Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa
File: 43C5BAA282F411EE99AAAB12C4F9AE02.roa (raw, json)
Hash identifier: TkT4HdmZjpk+8cGhxmm8nbs4lKvJ4oKV4NHPoh4GvFo=
Subject key identifier: BB:88:75:B3:84:BD:9E:8E:6D:82:73:EC:15:EF:EE:5A:E2:2E:58:6E
Certificate issuer: /CN=A912BCAC/serialNumber=9CBE10D7C1DD44B7E590B5078BFC4F86CF8DB25A
Certificate serial: CA
Authority key identifier: 9C:BE:10:D7:C1:DD:44:B7:E5:90:B5:07:8B:FC:4F:86:CF:8D:B2:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa
Signing time: Tue 03 Dec 2024 04:38:06 +0000
ROA not before: Tue 03 Dec 2024 04:38:06 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152098
IP address blocks: 36.50.40.0/24 maxlen: 24
36.50.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 202 (0xca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BCAC/serialNumber=9CBE10D7C1DD44B7E590B5078BFC4F86CF8DB25A
Validity
Not Before: Dec 3 04:38:06 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e8b2d-9738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6a:91:50:cb:61:a5:d2:df:44:92:5a:14:8d:
28:8e:77:d8:9e:9e:54:fa:43:3f:c0:8d:c2:6c:99:
6c:8b:13:b6:c3:79:b4:71:75:00:50:5f:e3:47:e8:
3e:dd:d4:c0:1d:a2:45:e8:ee:e6:db:ea:27:24:b1:
0b:6b:81:9b:c1:4d:d4:5c:03:04:5a:a7:70:50:39:
cc:c9:b8:ef:b0:48:77:3a:1f:c8:57:50:40:ed:15:
bd:cb:8f:a8:0d:f7:fe:46:eb:d1:19:42:23:67:a3:
25:52:c1:ff:24:9e:d1:eb:c7:a8:d2:cb:f7:5b:72:
24:5c:71:34:f4:c5:97:aa:6c:54:6f:ed:49:69:0f:
fa:cd:3c:f5:ee:16:ec:69:64:a5:8f:c9:61:06:8c:
87:e1:b1:d2:54:88:7e:e0:7b:1f:78:b4:ce:e5:f4:
fc:cf:7e:50:9b:69:f2:4b:50:cf:21:81:ae:ad:d2:
22:79:cc:ab:50:ea:12:b0:43:bb:25:5c:9b:f0:10:
e8:b2:8b:cf:87:e1:e2:c8:55:ee:ed:86:c6:a6:9f:
a2:b7:8a:2d:f3:8f:ad:af:27:1e:af:37:20:a1:43:
f0:7d:04:59:db:ea:3b:ef:0c:1d:d9:70:ca:80:b0:
4c:59:10:2d:6f:b3:1c:9d:8d:e7:b2:58:2c:0d:7c:
74:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:88:75:B3:84:BD:9E:8E:6D:82:73:EC:15:EF:EE:5A:E2:2E:58:6E
X509v3 Authority Key Identifier:
keyid:9C:BE:10:D7:C1:DD:44:B7:E5:90:B5:07:8B:FC:4F:86:CF:8D:B2:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/nL4Q18HdRLflkLUHi_xPhs-Nslo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.40.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:09:1d:42:ed:82:3e:5c:f1:a3:ea:85:33:35:bc:28:58:9f:
55:2e:97:cc:47:c1:a2:b6:46:bf:32:47:7e:2b:c2:64:16:0b:
