Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/36C31E00637111EEA51CA05EC4F9AE02.roa
File: 36C31E00637111EEA51CA05EC4F9AE02.roa (raw, json)
Hash identifier: VRlasPmFdnGQ7jXmsGRiZ9YkkvB4UEQJbRXUpRC4bL8=
Subject key identifier: 2B:E8:3D:44:43:A8:60:C2:67:0A:6E:C2:FB:6A:6D:35:A5:DB:C8:75
Certificate issuer: /CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A
Certificate serial: C6
Authority key identifier: 5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/36C31E00637111EEA51CA05EC4F9AE02.roa
Signing time: Wed 07 Aug 2024 06:07:27 +0000
ROA not before: Wed 07 Aug 2024 06:07:27 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 18220
IP address blocks: 202.12.69.0/24 maxlen: 24
203.6.96.0/22 maxlen: 22
203.6.100.0/22 maxlen: 22
203.6.104.0/22 maxlen: 22
203.6.114.0/24 maxlen: 24
203.10.114.0/24 maxlen: 24
203.10.234.0/24 maxlen: 24
2401:6bfd::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198 (0xc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A
Validity
Not Before: Aug 7 06:07:27 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66b30f1f-8ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3b:62:2a:ac:55:a0:ab:1b:4f:25:18:4d:64:
c7:3c:0e:f7:2d:2c:4e:e7:ac:0e:7a:b6:f0:8e:bf:
0b:45:23:be:c4:85:9a:ff:8a:c0:a2:84:9e:c0:f5:
8f:bb:c5:ec:7e:ae:09:af:c3:c3:f2:7b:80:a0:64:
0f:69:7c:9b:49:11:b4:ef:c5:d1:98:f2:81:be:4a:
34:35:77:a8:64:7f:39:d2:33:2d:8c:3e:f5:ec:87:
61:24:cd:24:1a:0e:70:61:56:c3:e2:77:a2:3f:e4:
8e:00:b4:fa:7e:da:db:6c:47:6b:c5:4e:be:3b:0a:
8c:cf:23:d9:02:9b:1d:13:d8:fa:bd:b5:e8:ca:0f:
f3:1f:c9:3a:90:25:3b:eb:a7:03:d8:1e:7e:50:32:
4e:ed:14:85:dc:ce:f2:6a:36:99:38:ec:5f:59:59:
31:65:d0:77:3a:80:93:5e:34:68:4f:dc:71:04:4f:
ae:85:6a:4a:04:85:fe:9d:d2:bd:33:f5:0f:92:55:
87:ac:9f:1f:dc:c5:cd:23:22:6d:aa:2f:87:fa:73:
85:5f:bc:47:50:da:48:c1:db:73:55:71:11:37:72:
f8:95:83:e1:95:93:5e:a4:bb:d1:99:f8:b3:56:fb:
ed:2b:74:fc:ec:68:f5:3d:d1:cd:d2:bd:2e:30:ac:
d3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E8:3D:44:43:A8:60:C2:67:0A:6E:C2:FB:6A:6D:35:A5:DB:C8:75
X509v3 Authority Key Identifier:
keyid:5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/36C31E00637111EEA51CA05EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.12.69.0/24
203.6.96.0-203.6.107.255
203.6.114.0/24
203.10.114.0/24
203.10.234.0/24
IPv6:
2401:6bfd::/32
Signature Algorithm: sha256WithRSAEncryption
30:03:24:bf:4f:fe:28:e4:de:33:dc:2d:f3:8a:e1:8b:1f:47:
28:4c:9c:a7:36:23:9f:74:c0:f7:13:d4:5b:a2:e7:b0:c4:57:
