Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/209A2EA88D9B11EEB4F6C646C4F9AE02.roa
File: 209A2EA88D9B11EEB4F6C646C4F9AE02.roa (raw, json)
Hash identifier: TsxmXKaWMwLW8KFltVLChPEvdcgwmQl6oA7bHzvI6Mg=
Subject key identifier: 77:9D:69:22:E5:F7:7D:20:C9:26:BE:CF:5E:B4:5D:DA:18:F7:67:4A
Certificate issuer: /CN=A91423C1/serialNumber=4153BA499A44E7EC1041C60EF7F369AC62357AA8
Certificate serial: E5
Authority key identifier: 41:53:BA:49:9A:44:E7:EC:10:41:C6:0E:F7:F3:69:AC:62:35:7A:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVO6SZpE5-wQQcYO9_NprGI1eqg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/209A2EA88D9B11EEB4F6C646C4F9AE02.roa
Signing time: Fri 31 Jan 2025 04:49:37 +0000
ROA not before: Fri 31 Jan 2025 04:49:37 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 152125
IP address blocks: 36.50.31.0/24 maxlen: 24
2001:df3:3340::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 229 (0xe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1/serialNumber=4153BA499A44E7EC1041C60EF7F369AC62357AA8
Validity
Not Before: Jan 31 04:49:37 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=679c5661-a29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:82:91:2f:e1:90:02:73:72:67:6f:83:ad:e0:
79:a0:49:0b:4c:77:1b:af:75:33:19:61:82:16:fc:
88:f4:d5:a5:f1:c8:91:66:08:c9:fb:ab:12:ad:c2:
76:76:5b:03:88:95:40:99:fd:9c:63:2a:52:42:b8:
4a:ce:25:c5:25:4d:04:59:91:91:4c:69:34:12:a7:
3e:9d:00:60:6f:c2:ce:0f:51:db:1d:06:1d:d1:ca:
a3:21:82:d5:dc:67:f8:0c:c9:34:f5:c9:71:db:15:
d1:2c:6a:b5:96:45:57:ab:af:80:3f:12:db:28:db:
bf:a8:db:d2:85:6e:ff:4e:66:24:4e:35:2b:8c:45:
d9:64:10:10:b4:f6:6f:9b:50:6d:77:6f:43:18:d3:
d9:ab:78:c0:29:6a:7a:87:d7:30:16:e2:6c:da:9f:
7c:f5:aa:6f:99:d8:92:f2:d7:e5:03:b6:ba:0e:d7:
5d:d1:7f:b5:03:c1:81:04:84:85:3e:e6:a6:8c:4f:
53:39:71:76:87:b7:ef:0e:20:46:4d:87:c9:3d:2e:
27:10:da:38:01:c2:df:63:ea:36:26:3c:65:26:9c:
12:4d:ad:6a:75:55:f6:a0:a8:fa:56:bf:41:9b:aa:
93:bf:cd:05:2d:a2:42:62:07:fd:23:e2:1a:59:bb:
eb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9D:69:22:E5:F7:7D:20:C9:26:BE:CF:5E:B4:5D:DA:18:F7:67:4A
X509v3 Authority Key Identifier:
keyid:41:53:BA:49:9A:44:E7:EC:10:41:C6:0E:F7:F3:69:AC:62:35:7A:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/QVO6SZpE5-wQQcYO9_NprGI1eqg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVO6SZpE5-wQQcYO9_NprGI1eqg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/209A2EA88D9B11EEB4F6C646C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.31.0/24
IPv6:
2001:df3:3340::/48
Signature Algorithm: sha256WithRSAEncryption
7d:51:87:96:81:18:59:f4:05:b9:83:86:03:d9:fe:d0:cf:dc:
7a:4a:a7:e6:dc:8b:1a:ce:83:1a:24:ac:21:52:35:ef:c8:a4:
b4:c3:74:c0:8d:f6:30:f1:e6:58:af:70:3a:1f:9e:de:dc:30:
05:e3:73:b6:b8:c1:f8:c5:b4:a5:f8:70:fc:18:ef:1c:97:f3:
8e:5f:af:c8:06:c7:a6:e8:cc:3f:8c:0a:f1:dd:6f:2a:e1:7a:
37:e1:08:b7:de:e5:88:ed:7c:72:80:57:5c:e6:f4:ef:7f:96:
c6:b7:9b:bc:d5:37:c7:2e:f4:02:ee:fc:bd:5c:8d:58:e9:50:
6e:10:fb:26:8b:49:fc:8c:e4:18:85:92:40:40:b1:f3:bb:c9:
55:59:80:a4:6b:55:39:0a:50:ab:cd:ed:01:23:ea:d9:a9:39:
6d:58:8e:e9:fc:84:d9:93:70:4e:e3:69:47:ed:e2:60:65:9a:
52:75:01:00:fb:3d:25:a9:ba:74:da:b0:10:f5:2a:77:f4:fd:
85:81:1a:34:0c:ff:4c:ba:be:5d:51:77:cb:5f:6f:38:6e:d4:
a4:cb:88:58:27:cc:2b:7e:9e:51:bc:91:fd:22:1a:cb:1e:07:
4d:08:1e:d7:65:a7:15:09:97:57:f9:df:99:7e:ee:73:86:9d:
f2:b8:b9:09
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDIzQzExMTAvBgNVBAUTKDQxNTNCQTQ5OUE0NEU3RUMxMDQxQzYwRUY3RjM2OUFD
NjIzNTdBQTgwHhcNMjUwMTMxMDQ0OTM3WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljNTY2MS1hMjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYKRL+GQAnNyZ2+DreB5oEkLTHcbr3UzGWGCFvyI9NWl8ciRZgjJ+6sSrcJ2
dlsDiJVAmf2cYypSQrhKziXFJU0EWZGRTGk0Eqc+nQBgb8LOD1HbHQYd0cqjIYLV
3Gf4DMk09clx2xXRLGq1lkVXq6+APxLbKNu/qNvShW7/TmYkTjUrjEXZZBAQtPZv
m1Btd29DGNPZq3jAKWp6h9cwFuJs2p989apvmdiS8tflA7a6Dtdd0X+1A8GBBISF
PuamjE9TOXF2h7fvDiBGTYfJPS4nENo4AcLfY+o2JjxlJpwSTa1qdVX2oKj6Vr9B
m6qTv80FLaJCYgf9I+IaWbvrmwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHedaSLl
930gySa+z160XdoY92dKMB8GA1UdIwQYMBaAFEFTukmaROfsEEHGDvfzaaxiNXqo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjNDMS8wRTBERkE5ODhD
Q0YxMUVFOTZGNEU2NUFDNEY5QUUwMi9RVk82U1pwRTUtd1FRY1lPOV9OcHJHSTFl
cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FWTzZTWnBFNS13UVFjWU85X05wckdJMWVxZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDIzQzEvMEUwREZBOTg4Q0NGMTFFRTk2RjRFNjVBQzRGOUFFMDIvMjA5QTJFQTg4
RDlCMTFFRUI0RjZDNjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAAkMh8wDwQCAAIwCQMHACABDfMzQDANBgkqhkiG9w0BAQsF
AAOCAQEAfVGHloEYWfQFuYOGA9n+0M/cekqn5tyLGs6DGiSsIVI178iktMN0wI32
MPHmWK9wOh+e3twwBeNztrjB+MW0pfhw/BjvHJfzjl+vyAbHpujMP4wK8d1vKuF6
N+EIt97liO18coBXXOb073+WxrebvNU3xy70Au78vVyNWOlQbhD7JotJ/IzkGIWS
QECx87vJVVmApGtVOQpQq83tASPq2ak5bViO6fyE2ZNwTuNpR+3iYGWaUnUBAPs9
Jam6dNqwEPUqd/T9hYEaNAz/TLq+XVF3y19vOG7UpMuIWCfMK36eUbyR/SIayx4H
TQge12WnFQmXV/nfmX7uc4ad8ri5CQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:18:41 2025 by rpki-client