Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/7086C108890711EEA367A12CC4F9AE02.roa
File: 7086C108890711EEA367A12CC4F9AE02.roa (raw, json)
Hash identifier: uNwOZ6qB1VM8HVtQRDKY/fxEIEGg2/7o6zchROoukE8=
Subject key identifier: 13:F8:44:13:28:BB:DB:9E:A2:A0:8B:1A:0D:58:00:6B:08:E2:4F:5D
Certificate issuer: /CN=A91C725F/serialNumber=CC72E1797B2204D8EC69EC98C41739CC8C664C9C
Certificate serial: 0A0F
Authority key identifier: CC:72:E1:79:7B:22:04:D8:EC:69:EC:98:C4:17:39:CC:8C:66:4C:9C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHLheXsiBNjsaeyYxBc5zIxmTJw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/7086C108890711EEA367A12CC4F9AE02.roa
Signing time: Wed 02 Oct 2024 19:58:48 +0000
ROA not before: Wed 02 Oct 2024 19:58:47 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 134585
IP address blocks: 2403:5bc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2575 (0xa0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C725F, serialNumber=CC72E1797B2204D8EC69EC98C41739CC8C664C9C
Validity
Not Before: Oct 2 19:58:47 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66fda5f7-4190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:da:ab:7f:16:13:9b:e1:5d:d9:80:d3:62:19:
31:13:16:1a:40:41:33:88:2d:9e:41:4e:a8:c9:eb:
f7:4a:75:29:01:5a:a3:0e:91:d7:d7:e3:5f:28:72:
97:5d:0e:45:b2:3a:8b:46:00:20:34:65:83:f2:6b:
6f:1b:4c:f3:00:b8:80:9d:49:cd:6d:5e:a7:3c:6c:
a6:f2:c4:20:90:32:44:dd:fe:ba:ba:7f:66:57:02:
56:f0:87:63:70:e2:fd:2b:53:d2:2b:fb:9f:6d:ab:
cd:53:6b:21:1f:9d:e0:af:2a:59:38:89:7f:da:81:
3d:9f:32:39:88:4d:d5:be:81:79:74:b4:6c:f6:19:
f0:48:e4:c2:08:5a:d4:bd:8a:98:f5:cb:a0:39:56:
cd:e5:bb:37:bf:04:1e:4f:29:7c:f0:36:26:46:c1:
06:bf:26:5b:25:ac:cb:d2:6e:be:ba:20:69:9f:f1:
7f:b0:e0:97:26:4c:30:ed:5f:20:6b:80:52:3a:64:
48:7d:9f:4a:07:d3:07:05:5f:dc:69:2d:9a:58:68:
ec:cc:4e:1a:d6:c5:bc:a7:1b:fa:1a:9e:4c:78:f7:
07:e5:fc:d9:b5:64:90:a1:93:3e:9c:47:bf:e1:09:
e5:d0:88:d2:2a:69:2f:c1:87:9a:63:86:9f:a8:0e:
85:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F8:44:13:28:BB:DB:9E:A2:A0:8B:1A:0D:58:00:6B:08:E2:4F:5D
X509v3 Authority Key Identifier:
keyid:CC:72:E1:79:7B:22:04:D8:EC:69:EC:98:C4:17:39:CC:8C:66:4C:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/zHLheXsiBNjsaeyYxBc5zIxmTJw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHLheXsiBNjsaeyYxBc5zIxmTJw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C725F/4E8D2B5C5D4411EA94C97D11C4F9AE02/7086C108890711EEA367A12CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:5bc0::/32