99:63:4a:a6:51:70:99:96:81:47:47:0d:55:02:1a:54:6a:01:
e6:e4:fd:1a:5c:0f:36:84:a4:5a:02:ba:03:0d:5c:e3:7d:1b:
60:da:95:cd:f4:ce:29:b6:00:ca:48:50:75:3a:1b:a6:09:54:
fa:18:7e:62:32:92:04:dd:e6:0a:8a:d6:d9:22:55:bc:5c:4b:
13:59:63:9e:30:3f:f8:99:d7:22:58:dc:2f:de:55:54:f2:1f:
f3:1b:ac:dd:54:a3:3f:59:e0:59:cb:2e:8c:aa:f9:84:c1:fe:
38:d0:ce:46:e8:97:91:b4:e4:7e:7f:f2:36:ac:89:0a:f9:ca:
e6:4a:f7:cb:32:ee:79:7b:87:cb:80:4f:db:9c:59:0b:c4:02:
2c:65:15:a8:8b:7c:42:1a:3d:7e:76:50:1a:93:bf:76:f6:69:
47:bc:cf:da:95:66:44:02:d5:8b:da:8e:3a:cf:02:0d:d4:ff:
f2:ea:90:b6:10:8b:7c:7c:ca:33:a2:01:f9:6f:33:fa:21:19:
ee:16:8f:62:82:ad:d5:79:b4:e7:d3:9b:52:b3:be:ea:a8:b5:
d2:7a:49:22
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJDQUMxMTAvBgNVBAUTKDlDQkUxMEQ3QzFERDQ0QjdFNTkwQjUwNzhCRkM0Rjg2
Q0Y4REIyNUEwHhcNMjQxMjAzMDQzODA2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlOGIyZC05NzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyWqRUMthpdLfRJJaFI0ojnfYnp5U+kM/wI3CbJlsixO2w3m0cXUAUF/jR+g+
3dTAHaJF6O7m2+onJLELa4GbwU3UXAMEWqdwUDnMybjvsEh3Oh/IV1BA7RW9y4+o
Dff+RuvRGUIjZ6MlUsH/JJ7R68eo0sv3W3IkXHE09MWXqmxUb+1JaQ/6zTz17hbs
aWSlj8lhBoyH4bHSVIh+4HsfeLTO5fT8z35Qm2nyS1DPIYGurdIiecyrUOoSsEO7
JVyb8BDosovPh+HiyFXu7YbGpp+it4ot84+trycerzcgoUPwfQRZ2+o77wwd2XDK
gLBMWRAtb7McnY3nslgsDXx0bwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLuIdbOE
vZ6ObYJz7BXv7lriLlhuMB8GA1UdIwQYMBaAFJy+ENfB3US35ZC1B4v8T4bPjbJa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkNBQy8wMTUyMjU4RTgy
RjQxMUVFOUVEMUY2MTFDNEY5QUUwMi9uTDRRMThIZFJMZmxrTFVIaV94UGhzLU5z
bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25MNFExOEhkUkxmbGtMVUhpX3hQaHMtTnNsby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJDQUMvMDE1MjI1OEU4MkY0MTFFRTlFRDFGNjExQzRGOUFFMDIvNDNDNUJBQTI4
MkY0MTFFRTk5QUFBQjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEkMigwDQYJKoZIhvcNAQELBQADggEBAKkJHULtgj5c8aPq
hTM1vChYn1Uul8xHwaK2Rr8yR34rwmQWC5ljSqZRcJmWgUdHDVUCGlRqAebk/Rpc
DzaEpFoCugMNXON9G2Dalc30zim2AMpIUHU6G6YJVPoYfmIykgTd5gqK1tkiVbxc
SxNZY54wP/iZ1yJY3C/eVVTyH/MbrN1Uoz9Z4FnLLoyq+YTB/jjQzkbol5G05H5/
8jasiQr5yuZK98sy7nl7h8uAT9ucWQvEAixlFaiLfEIaPX52UBqTv3b2aUe8z9qV
ZkQC1YvajjrPAg3U//LqkLYQi3x8yjOiAflvM/ohGe4Wj2KCrdV5tOfTm1Kzvuqo
tdJ6SSI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:21:31 2025 by rpki-client