Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/29084344D3CD11EF8A4E905AC4F9AE02.roa
File: 29084344D3CD11EF8A4E905AC4F9AE02.roa (raw, json)
Hash identifier: l0HBl1dSVhf2hOj+No6WipbGq3X5ND6DIGWqXhRgX5E=
Subject key identifier: C8:DD:DF:61:5E:B4:E0:0E:50:81:71:8F:91:FE:34:42:0C:C2:F2:39
Certificate issuer: /CN=A91B89AA/serialNumber=277F12244A50BC654EE563FE739FE4EB719966B6
Certificate serial: 1A
Authority key identifier: 27:7F:12:24:4A:50:BC:65:4E:E5:63:FE:73:9F:E4:EB:71:99:66:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J38SJEpQvGVO5WP-c5_k63GZZrY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/29084344D3CD11EF8A4E905AC4F9AE02.roa
Signing time: Thu 16 Jan 2025 05:45:58 +0000
ROA not before: Thu 16 Jan 2025 05:45:58 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152181
IP address blocks: 36.50.144.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B89AA/serialNumber=277F12244A50BC654EE563FE739FE4EB719966B6
Validity
Not Before: Jan 16 05:45:58 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=67889d16-2362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6c:aa:83:30:6c:e2:3b:53:d4:ea:2b:ce:a4:
c6:35:da:2f:29:6c:be:8c:a2:09:e3:70:d9:45:3b:
df:f2:6c:69:5f:81:0b:b0:ff:35:1f:0a:cb:06:d0:
1c:69:c8:21:ab:bb:bd:95:d1:36:c2:fb:ed:46:55:
c9:45:70:d0:bc:5f:a5:64:83:09:43:b7:05:de:b0:
02:c1:4a:53:a6:f2:e0:6e:0a:b2:c8:0a:7b:ab:fa:
de:6f:60:e8:25:cf:7e:e3:af:08:88:de:53:c3:2f:
24:fd:ae:4e:dc:e6:0c:67:42:df:65:e2:21:79:6d:
f8:80:6d:2a:42:c9:f7:eb:6d:f7:6c:de:07:d1:90:
78:59:3e:6e:8c:d0:5f:2f:f0:75:98:9d:f7:94:85:
62:e0:c7:bc:d3:a6:1d:41:9d:87:a3:5b:c3:c0:1c:
44:21:e4:15:91:5d:93:0f:90:bd:10:ac:51:6c:0b:
5c:c4:3c:c1:fe:69:9c:d6:8a:65:6c:67:ff:51:08:
f1:96:72:e9:a6:16:f1:e5:81:d5:1c:ba:66:f6:0d:
30:d4:c8:03:f2:a2:46:7f:86:26:f2:29:41:61:fc:
ec:d0:91:ff:64:f5:dd:9d:4d:05:8f:22:53:09:1a:
9b:0e:c2:d6:e0:f4:c5:d5:b3:f5:87:86:91:a9:15:
f5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DD:DF:61:5E:B4:E0:0E:50:81:71:8F:91:FE:34:42:0C:C2:F2:39
X509v3 Authority Key Identifier:
keyid:27:7F:12:24:4A:50:BC:65:4E:E5:63:FE:73:9F:E4:EB:71:99:66:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/J38SJEpQvGVO5WP-c5_k63GZZrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J38SJEpQvGVO5WP-c5_k63GZZrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/29084344D3CD11EF8A4E905AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.144.0/23
Signature Algorithm: sha256WithRSAEncryption
