Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/D46B2C087F8711EC81E76A59C4F9AE02.roa
File: D46B2C087F8711EC81E76A59C4F9AE02.roa (raw, json)
Hash identifier: 2EXYCICBvAeJltk6VH8XYxe2JtqWcKEjv0iqiczQGfw=
Subject key identifier: 4B:0B:F6:98:30:0B:25:C9:93:CD:D6:E1:71:2D:5B:1A:44:50:AA:53
Certificate issuer: /CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
Certificate serial: 0331
Authority key identifier: C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/D46B2C087F8711EC81E76A59C4F9AE02.roa
Signing time: Fri 01 Mar 2024 03:05:07 +0000
ROA not before: Fri 01 Mar 2024 03:05:07 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 149476
IP address blocks: 2400:54a0::/48 maxlen: 48
2400:54a0:1004::/48 maxlen: 48
2400:54a0:1030::/48 maxlen: 48
2400:54a0:2040::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 817 (0x331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
Validity
Not Before: Mar 1 03:05:07 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e145e3-cf1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ea:9c:b6:74:a1:3c:74:99:26:d4:9f:d1:2d:
5b:64:14:00:88:b1:bd:cb:ca:18:07:45:5d:84:61:
62:d0:8f:7c:a2:bb:4c:e4:eb:3e:25:b3:89:d0:e9:
94:ff:7a:c6:3e:80:d3:f2:f8:ad:1d:2c:f0:a8:6c:
fe:e7:d5:05:b1:9c:c1:1c:a6:e5:3d:c5:ef:1c:62:
42:d1:4a:31:01:96:76:ad:f1:ff:e9:87:06:1c:59:
fd:3a:b4:56:ce:67:88:e6:3f:4d:c7:71:9d:5b:31:
33:bf:1b:a5:b8:18:cd:b2:b8:07:d0:91:40:58:3d:
cf:43:43:93:f6:f6:07:b4:86:29:d7:e8:e2:4d:0d:
cc:d2:75:bc:18:76:3d:b6:36:68:8e:87:e0:46:d5:
51:d9:98:5e:f7:be:f4:9f:4d:50:4c:eb:c3:3f:22:
8e:d2:8d:fc:4a:ed:36:9a:9d:10:c4:d6:af:f3:f6:
da:3e:de:88:3d:07:10:6e:cc:6e:a5:14:e8:8b:00:
f3:38:a2:44:dd:be:f9:6e:52:34:53:8b:d7:fe:33:
80:03:70:89:0d:d3:81:28:50:ba:f9:7e:4e:8f:96:
df:da:2d:78:dd:04:e4:63:d7:74:e0:55:af:fa:03:
cd:a2:fd:b9:d9:e0:4d:4f:7a:5d:10:12:76:65:ae:
9c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0B:F6:98:30:0B:25:C9:93:CD:D6:E1:71:2D:5B:1A:44:50:AA:53
X509v3 Authority Key Identifier:
keyid:C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/xuq-uT4dBuLDLhxMvhR8-zmZJTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/D46B2C087F8711EC81E76A59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:54a0::/48
2400:54a0:1004::/48
2400:54a0:1030::/48
2400:54a0:2040::/44
Signature Algorithm: sha256WithRSAEncryption
6f:03:9f:16:8e:af:52:26:a2:76:d2:4d:d9:bc:7f:68:2b:f3:
03:bc:4f:60:bd:5f:53:6d:e2:4f:77:a8:4a:73:9d:10:59:ce:
