Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/29D56C5E4A0F11EFB99F7B7BC4F9AE02.roa
File: 29D56C5E4A0F11EFB99F7B7BC4F9AE02.roa (raw, json)
Hash identifier: FUbLbyRZyhcvxkZqUEtt+l5IZYF6WeBidkxX8c50jkk=
Subject key identifier: 1B:40:DA:10:8C:DE:8E:8B:AF:5B:29:31:5F:FA:85:70:F6:FE:75:64
Certificate issuer: /CN=A9110D07/serialNumber=4AC95C8A975E4CF310842C95564051753DEB0289
Certificate serial: 011A
Authority key identifier: 4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/29D56C5E4A0F11EFB99F7B7BC4F9AE02.roa
Signing time: Fri 31 Jan 2025 04:49:48 +0000
ROA not before: Fri 31 Jan 2025 04:49:48 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 152300
IP address blocks: 36.50.18.0/23 maxlen: 31
2001:df3:51c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282 (0x11a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9110D07/serialNumber=4AC95C8A975E4CF310842C95564051753DEB0289
Validity
Not Before: Jan 31 04:49:48 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=679c566b-9b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:17:d8:32:27:9f:1b:1a:82:6b:65:d2:53:3c:
cd:6c:a8:cd:99:f6:8c:62:a1:e3:ee:f0:b3:28:d9:
c8:85:59:be:de:e3:3d:86:a6:88:30:c8:0b:ff:11:
0d:c5:3a:82:d9:b5:41:eb:a4:10:48:5a:ca:53:4a:
d6:e3:df:59:ff:4b:81:c7:5a:07:cc:8f:50:2e:14:
c3:d4:2c:6c:59:c5:e6:e7:43:8c:35:64:71:e4:6c:
b9:f2:3a:3e:7d:15:ef:fb:31:15:e7:6a:c2:72:c3:
c9:74:16:57:02:92:a9:9e:59:05:76:72:45:af:3c:
e0:88:35:c3:b3:37:11:87:5e:5d:8d:9c:71:88:5e:
fa:45:d4:77:88:ea:6e:72:a2:6a:49:09:17:35:77:
2b:56:ac:a4:9a:fe:37:3a:e2:5e:31:b9:db:99:e7:
84:ad:94:d5:27:02:11:55:89:15:20:ba:d1:1f:62:
5b:61:c8:96:79:d1:c5:ef:d0:74:a7:9c:a9:92:50:
d9:dd:27:6d:59:7b:3d:25:4a:d1:06:7d:ac:37:d3:
1a:9c:d8:ad:06:d2:ea:a6:9e:58:3b:77:d3:b2:71:
03:90:01:cb:cb:48:2e:8c:cd:66:e9:0a:09:2d:ab:
ee:0e:ed:b6:d7:cc:f8:47:22:21:4c:40:1c:29:5d:
83:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:40:DA:10:8C:DE:8E:8B:AF:5B:29:31:5F:FA:85:70:F6:FE:75:64
X509v3 Authority Key Identifier:
keyid:4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/SslcipdeTPMQhCyVVkBRdT3rAok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/29D56C5E4A0F11EFB99F7B7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.18.0/23
IPv6:
2001:df3:51c0::/48
Signature Algorithm: sha256WithRSAEncryption
92:ca:ca:72:d4:7b:a1:05:e6:7d:f4:7a:0f:db:08:e0:a8:57:
