5d:f2:1f:83:11:4a:cc:6d:97:35:ee:
61:13:ee:ea:62:4b:da:5b:71:d6:37:86:83:97:44:
2e:b6:be:2f:b3:6a:16:07:6f:65:73:1d:48:b2:d1:
e5:25:87:e1:cb:d8:31:c1:50:01:2b:d8:8a:d9:0b:
94:ce:ae:d0:47:f0:c4:ba:65:4e:b8:c0:47:f6:46:
05:17:41:35:5a:13:7e:71:da:59:1f:d1:26:c7:3f:
3e:57:5d:23:ea:25:df:c8:f4:cc:ba:89:ad:ce:87:
b5:c7:8d:ce:e1:89:15:f6:0b:ab:08:4c:36:52:76:
f2:bd:06:ff:02:56:0f:96:80:95:7b:d4:94:3a:ae:
35:3d:d3:66:52:e3:23:36:99:1d:a1:7a:0e:82:97:
18:fd:0a:ed:a2:a9:e6:3b:6f:41:cc:84:4f:65:3c:
80:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C6:BE:BD:71:5B:EF:49:71:89:B2:9B:6A:91:EE:72:37:4B:E2:61
X509v3 Authority Key Identifier:
keyid:BB:E8:03:FB:75:7E:0C:47:D3:20:45:45:21:87:B7:4A:E2:71:11:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/4D189DD4728311EFA9CECE43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:b760::/32
Signature Algorithm: sha256WithRSAEncryption
66:53:95:4c:85:9e:b3:78:a1:56:88:6e:15:78:53:19:85:ce:
8a:9e:65:c2:5a:7b:9f:b5:ab:b9:89:43:b8:dd:57:c2:73:37:
50:60:e7:ab:3c:42:a0:87:ec:0c:de:3e:19:1b:7b:10:43:aa:
86:c4:63:7d:79:aa:05:a1:a0:50:f4:9c:0f:c5:b1:6f:3e:e8:
63:e1:15:14:ba:f5:b4:af:5a:99:03:57:e3:61:d1:b9:89:ca:
b5:6d:60:30:54:0d:ca:a9:73:68:25:be:62:87:af:99:1b:56:
96:83:a6:9b:78:f7:0f:5b:cc:67:02:6c:7d:ac:4c:f4:5d:76:
0b:4e:4f:2d:5f:03:a7:83:66:c5:87:99:91:8a:4b:3e:11:9e:
5b:cb:6f:f6:eb:f7:2f:b9:8d:e8:a9:92:e8:e0:1b:41:81:31:
06:31:15:d3:98:93:f6:73:dc:3a:43:2f:ab:96:aa:3d:31:d6:
70:c3:bf:6a:2c:af:5d:2a:be:81:ae:71:1e:55:24:70:c4:dc:
26:71:b1:e7:b1:82:05:8f:56:43:61:3f:84:f7:36:9f:d7:09:
bb:ff:b6:16:1b:80:20:de:8f:d4:ab:8e:b0:6e:ca:65:2c:68:
cc:f0:22:07:e6:6e:30:91:aa:5b:54:6d:68:b9:02:19:4b:fb:
2a:99:93:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBYDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUU4NTExMC8GA1UEBRMoQkJFODAzRkI3NTdFMEM0N0QzMjA0NTQ1MjE4N0I3NEFF
MjcxMTFGMDAeFw0yNTAxMDkwNTE5NTRaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3N2Y1YzdhLTdlNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCaCltj5SGx0vBA/VxWA2nwMzX3G/ay1i6V/jUKqnjGF4bjwg24MMvIoKP5+3g
ci2H8CG9X54sasa5xh80mC83lhkFsxy64/G9KtP7rzDtBsBflR0SmYCZQEIPrf5d
8h+DEUrMbZc17mET7upiS9pbcdY3hoOXRC62vi+zahYHb2VzHUiy0eUlh+HL2DHB
UAEr2IrZC5TOrtBH8MS6ZU64wEf2RgUXQTVaE35x2lkf0SbHPz5XXSPqJd/I9My6
ia3Oh7XHjc7hiRX2C6sITDZSdvK9Bv8CVg+WgJV71JQ6rjU902ZS4yM2mR2heg6C
lxj9Cu2iqeY7b0HMhE9lPID/AgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUosa+vXFb
70lxibKbapHucjdL4mEwHwYDVR0jBBgwFoAUu+gD+3V+DEfTIEVFIYe3SuJxEfAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFRTg1LzA1QTdDRTY4NDVB
RTExRUZCNDM1RUI2RkM0RjlBRTAyL3UtZ0QtM1YtREVmVElFVkZJWWUzU3VKeEVm
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdS1nRC0zVi1ERWZUSUVWRklZZTNTdUp4RWZBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUU4NS8wNUE3Q0U2ODQ1QUUxMUVGQjQzNUVCNkZDNEY5QUUwMi80RDE4OURENDcy
ODMxMUVGQTlDRUNFNDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBt2AwDQYJKoZIhvcNAQELBQADggEBAGZTlUyFnrN4oVaI
bhV4UxmFzoqeZcJae5+1q7mJQ7jdV8JzN1Bg56s8QqCH7AzePhkbexBDqobEY315
qgWhoFD0nA/FsW8+6GPhFRS69bSvWpkDV+Nh0bmJyrVtYDBUDcqpc2glvmKHr5kb
VpaDppt49w9bzGcCbH2sTPRddgtOTy1fA6eDZsWHmZGKSz4RnlvLb/br9y+5jeip
kujgG0GBMQYxFdOYk/Zz3DpDL6uWqj0x1nDDv2osr10qvoGucR5VJHDE3CZxseex
ggWPVkNhP4T3Np/XCbv/thYbgCDej9SrjrBuymUsaMzwIgfmbjCRqltUbWi5AhlL
+yqZkzA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 20:20:09 2025 by rpki-client