Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/C85D80CE43F611EF84151D6FC4F9AE02.roa
File: C85D80CE43F611EF84151D6FC4F9AE02.roa (raw, json)
Hash identifier: vWaXqpy2k96I+1CA27zHiuJx3GF9Cv72ehYlKrUeS00=
Subject key identifier: FD:33:06:1A:B6:60:8A:B6:37:08:4D:B9:84:EC:CF:23:69:37:3D:FA
Certificate issuer: /CN=A91C0D37/serialNumber=CF41CDAF41C5700129064CEF284003BEF0B9BFC2
Certificate serial: FC
Authority key identifier: CF:41:CD:AF:41:C5:70:01:29:06:4C:EF:28:40:03:BE:F0:B9:BF:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z0HNr0HFcAEpBkzvKEADvvC5v8I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/C85D80CE43F611EF84151D6FC4F9AE02.roa
Signing time: Tue 07 Jan 2025 03:57:16 +0000
ROA not before: Tue 07 Jan 2025 03:57:16 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18119
IP address blocks: 202.36.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 252 (0xfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0D37/serialNumber=CF41CDAF41C5700129064CEF284003BEF0B9BFC2
Validity
Not Before: Jan 7 03:57:16 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677ca61c-3a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:01:40:e4:83:82:21:04:d6:61:71:14:4f:af:
22:8f:1e:b7:b9:be:76:6e:25:0f:a6:09:e9:bb:14:
96:fa:61:a7:b9:d4:4c:d4:0e:a2:65:39:70:6b:d7:
01:b7:ec:53:60:77:78:06:0a:da:e4:c2:d5:65:4c:
d5:8f:fc:fd:d2:d2:18:2f:6c:82:b6:3e:c0:88:cb:
db:32:01:48:f5:ad:05:cc:f4:94:87:a4:2f:e3:2c:
06:5b:86:f3:94:46:61:ad:2c:80:ad:78:a3:7f:f1:
ea:33:e1:79:9e:18:a2:c2:24:22:39:6d:3d:3f:d5:
5e:3a:89:ab:04:3a:0e:d8:1f:2e:73:ab:d9:7d:c8:
9b:86:fa:61:0b:0e:fd:4f:e7:63:24:f4:86:72:ff:
97:db:02:e8:3c:be:68:76:74:7f:80:1c:e8:25:eb:
21:d7:95:c9:82:94:8e:58:7d:0a:f4:8a:52:99:bc:
fb:43:20:2b:ba:f6:c0:6b:31:b4:37:5b:b8:7c:35:
54:17:6f:60:5f:12:44:58:39:7d:a7:1a:a2:e4:66:
b3:66:0f:4c:d0:da:36:38:dc:6a:10:a9:4f:fb:d2:
1c:72:3e:90:0f:97:7a:0f:7c:1c:4c:39:f6:f5:d0:
e1:ff:5c:4c:d6:b1:9a:b6:2c:8a:81:fb:c2:98:d2:
36:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:33:06:1A:B6:60:8A:B6:37:08:4D:B9:84:EC:CF:23:69:37:3D:FA
X509v3 Authority Key Identifier:
keyid:CF:41:CD:AF:41:C5:70:01:29:06:4C:EF:28:40:03:BE:F0:B9:BF:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/z0HNr0HFcAEpBkzvKEADvvC5v8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z0HNr0HFcAEpBkzvKEADvvC5v8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/C85D80CE43F611EF84151D6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.36.44.0/24