e3:37:8f:00:e9:ba:5e:c0:43:68:ff:df:c6:53:05:55:ac:ff:
46:e6:13:67:10:96:ea:4c:e0:11:00:25:c0:63:63:b5:1c:73:
de:f0:d8:0e:bb:f1:42:ef:2a:fd:12:49:8e:c8:b0:4a:43:79:
22:92:88:91:3e:38:2f:8f:7f:b0:16:76:5a:3d:72:85:9c:c3:
96:4b:a3:28:6d:84:d4:0a:b4:f5:dc:8f:90:99:79:2e:71:19:
31:88:f8:66:9b:4a:19:e3:55:52:fc:fe:c9:3a:7e:6a:ec:52:
31:9d:07:34:3e:65:c7:a7:1e:9f:3f:4e:e3:03:88:d2:7b:21:
5a:72:52:ce:a7:34:da:52:0e:55:60:cb:81:4d:21:6d:95:92:
cf:bd:93:ee:27:f4:3b:05:58:fa:7d:2c:40:4d:47:31:13:4b:
1e:1d:c9:d0:2a:23:47:5a:59:fb:42:0a:ea:76:10:ed:d9:2d:
c7:57:81:ad:3a:75:dd:fd:69:3d:81:e6:99:04:1f:ce:5a:2b:
66:de:42:23:13:0c:76:6f:f7:67:65:b8:2c:5c:3b:4b:8e:af:
2c:06:e6:c4:33:5c:0f:8c:9a:88:8f:d2:77:9a:27:94:b6:57:
ac:e8:0d:4c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTBEMDcxMTAvBgNVBAUTKDRBQzk1QzhBOTc1RTRDRjMxMDg0MkM5NTU2NDA1MTc1
M0RFQjAyODkwHhcNMjUwMTMxMDQ0OTQ4WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljNTY2Yi05YjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4xfYMiefGxqCa2XSUzzNbKjNmfaMYqHj7vCzKNnIhVm+3uM9hqaIMMgL/xEN
xTqC2bVB66QQSFrKU0rW499Z/0uBx1oHzI9QLhTD1CxsWcXm50OMNWRx5Gy58jo+
fRXv+zEV52rCcsPJdBZXApKpnlkFdnJFrzzgiDXDszcRh15djZxxiF76RdR3iOpu
cqJqSQkXNXcrVqykmv43OuJeMbnbmeeErZTVJwIRVYkVILrRH2JbYciWedHF79B0
p5ypklDZ3SdtWXs9JUrRBn2sN9ManNitBtLqpp5YO3fTsnEDkAHLy0gujM1m6QoJ
LavuDu2218z4RyIhTEAcKV2DSQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBtA2hCM
3o6Lr1spMV/6hXD2/nVkMB8GA1UdIwQYMBaAFErJXIqXXkzzEIQslVZAUXU96wKJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMEQwNy9EM0U4ODlENDhF
N0YxMUVFOEU5N0I0ODRDNEY5QUUwMi9Tc2xjaXBkZVRQTVFoQ3lWVmtCUmRUM3JB
b2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NzbGNpcGRlVFBNUWhDeVZWa0JSZFQzckFvay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTBEMDcvRDNFODg5RDQ4RTdGMTFFRThFOTdCNDg0QzRGOUFFMDIvMjlENTZDNUU0
QTBGMTFFRkI5OUY3QjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAEkMhIwDwQCAAIwCQMHACABDfNRwDANBgkqhkiG9w0BAQsF
AAOCAQEAksrKctR7oQXmffR6D9sI4KhX4zePAOm6XsBDaP/fxlMFVaz/RuYTZxCW
6kzgEQAlwGNjtRxz3vDYDrvxQu8q/RJJjsiwSkN5IpKIkT44L49/sBZ2Wj1yhZzD
lkujKG2E1Aq09dyPkJl5LnEZMYj4ZptKGeNVUvz+yTp+auxSMZ0HND5lx6cenz9O
4wOI0nshWnJSzqc02lIOVWDLgU0hbZWSz72T7if0OwVY+n0sQE1HMRNLHh3J0Coj
R1pZ+0IK6nYQ7dktx1eBrTp13f1pPYHmmQQfzlorZt5CIxMMdm/3Z2W4LFw7S46v
LAbmxDNcD4yaiI/Sd5onlLZXrOgNTA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:23:54 2025 by rpki-client