Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/06729B36D8B011EEB5C9AD7AC4F9AE02.roa
File: 06729B36D8B011EEB5C9AD7AC4F9AE02.roa (raw, json)
Hash identifier: vGFpyIR+FctWSVZ2x3BmT8PC0ToC6sSkN4h2IswPXyA=
Subject key identifier: FB:51:7A:68:C5:61:BB:34:45:02:1D:57:73:2F:4C:88:0E:CB:FE:DD
Certificate issuer: /CN=A91F1ADD/serialNumber=95460D1585021D39EAD7DD5BB2B553BF474AC943
Certificate serial: 052A
Authority key identifier: 95:46:0D:15:85:02:1D:39:EA:D7:DD:5B:B2:B5:53:BF:47:4A:C9:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUYNFYUCHTnq191bsrVTv0dKyUM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/06729B36D8B011EEB5C9AD7AC4F9AE02.roa
Signing time: Thu 30 Jan 2025 23:43:14 +0000
ROA not before: Thu 30 Jan 2025 23:43:14 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 138497
IP address blocks: 2404:18c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1322 (0x52a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1ADD/serialNumber=95460D1585021D39EAD7DD5BB2B553BF474AC943
Validity
Not Before: Jan 30 23:43:14 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=679c0e92-f42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d0:e4:3e:a3:34:07:c1:e0:f2:69:0e:b2:09:
92:33:7c:a5:dd:4d:79:10:85:92:1d:a6:78:a4:41:
b7:0d:43:b6:b2:74:4d:97:a6:12:4b:be:b4:9d:0b:
0b:b0:1f:b4:27:9b:8b:e9:df:51:55:27:89:54:f2:
dd:f4:0f:3e:45:36:fa:6d:9b:95:f0:17:d9:ca:69:
0d:08:d7:ef:10:ce:37:7a:55:e8:ac:19:cd:db:a5:
ef:94:cd:1d:c6:9e:38:d4:4d:fc:a0:f8:f9:d0:aa:
e3:ff:ec:33:76:1b:c2:b4:08:0a:09:5d:f7:3c:93:
c0:9a:cd:4e:d4:81:b3:d1:66:e3:94:3e:0c:6a:fe:
50:1d:17:30:b6:e5:09:a0:58:83:42:40:ba:b3:d8:
20:02:6c:90:75:e3:d9:82:27:de:c9:55:6a:29:dc:
f0:b9:e8:1b:79:f3:16:ec:de:b4:f0:e5:4f:30:d0:
ea:c0:6e:34:aa:c9:5e:b8:7d:48:dc:de:39:9e:70:
cc:fc:8a:87:0f:9f:39:db:cd:26:63:c9:e9:06:85:
01:c6:6b:9c:d5:df:68:88:12:18:1f:70:0b:48:24:
af:e2:7a:a6:94:db:55:4c:42:43:73:1c:ad:25:ff:
ca:16:a0:2f:00:2e:2f:87:bd:0f:ea:39:5f:ad:5d:
6a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:51:7A:68:C5:61:BB:34:45:02:1D:57:73:2F:4C:88:0E:CB:FE:DD
X509v3 Authority Key Identifier:
keyid:95:46:0D:15:85:02:1D:39:EA:D7:DD:5B:B2:B5:53:BF:47:4A:C9:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/lUYNFYUCHTnq191bsrVTv0dKyUM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUYNFYUCHTnq191bsrVTv0dKyUM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1ADD/DFAD9A1CF13211EB8AB4D44AC4F9AE02/06729B36D8B011EEB5C9AD7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:da:35:ee:75:e2:27:d8:aa:13:57:62:d3:cb:1c:29:42:a5:
4f:ae:3c:d2:88:d4:af:85:9d:f9:6d:b2:bc:41:fe:d5:05:af:
97:48:fc:3f:c0:d8:3e:a7:02:e4:78:89:c3:14:47:1e:3d:78:
59:96:9a:cc:10:42:db:f1:ae:39:ed:2f:80:8e:8f:e1:ea:ca:
e9:e9:4c:a5:d9:8c:1a:db:e5:28:d0:60:45:ed:eb:03:06:43:
83:d8:92:25:86:e3:5a:49:c5:fc:8c:3d:f5:14:7f:fb:80:44:
49:8f:69:3f:b1:c5:ee:f3:56:5f:d5:84:57:89:89:53:94:59:
f4:e3:5c:b4:37:67:6c:d7:3e:fc:89:65:ce:8d:1d:ab:8b:0c:
59:be:32:06:f7:7c:43:7b:7a:0c:f3:3c:8c:97:f4:33:47:44:
34:56:48:cd:04:c9:10:26:bf:c3:02:45:14:33:74:84:69:15:
42:92:e3:b7:cc:57:15:af:3e:ad:a4:c5:8c:d6:2f:51:bd:14:
af:41:bb:d7:9e:f0:22:7e:0f:e1:19:9a:60:55:0c:d9:8d:e8:
80:a2:5b:f3:24:ce:71:90:7a:d6:ea:e2:c9:88:c5:87:d8:0d:
6f:59:39:cb:75:ec:ad:65:b4:19:d6:69:29:00:d1:5c:20:b8:
2e:28:d0:7d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjFBREQxMTAvBgNVBAUTKDk1NDYwRDE1ODUwMjFEMzlFQUQ3REQ1QkIyQjU1M0JG
NDc0QUM5NDMwHhcNMjUwMTMwMjM0MzE0WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMGU5Mi1mNDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoNDkPqM0B8Hg8mkOsgmSM3yl3U15EIWSHaZ4pEG3DUO2snRNl6YSS760nQsL
sB+0J5uL6d9RVSeJVPLd9A8+RTb6bZuV8BfZymkNCNfvEM43elXorBnN26XvlM0d
xp441E38oPj50Krj/+wzdhvCtAgKCV33PJPAms1O1IGz0WbjlD4Mav5QHRcwtuUJ
oFiDQkC6s9ggAmyQdePZgifeyVVqKdzwuegbefMW7N608OVPMNDqwG40qsleuH1I
3N45nnDM/IqHD585280mY8npBoUBxmuc1d9oiBIYH3ALSCSv4nqmlNtVTEJDcxyt
Jf/KFqAvAC4vh70P6jlfrV1qLQIDAQABo4ICljCCApIwHQYDVR0OBBYEFPtRemjF
Ybs0RQIdV3MvTIgOy/7dMB8GA1UdIwQYMBaAFJVGDRWFAh056tfdW7K1U79HSslD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUFERC9ERkFEOUExQ0Yx
MzIxMUVCOEFCNEQ0NEFDNEY5QUUwMi9sVVlORllVQ0hUbnExOTFic3JWVHYwZEt5
VU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xVWU5GWVVDSFRucTE5MWJzclZUdjBkS3lVTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjFBREQvREZBRDlBMUNGMTMyMTFFQjhBQjRENDRBQzRGOUFFMDIvMDY3MjlCMzZE
OEIwMTFFRUI1QzlBRDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBBjAMA0GCSqGSIb3DQEBCwUAA4IBAQBr2jXudeIn2KoT
V2LTyxwpQqVPrjzSiNSvhZ35bbK8Qf7VBa+XSPw/wNg+pwLkeInDFEcePXhZlprM
EELb8a457S+Ajo/h6srp6Uyl2Ywa2+Uo0GBF7esDBkOD2JIlhuNaScX8jD31FH/7
gERJj2k/scXu81Zf1YRXiYlTlFn041y0N2ds1z78iWXOjR2riwxZvjIG93xDe3oM
8zyMl/QzR0Q0VkjNBMkQJr/DAkUUM3SEaRVCkuO3zFcVrz6tpMWM1i9RvRSvQbvX
nvAifg/hGZpgVQzZjeiAolvzJM5xkHrW6uLJiMWH2A1vWTnLdeytZbQZ1mkpANFc
ILguKNB9
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:16:39 2025 by rpki-client