b3:31:fe:76:a6:3d:eb:05:d5:b2:c8:5a:a3:eb:ac:59:af:5f:
13:9f:ab:ac:10:ad:2a:27:55:7e:bd:15:35:81:63:7c:33:c6:
95:42:ca:1c:7d:de:c5:ba:6e:4d:ae:ec:e4:6b:09:e4:6a:16:
5b:98:45:ee:bf:46:15:7e:ab:c8:8d:34:a3:8f:ed:ac:c7:0c:
43:6e:5a:25:45:c8:98:72:34:cf:e4:1e:68:8e:06:2c:a5:42:
69:2d:66:8e:d0:f3:fa:37:e8:32:93:bb:eb:da:f7:9f:cb:da:
dd:75:8f:3b:e4:44:0d:c2:d0:34:54:cb:03:e8:66:00:4d:c7:
1d:99:51:31:c2:5f:da:c1:67:a7:a6:9b:a7:58:db:5e:cc:3a:
0f:a9:58:6a:ff:85:3a:53:7d:f0:dd:89:4a:02:6a:3c:66:bf:
85:e7:17:1f:e5:d6:07:6c:6a:f5:f5:04:08:2b:8c:20:81:5e:
3f:a6:48:7b:c8:6d:07:49:3e:a0:e8:cb:d2:80:80:cf:dc:f0:
6c:18:31:5b:86:3f:d5:49:9c:fa:df:75:96:3e:84:f1:d9:a9:
d4:ba:f8:ea
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICAMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlFODIxMTAvBgNVBAUTKDVFNzJBQTdENUIxRDU2MzJFNUQzM0ZFQzcyRkE3NDMz
RjQ5Q0UyOUEwHhcNMjQwODA3MDYwNzI3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIzMGYxZi04YmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyjtiKqxVoKsbTyUYTWTHPA73LSxO56wOerbwjr8LRSO+xIWa/4rAooSewPWP
u8Xsfq4Jr8PD8nuAoGQPaXybSRG078XRmPKBvko0NXeoZH850jMtjD717IdhJM0k
Gg5wYVbD4neiP+SOALT6ftrbbEdrxU6+OwqMzyPZApsdE9j6vbXoyg/zH8k6kCU7
66cD2B5+UDJO7RSF3M7yajaZOOxfWVkxZdB3OoCTXjRoT9xxBE+uhWpKBIX+ndK9
M/UPklWHrJ8f3MXNIyJtqi+H+nOFX7xHUNpIwdtzVXERN3L4lYPhlZNepLvRmfiz
VvvtK3T87Gj1PdHN0r0uMKzTpwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFCvoPURD
qGDCZwpuwvtqbTWl28h1MB8GA1UdIwQYMBaAFF5yqn1bHVYy5dM/7HL6dDP0nOKa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUU4Mi9FQTdFNUZBNjYz
NkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZqTGwwel9zY3ZwME1fU2M0
cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1huS3FmVnNkVmpMbDB6X3NjdnAwTV9TYzRwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlFODIvRUE3RTVGQTY2MzZGMTFFRTk3Qzc0QjVDQzRGOUFFMDIvMzZDMzFFMDA2
MzcxMTFFRUE1MUNBMDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCwEAgABMCYDBADKDEUwDAMEBcsGYAMEAssGaAMEAMsGcgMEAMsKcgMEAMsK
6jANBAIAAjAHAwUAJAFr/TANBgkqhkiG9w0BAQsFAAOCAQEAMAMkv0/+KOTeM9wt
84rhix9HKEycpzYjn3TA9xPUW6LnsMRXszH+dqY96wXVsshao+usWa9fE5+rrBCt
KidVfr0VNYFjfDPGlULKHH3exbpuTa7s5GsJ5GoWW5hF7r9GFX6ryI00o4/trMcM
Q25aJUXImHI0z+QeaI4GLKVCaS1mjtDz+jfoMpO769r3n8va3XWPO+REDcLQNFTL
A+hmAE3HHZlRMcJf2sFnp6abp1jbXsw6D6lYav+FOlN98N2JSgJqPGa/hecXH+XW
B2xq9fUECCuMIIFeP6ZIe8htB0k+oOjL0oCAz9zwbBgxW4Y/1Umc+t91lj6E8dmp
1Lr46g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:34:01 2025 by rpki-client