Signature Algorithm: sha256WithRSAEncryption
34:a8:f2:bc:f1:c8:30:6b:6a:ce:8f:22:19:ac:12:18:43:7f:
6d:f5:a3:93:b4:ef:f5:5a:a5:4e:9d:21:7a:96:5a:cd:84:a5:
e7:04:7f:97:9c:e8:75:f2:8f:95:35:75:7a:a9:af:d5:d1:c0:
e9:62:b3:00:65:86:87:a2:07:7b:57:d4:fc:5c:8e:03:62:11:
01:bf:1a:2e:ae:5e:1c:a7:6d:26:f6:c3:f8:35:f9:4d:55:8c:
ae:99:6b:e7:b9:54:6b:c7:28:b3:59:2d:6c:86:d3:c5:1c:d1:
13:be:c8:51:f1:25:37:28:40:c0:5e:5d:0d:55:9b:d3:cf:d2:
ef:49:52:39:a1:cd:e3:a8:81:16:0a:15:43:b6:9a:63:33:1f:
15:e8:f0:38:2a:01:b1:61:8d:e5:58:3e:b0:95:ca:e0:a1:ca:
43:cd:f8:79:33:6b:a3:78:ad:71:76:aa:27:3f:57:b2:a0:16:
34:58:6e:6f:97:43:fc:09:fe:f4:cb:7e:25:c7:b0:08:b2:21:
9d:70:5c:28:ef:af:e6:c7:a8:77:8f:a2:6c:f0:3b:37:58:97:
43:7b:a8:dc:02:b2:f8:35:6d:9f:95:02:8d:6f:b0:d8:af:0e:
7a:f2:77:5a:31:cd:88:ff:8c:ad:fa:3b:81:83:7d:df:89:22:
68:74:f1:25
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBEMzcxMTAvBgNVBAUTKENGNDFDREFGNDFDNTcwMDEyOTA2NENFRjI4NDAwM0JF
RjBCOUJGQzIwHhcNMjUwMTA3MDM1NzE2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjYTYxYy0zYTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqQFA5IOCIQTWYXEUT68ijx63ub52biUPpgnpuxSW+mGnudRM1A6iZTlwa9cB
t+xTYHd4Bgra5MLVZUzVj/z90tIYL2yCtj7AiMvbMgFI9a0FzPSUh6Qv4ywGW4bz
lEZhrSyArXijf/HqM+F5nhiiwiQiOW09P9VeOomrBDoO2B8uc6vZfcibhvphCw79
T+djJPSGcv+X2wLoPL5odnR/gBzoJesh15XJgpSOWH0K9IpSmbz7QyAruvbAazG0
N1u4fDVUF29gXxJEWDl9pxqi5GazZg9M0No2ONxqEKlP+9Iccj6QD5d6D3wcTDn2
9dDh/1xM1rGatiyKgfvCmNI2yQIDAQABo4IClTCCApEwHQYDVR0OBBYEFP0zBhq2
YIq2NwhNuYTszyNpNz36MB8GA1UdIwQYMBaAFM9Bza9BxXABKQZM7yhAA77wub/C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEQzNy8wRThCQ0IzODUz
NUIxMUVFOUJGMjBBNkJDNEY5QUUwMi96MEhOcjBIRmNBRXBCa3p2S0VBRHZ2QzV2
OEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3owSE5yMEhGY0FFcEJrenZLRUFEdnZDNXY4SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBEMzcvMEU4QkNCMzg1MzVCMTFFRTlCRjIwQTZCQzRGOUFFMDIvQzg1RDgwQ0U0
M0Y2MTFFRjg0MTUxRDZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKJCwwDQYJKoZIhvcNAQELBQADggEBADSo8rzxyDBras6P
IhmsEhhDf231o5O07/VapU6dIXqWWs2EpecEf5ec6HXyj5U1dXqpr9XRwOliswBl
hoeiB3tX1PxcjgNiEQG/Gi6uXhynbSb2w/g1+U1VjK6Za+e5VGvHKLNZLWyG08Uc
0RO+yFHxJTcoQMBeXQ1Vm9PP0u9JUjmhzeOogRYKFUO2mmMzHxXo8DgqAbFhjeVY
PrCVyuChykPN+Hkza6N4rXF2qic/V7KgFjRYbm+XQ/wJ/vTLfiXHsAiyIZ1wXCjv
r+bHqHePomzwOzdYl0N7qNwCsvg1bZ+VAo1vsNivDnryd1oxzYj/jK36O4GDfd+J
Imh08SU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:55:53 2025 by rpki-client