Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/2D89110A9A5311EE9CB13140C4F9AE02.roa
File: 2D89110A9A5311EE9CB13140C4F9AE02.roa (raw, json)
Hash identifier: 51Xns0oB8DIUPAAqRrljxkibyJY0Qjy6OKFbsk2hMYw=
Subject key identifier: DC:66:16:5E:F9:A5:0D:AE:05:27:B6:36:F9:F0:CD:51:99:7E:7A:2C
Certificate issuer: /CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Certificate serial: 344F
Authority key identifier: AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/2D89110A9A5311EE9CB13140C4F9AE02.roa
Signing time: Sat 28 Sep 2024 15:00:55 +0000
ROA not before: Sat 28 Sep 2024 15:00:55 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 131203
IP address blocks: 2001:df2:a980::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13391 (0x344f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Validity
Not Before: Sep 28 15:00:55 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f81a27-35a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a8:a7:fc:c4:a9:c0:81:83:8a:33:35:bb:4d:
6f:ba:c2:09:7c:6f:9a:8c:66:b0:14:0d:16:b1:76:
07:5e:ab:b0:dc:0e:1e:2e:ac:f0:89:d6:63:9b:68:
cb:78:a5:6a:5a:09:dc:7a:fd:72:56:24:dc:3d:78:
6c:23:17:97:4a:77:4a:bd:3f:c8:dc:2e:ec:4f:63:
1c:3d:98:15:40:02:6c:ab:9a:23:e1:db:b0:cc:71:
11:2d:ae:31:1e:da:a4:10:7a:a9:0a:46:12:e7:d1:
c7:59:c5:67:de:ec:fa:08:2d:3e:22:96:18:cd:c5:
e4:7f:77:8e:a4:34:d8:cd:9e:59:c7:d9:5c:d2:42:
8e:0a:b5:6c:91:4d:16:d1:12:79:68:64:99:63:6a:
65:36:07:12:e7:0a:e8:18:5f:dc:9e:c0:41:3d:56:
70:c6:79:c1:dd:5f:b2:23:de:6a:77:8b:0b:23:5e:
88:c6:c6:7c:43:bd:6c:50:96:7c:36:c7:0b:1b:d8:
f8:ea:05:15:c0:62:67:43:6c:ad:a4:0e:0f:00:9f:
47:28:5b:ff:f2:ef:5f:7c:75:fd:40:47:54:23:28:
d4:42:d3:e8:69:ee:ce:e5:e1:46:a2:9f:92:e2:7d:
9a:b6:1d:2c:4c:6d:59:ca:d5:af:bb:94:7d:ea:12:
e3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:66:16:5E:F9:A5:0D:AE:05:27:B6:36:F9:F0:CD:51:99:7E:7A:2C
X509v3 Authority Key Identifier:
keyid:AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/2D89110A9A5311EE9CB13140C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df2:a980::/48
Signature Algorithm: sha256WithRSAEncryption
50:b6:72:f1:90:06:49:ee:84:48:61:5d:49:6e:b6:be:82:57:
8a:25:6a:ce:77:7f:9c:d5:88:87:0b:d0:58:32:e9:3f:71:3e:
87:3f:33:d2:95:cd:5c:cc:a3:b2:47:2b:c6:d4:02:6d:7c:ee:
cc:cc:28:12:bb:60:2c:41:84:e4:0b:9c:ed:94:b4:05:06:4b:
16:3e:d5:2e:fc:ff:8a:cd:69:6d:4b:bb:fa:3f:30:30:cc:de:
57:95:c3:fa:83:72:25:70:f5:62:22:63:73:16:9f:47:a9:65:
6b:0f:c9:fd:bf:4a:a9:c3:6a:c0:32:af:ff:2f:51:02:41:a9:
36:96:f8:40:96:50:f9:2b:f3:df:7d:ac:41:47:22:bd:e8:f6:
82:e2:04:a8:43:ce:5b:52:32:9a:c7:20:ea:b1:a6:4c:f2:61:
14:80:b6:35:b6:bd:87:75:26:be:23:3d:be:4a:32:0a:ad:44:
37:10:6a:ae:7e:83:23:45:ad:59:d5:c2:63:76:9a:f9:c0:b0:
76:a3:2f:f9:39:9e:23:b6:18:2c:6d:98:34:45:00:24:81:f7:
81:a8:40:d8:3e:c2:4b:5c:17:26:f1:5b:f3:df:8a:96:22:65:
50:3f:28:b9:86:e5:3f:29:f5:aa:dd:af:80:87:25:f9:03:46:
3c:59:1f:3b
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICNE8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENBRTgxMTAvBgNVBAUTKEFBQjBFMkI2MkY2MzQzODk1NzMwQzA1NDg4RTdGQzRF
MjZDNTFBNkMwHhcNMjQwOTI4MTUwMDU1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY4MWEyNy0zNWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv6in/MSpwIGDijM1u01vusIJfG+ajGawFA0WsXYHXquw3A4eLqzwidZjm2jL
eKVqWgncev1yViTcPXhsIxeXSndKvT/I3C7sT2McPZgVQAJsq5oj4duwzHERLa4x
HtqkEHqpCkYS59HHWcVn3uz6CC0+IpYYzcXkf3eOpDTYzZ5Zx9lc0kKOCrVskU0W
0RJ5aGSZY2plNgcS5wroGF/cnsBBPVZwxnnB3V+yI95qd4sLI16IxsZ8Q71sUJZ8
NscLG9j46gUVwGJnQ2ytpA4PAJ9HKFv/8u9ffHX9QEdUIyjUQtPoae7O5eFGop+S
4n2ath0sTG1ZytWvu5R96hLjTwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNxmFl75
pQ2uBSe2NvnwzVGZfnosMB8GA1UdIwQYMBaAFKqw4rYvY0OJVzDAVIjn/E4mxRps
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0FFOC84QjZBREUxNDFE
OTMxMUUyOTJDQjIzRjcwOEIwMkNEMi9xckRpdGk5alE0bFhNTUJVaU9mOFRpYkZH
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FyRGl0aTlqUTRsWE1NQlVpT2Y4VGliRkdtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENBRTgvOEI2QURFMTQxRDkzMTFFMjkyQ0IyM0Y3MDhCMDJDRDIvMkQ4OTExMEE5
QTUzMTFFRTlDQjEzMTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3yqYAwDQYJKoZIhvcNAQELBQADggEBAFC2cvGQBknu
hEhhXUlutr6CV4olas53f5zViIcL0Fgy6T9xPoc/M9KVzVzMo7JHK8bUAm187szM
KBK7YCxBhOQLnO2UtAUGSxY+1S78/4rNaW1Lu/o/MDDM3leVw/qDciVw9WIiY3MW
n0epZWsPyf2/SqnDasAyr/8vUQJBqTaW+ECWUPkr8999rEFHIr3o9oLiBKhDzltS
MprHIOqxpkzyYRSAtjW2vYd1Jr4jPb5KMgqtRDcQaq5+gyNFrVnVwmN2mvnAsHaj
L/k5niO2GCxtmDRFACSB94GoQNg+wktcFybxW/PfipYiZVA/KLmG5T8p9ardr4CH
JfkDRjxZHzs=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:24:15 2025 by rpki-client