Signature Algorithm: sha256WithRSAEncryption
33:5b:b8:fc:ab:ff:5b:e2:70:55:32:e6:a9:36:68:7e:4c:d8:
79:22:c4:8a:13:49:b1:97:44:3f:b3:54:9c:4a:6b:e1:fe:90:
0b:5a:ae:97:78:09:6a:cb:4c:f6:1b:90:99:7a:9a:9d:e0:a5:
06:cb:6a:4d:34:59:b3:53:40:e7:fd:c1:49:5a:87:39:c4:3f:
3d:ff:84:7c:44:8d:31:d9:79:82:68:60:d0:b8:93:16:60:e8:
f7:41:9e:a0:f2:6d:18:ba:40:91:e0:41:6a:41:d2:17:b2:ac:
47:7b:ee:57:4c:90:0b:ab:51:64:f8:30:84:95:49:c5:68:1f:
a9:53:5a:70:d0:f1:dc:fa:6c:85:fe:c7:41:f7:9c:66:f8:61:
e7:64:0e:d6:20:92:9a:43:5a:4c:8e:31:a5:d4:34:f4:00:40:
1a:2e:1d:2e:49:bb:f7:3a:bd:3d:9b:b6:88:6d:d5:63:ea:4c:
63:e9:ed:e2:99:28:c5:c7:a3:5e:23:7c:e4:a5:14:98:3b:d8:
93:6b:1f:0b:92:87:ba:b6:31:56:32:21:86:9e:7a:a2:39:91:
5a:4a:26:99:d3:2b:3f:f2:17:16:1f:96:e2:f3:77:ef:24:f3:
a5:a9:c5:6e:2a:6f:cb:0b:ce:0e:b5:2f:e2:f3:c3:6c:f0:da:
81:4a:cb:f6
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCg8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcyNUYxMTAvBgNVBAUTKENDNzJFMTc5N0IyMjA0RDhFQzY5RUM5OEM0MTczOUND
OEM2NjRDOUMwHhcNMjQxMDAyMTk1ODQ3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZkYTVmNy00MTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxtqrfxYTm+Fd2YDTYhkxExYaQEEziC2eQU6oyev3SnUpAVqjDpHX1+NfKHKX
XQ5FsjqLRgAgNGWD8mtvG0zzALiAnUnNbV6nPGym8sQgkDJE3f66un9mVwJW8Idj
cOL9K1PSK/ufbavNU2shH53grypZOIl/2oE9nzI5iE3VvoF5dLRs9hnwSOTCCFrU
vYqY9cugOVbN5bs3vwQeTyl88DYmRsEGvyZbJazL0m6+uiBpn/F/sOCXJkww7V8g
a4BSOmRIfZ9KB9MHBV/caS2aWGjszE4a1sW8pxv6Gp5MePcH5fzZtWSQoZM+nEe/
4Qnl0IjSKmkvwYeaY4afqA6FgQIDAQABo4ICljCCApIwHQYDVR0OBBYEFBP4RBMo
u9ueoqCLGg1YAGsI4k9dMB8GA1UdIwQYMBaAFMxy4Xl7IgTY7GnsmMQXOcyMZkyc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzI1Ri80RThEMkI1QzVE
NDQxMUVBOTRDOTdEMTFDNEY5QUUwMi96SExoZVhzaUJOanNhZXlZeEJjNXpJeG1U
SncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pITGhlWHNpQk5qc2FleVl4QmM1ekl4bVRKdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcyNUYvNEU4RDJCNUM1RDQ0MTFFQTk0Qzk3RDExQzRGOUFFMDIvNzA4NkMxMDg4
OTA3MTFFRUEzNjdBMTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkA1vAMA0GCSqGSIb3DQEBCwUAA4IBAQAzW7j8q/9b4nBV
MuapNmh+TNh5IsSKE0mxl0Q/s1ScSmvh/pALWq6XeAlqy0z2G5CZepqd4KUGy2pN
NFmzU0Dn/cFJWoc5xD89/4R8RI0x2XmCaGDQuJMWYOj3QZ6g8m0YukCR4EFqQdIX
sqxHe+5XTJALq1Fk+DCElUnFaB+pU1pw0PHc+myF/sdB95xm+GHnZA7WIJKaQ1pM
jjGl1DT0AEAaLh0uSbv3Or09m7aIbdVj6kxj6e3imSjFx6NeI3zkpRSYO9iTax8L
koe6tjFWMiGGnnqiOZFaSiaZ0ys/8hcWH5bi83fvJPOlqcVuKm/LC84OtS/i88Ns
8NqBSsv2
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:46:40 2025 by rpki-client