69:ca:10:22:19:e8:07:4e:95:47:58:3f:17:fe:9c:c9:41:44:
71:7e:7b:a0:50:9e:5c:7c:bc:86:ba:b2:08:f4:04:42:e6:b8:
e1:bd:78:6b:12:68:a2:39:46:7e:b8:01:ab:07:c1:b6:42:2f:
63:3b:2e:e2:54:df:a2:66:6d:e4:2a:0e:47:62:d6:87:0d:28:
f3:2e:c2:7d:d7:db:f3:d8:9e:42:27:7d:44:b8:bf:49:fc:e3:
56:ca:dd:95:f4:ba:2b:13:8b:b6:7e:cb:50:e5:df:b6:65:79:
5b:91:72:7b:70:11:16:26:dd:ed:4d:38:cb:80:a7:ef:5f:6d:
c1:b6:0c:6c:34:5d:f7:2a:52:a1:03:fa:84:52:79:57:c8:58:
89:fc:41:eb:dc:5f:3b:be:12:da:c2:27:26:df:f0:d5:fc:92:
e4:9c:0b:3e:33:cb:92:3e:c6:2a:f3:3c:c9:59:04:2d:76:50:
2d:ad:1e:41:ad:f7:5b:91:6b:b8:86:b1:9a:4e:e1:03:d6:80:
c7:54:bc:84:09:d2:69:35:2d:0e:a6:70:36:88:b5:46:23:3e:
e5:0b:81:4a:37:3f:c6:bc:8a:20:e2:16:1c:50:a6:f7:a1:a7:
d4:b9:3d:7d:39:23:e4:95:ca:02:e8:31:2d:14:cf:d5:3b:e8:
61:96:fe:66
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODlBQTExMC8GA1UEBRMoMjc3RjEyMjQ0QTUwQkM2NTRFRTU2M0ZFNzM5RkU0RUI3
MTk5NjZCNjAeFw0yNTAxMTYwNTQ1NThaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODg5ZDE2LTIzNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0bKqDMGziO1PU6ivOpMY12i8pbL6MognjcNlFO9/ybGlfgQuw/zUfCssG0Bxp
yCGru72V0TbC++1GVclFcNC8X6VkgwlDtwXesALBSlOm8uBuCrLICnur+t5vYOgl
z37jrwiI3lPDLyT9rk7c5gxnQt9l4iF5bfiAbSpCyffrbfds3gfRkHhZPm6M0F8v
8HWYnfeUhWLgx7zTph1BnYejW8PAHEQh5BWRXZMPkL0QrFFsC1zEPMH+aZzWimVs
Z/9RCPGWcummFvHlgdUcumb2DTDUyAPyokZ/hibyKUFh/OzQkf9k9d2dTQWPIlMJ
GpsOwtbg9MXVs/WHhpGpFfWdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUyN3fYV60
4A5QgXGPkf40QgzC8jkwHwYDVR0jBBgwFoAUJ38SJEpQvGVO5WP+c5/k63GZZrYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4OUFBLzg1RDBGMzQ2QkM2
MjExRUY5QTc4Mzc1MUM0RjlBRTAyL0ozOFNKRXBRdkdWTzVXUC1jNV9rNjNHWlpy
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSjM4U0pFcFF2R1ZPNVdQLWM1X2s2M0daWnJZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODlBQS84NUQwRjM0NkJDNjIxMUVGOUE3ODM3NTFDNEY5QUUwMi8yOTA4NDM0NEQz
Q0QxMUVGOEE0RTkwNUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEASQykDANBgkqhkiG9w0BAQsFAAOCAQEAacoQIhnoB06VR1g/
F/6cyUFEcX57oFCeXHy8hrqyCPQEQua44b14axJoojlGfrgBqwfBtkIvYzsu4lTf
omZt5CoOR2LWhw0o8y7Cfdfb89ieQid9RLi/SfzjVsrdlfS6KxOLtn7LUOXftmV5
W5Fye3ARFibd7U04y4Cn719twbYMbDRd9ypSoQP6hFJ5V8hYifxB69xfO74S2sIn
Jt/w1fyS5JwLPjPLkj7GKvM8yVkELXZQLa0eQa33W5FruIaxmk7hA9aAx1S8hAnS
aTUtDqZwNoi1RiM+5QuBSjc/xryKIOIWHFCm96Gn1Lk9fTkj5JXKAugxLRTP1Tvo
YZb+Zg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:29:42 2025 by rpki-client