d7:61:53:e8:8c:d0:b4:ef:65:53:2a:91:2b:a5:7f:2f:0c:de:
36:fb:a8:bb:67:95:66:59:63:83:e5:98:b3:5c:d1:4d:89:cf:
3d:0e:99:76:ab:79:b8:73:30:72:d9:c4:d4:63:ae:97:6d:00:
a8:81:aa:26:9b:59:ba:d3:26:4b:c6:24:a6:7e:f3:fe:23:9a:
ee:0d:9d:2f:7d:f4:f3:5f:96:79:5b:9b:f5:3a:84:c5:8f:c1:
c7:09:10:be:6f:3b:27:73:3f:f5:90:1f:1f:8f:cc:9e:0a:3c:
5d:8f:bb:ad:77:43:e4:44:d3:78:b6:bf:74:d7:f6:0c:22:5e:
24:1e:df:8d:1d:e8:6c:74:88:08:a0:f8:df:ca:d0:fa:c4:03:
c0:fd:3d:ff:e1:6b:30:74:ab:f5:71:be:1c:f3:7c:fa:d2:8a:
8c:f3:f0:65:c6:5a:39:1e:b3:5b:36:b4:97:10:70:b5:9c:5e:
f6:5b:97:7e:a4:c2:d6:1f:ec:b7:32:25:6e:bf:e6:7a:eb:71:
4a:4b:de:8e:38:da:8e:cc:08:43:27:08:1e:00:36:fa:5d:b5:
50:28:09:37
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICAzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUxQTAxMTAvBgNVBAUTKEM2RUFCRUI5M0UxRDA2RTJDMzJFMUM0Q0JFMTQ3Q0ZC
Mzk5OTI1MzkwHhcNMjQwMzAxMDMwNTA3WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUxNDVlMy1jZjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OqctnShPHSZJtSf0S1bZBQAiLG9y8oYB0VdhGFi0I98ortM5Os+JbOJ0OmU
/3rGPoDT8vitHSzwqGz+59UFsZzBHKblPcXvHGJC0UoxAZZ2rfH/6YcGHFn9OrRW
zmeI5j9Nx3GdWzEzvxuluBjNsrgH0JFAWD3PQ0OT9vYHtIYp1+jiTQ3M0nW8GHY9
tjZojofgRtVR2Zhe9770n01QTOvDPyKO0o38Su02mp0QxNav8/baPt6IPQcQbsxu
pRToiwDzOKJE3b75blI0U4vX/jOAA3CJDdOBKFC6+X5Oj5bf2i143QTkY9d04FWv
+gPNov252eBNT3pdEBJ2Za6c7QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFEsL9pgw
CyXJk83W4XEtWxpEUKpTMB8GA1UdIwQYMBaAFMbqvrk+HQbiwy4cTL4UfPs5mSU5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTFBMC83QzUzOTEwQzdG
ODQxMUVDODA1MThFNTFDNEY5QUUwMi94dXEtdVQ0ZEJ1TERMaHhNdmhSOC16bVpK
VGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h1cS11VDRkQnVMRExoeE12aFI4LXptWkpUay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDUxQTAvN0M1MzkxMEM3Rjg0MTFFQzgwNTE4RTUxQzRGOUFFMDIvRDQ2QjJDMDg3
Rjg3MTFFQzgxRTc2QTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgACMCQDBwAkAFSgAAADBwAkAFSgEAQDBwAkAFSgEDADBwQkAFSgIEAw
DQYJKoZIhvcNAQELBQADggEBAG8DnxaOr1ImonbSTdm8f2gr8wO8T2C9X1Nt4k93
qEpznRBZztdhU+iM0LTvZVMqkSulfy8M3jb7qLtnlWZZY4PlmLNc0U2Jzz0OmXar
ebhzMHLZxNRjrpdtAKiBqiabWbrTJkvGJKZ+8/4jmu4NnS999PNflnlbm/U6hMWP
wccJEL5vOydzP/WQHx+PzJ4KPF2Pu613Q+RE03i2v3TX9gwiXiQe340d6Gx0iAig
+N/K0PrEA8D9Pf/hazB0q/VxvhzzfPrSiozz8GXGWjkes1s2tJcQcLWcXvZbl36k
wtYf7LcyJW6/5nrrcUpL3o442o7MCEMnCB4ANvpdtVAoCTc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:43:16 2025 by rpki-client