Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/8FC3656CCE6B11EF90AD9413C4F9AE02.roa
File: 8FC3656CCE6B11EF90AD9413C4F9AE02.roa (raw, json)
Hash identifier: 4IZbuFI/sg7oSkpXizwectAnTeEtZ9s1ZdY6rGFV37k=
Subject key identifier: 1D:22:F0:81:C5:12:D9:74:77:50:D6:25:B1:8E:1E:0A:95:4F:B9:90
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 06F8
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/8FC3656CCE6B11EF90AD9413C4F9AE02.roa
Signing time: Thu 09 Jan 2025 09:25:14 +0000
ROA not before: Thu 09 Jan 2025 09:25:14 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 21859
IP address blocks: 36.255.193.0/24 maxlen: 24
43.229.152.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1784 (0x6f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Jan 9 09:25:14 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=677f95fa-a633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:40:dc:5b:c1:43:d4:d5:a5:b8:4d:0f:f2:37:
84:1a:54:f3:de:26:63:d2:3b:0f:ee:19:7a:61:fd:
3b:46:30:30:9e:88:c2:34:68:7c:ac:27:3e:11:da:
21:5d:cc:e3:70:4b:4a:71:6b:83:2e:8e:03:7f:0a:
0f:fa:cd:c2:ee:97:dc:a0:f0:f7:36:ad:b4:59:33:
52:3e:b6:4c:8c:51:ec:2c:e3:fa:41:1d:74:11:2c:
74:ec:22:f9:e7:16:6b:c8:8d:90:8c:56:38:6a:1a:
a6:ec:3b:5c:68:1c:de:0a:b6:b5:32:98:1e:93:15:
98:cf:5f:5f:b1:f1:1c:7c:89:a2:85:d0:a1:e5:e9:
46:21:08:b9:63:78:ce:79:df:22:9f:a8:a2:a3:49:
ea:a4:fe:d4:f1:03:36:d8:95:27:71:56:f5:b6:87:
8e:e5:a8:f1:bb:f5:f1:5f:ad:5f:e7:c5:4d:29:de:
59:9d:5d:3a:3e:59:ed:97:b2:45:3a:1b:a8:b5:ce:
b0:9d:d5:90:97:18:87:ce:fe:94:7c:a0:a8:cf:d3:
8e:96:9e:0d:50:27:87:82:0c:86:25:26:9c:35:5b:
79:f1:a2:22:0b:6e:16:4a:85:59:e9:bf:5a:e1:0f:
99:96:a1:84:6c:41:13:4e:3c:22:fc:f9:78:f4:9b:
8a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:22:F0:81:C5:12:D9:74:77:50:D6:25:B1:8E:1E:0A:95:4F:B9:90
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/8FC3656CCE6B11EF90AD9413C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.193.0/24
43.229.152.0/24
150.107.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:77:fc:45:5b:4f:bf:d1:b2:54:3f:f6:aa:96:0c:b5:54:8b:
39:8d:8f:8b:f9:20:50:e0:cb:db:77:20:16:24:f6:cb:dd:9f:
e2:f6:50:55:c4:3c:0e:b2:4b:3a:39:8d:de:fd:22:c8:76:70:
61:c9:5a:c0:45:bf:67:60:86:a2:d9:09:8c:d1:93:6b:e3:33:
aa:8d:8c:3f:69:d5:2e:7a:fd:00:b5:2c:8e:60:ab:a8:de:72:
7c:56:97:18:e3:fe:8b:0e:72:a6:dd:fe:b4:51:40:cd:2a:2e:
49:e6:9e:9d:40:f5:8e:9f:48:85:58:1b:08:80:9c:35:de:57:
d0:8b:d7:6d:57:0d:6c:3c:b6:77:6b:2c:02:12:d2:0c:25:35:
46:33:66:ac:27:36:44:e5:06:99:87:9e:67:75:19:cf:ea:52:
29:7f:2e:80:10:d3:bb:23:1d:3d:a1:4c:f7:55:18:b8:21:08:
27:4d:26:4a:25:6f:3c:bd:4b:f5:b7:65:0d:b0:24:b2:ca:2f:
b2:3a:00:98:af:70:f0:9c:66:30:3f:3f:21:d6:b6:fc:8d:24:
98:d7:cc:20:f0:c4:26:2b:16:06:2f:95:68:b3:27:1c:7a:1d:
14:bf:51:d7:d4:85:bd:0f:85:0e:8d:d7:c0:f0:61:7e:20:54:
c6:b5:e7:b5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMTA5MDkyNTE0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdmOTVmYS1hNjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtEDcW8FD1NWluE0P8jeEGlTz3iZj0jsP7hl6Yf07RjAwnojCNGh8rCc+Edoh
XczjcEtKcWuDLo4DfwoP+s3C7pfcoPD3Nq20WTNSPrZMjFHsLOP6QR10ESx07CL5
5xZryI2QjFY4ahqm7DtcaBzeCra1MpgekxWYz19fsfEcfImihdCh5elGIQi5Y3jO
ed8in6iio0nqpP7U8QM22JUncVb1toeO5ajxu/XxX61f58VNKd5ZnV06Plntl7JF
Ohuotc6wndWQlxiHzv6UfKCoz9OOlp4NUCeHggyGJSacNVt58aIiC24WSoVZ6b9a
4Q+ZlqGEbEETTjwi/Pl49JuKzQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB0i8IHF
Etl0d1DWJbGOHgqVT7mQMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOEZDMzY1NkND
RTZCMTFFRjkwQUQ5NDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAk/8EDBAAr5ZgDBACWawAwDQYJKoZIhvcNAQELBQADggEB
AKd3/EVbT7/RslQ/9qqWDLVUizmNj4v5IFDgy9t3IBYk9svdn+L2UFXEPA6ySzo5
jd79Ish2cGHJWsBFv2dghqLZCYzRk2vjM6qNjD9p1S56/QC1LI5gq6jecnxWlxjj
/osOcqbd/rRRQM0qLknmnp1A9Y6fSIVYGwiAnDXeV9CL121XDWw8tndrLAIS0gwl
NUYzZqwnNkTlBpmHnmd1Gc/qUil/LoAQ07sjHT2hTPdVGLghCCdNJkolbzy9S/W3
ZQ2wJLLKL7I6AJivcPCcZjA/PyHWtvyNJJjXzCDwxCYrFgYvlWizJxx6HRS/UdfU
hb0PhQ6N18DwYX4gVMa157U=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:53:21 2025 by rpki-client