Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE403/802072E818BE11EFADA7E51DC4F9AE02/B74BF7F018BF11EFB54AFB20C4F9AE02.roa
File: B74BF7F018BF11EFB54AFB20C4F9AE02.roa (raw, json)
Hash identifier: 3q4SG/qlGVDYq4EV5cqZmr+jLzfEittQVkz7pS+z/KE=
Subject key identifier: 0D:DA:6E:FC:10:D6:22:6C:18:E0:9D:BB:5B:F9:94:2E:3A:18:92:5C
Certificate issuer: /CN=A91CE403/serialNumber=D78F30904E75DF94CEB75966AF838E763EA89762
Certificate serial: 84
Authority key identifier: D7:8F:30:90:4E:75:DF:94:CE:B7:59:66:AF:83:8E:76:3E:A8:97:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/148wkE5135TOt1lmr4OOdj6ol2I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE403/802072E818BE11EFADA7E51DC4F9AE02/B74BF7F018BF11EFB54AFB20C4F9AE02.roa
Signing time: Wed 29 Jan 2025 05:08:38 +0000
ROA not before: Wed 29 Jan 2025 05:08:38 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 152175
IP address blocks: 36.50.98.0/23 maxlen: 24
2401:5a60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132 (0x84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE403/serialNumber=D78F30904E75DF94CEB75966AF838E763EA89762
Validity
Not Before: Jan 29 05:08:38 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6799b7d5-8b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:df:15:0c:cd:7d:50:ca:19:b9:52:f5:11:49:
9a:17:59:35:c0:74:a5:fc:61:5f:12:ce:5f:6d:b3:
38:3f:3d:45:a0:82:e2:8e:d4:df:85:ee:eb:16:12:
40:0a:4b:9f:8c:04:6e:07:d3:b3:5c:c1:f5:6f:a1:
cb:05:e8:60:74:bf:c9:d5:a5:e0:1d:3b:0a:75:97:
3e:cd:f4:3f:e5:14:04:36:f3:d5:5c:57:65:b1:a6:
2d:7e:a4:c7:3c:0f:f6:25:52:1f:cc:26:8c:f1:e8:
38:c3:88:02:73:0e:71:71:db:a9:88:5a:b4:0b:42:
95:f9:89:94:9d:fa:66:b0:d9:d8:5e:78:18:99:ee:
05:fc:28:20:5d:2b:32:de:9b:ca:08:2f:91:b6:89:
47:59:37:2f:36:18:1a:06:9a:3d:49:d1:4b:47:b8:
9e:a2:27:71:af:bc:23:85:4a:cf:a9:54:d2:dc:2a:
24:95:f4:0f:87:82:af:39:7b:f4:e1:fa:28:39:4b:
49:93:d5:56:9b:99:8c:d8:c6:1d:84:69:bd:af:3d:
da:ea:ac:18:a9:dd:90:49:db:98:6e:d3:4c:9d:92:
bc:c1:3c:fd:2e:03:ab:06:57:ac:81:50:73:6c:9d:
60:e2:44:a8:fd:fe:0d:a0:0a:bb:41:57:bf:3c:fd:
92:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:DA:6E:FC:10:D6:22:6C:18:E0:9D:BB:5B:F9:94:2E:3A:18:92:5C
X509v3 Authority Key Identifier:
keyid:D7:8F:30:90:4E:75:DF:94:CE:B7:59:66:AF:83:8E:76:3E:A8:97:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE403/802072E818BE11EFADA7E51DC4F9AE02/148wkE5135TOt1lmr4OOdj6ol2I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/148wkE5135TOt1lmr4OOdj6ol2I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE403/802072E818BE11EFADA7E51DC4F9AE02/B74BF7F018BF11EFB54AFB20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.98.0/23
IPv6:
2401:5a60::/32
Signature Algorithm: sha256WithRSAEncryption
57:b4:58:64:ae:e4:db:a8:d8:60:8e:ba:04:3d:cc:42:1f:a9:
88:49:d9:79:ee:60:8e:fb:1b:ab:86:ed:32:a3:9c:16:1f:4e:
10:ac:50:fd:4e:85:ec:11:f4:55:44:6a:83:8a:85:db:d7:f2:
f7:d7:84:06:2a:ad:0a:52:c8:3a:29:bb:3e:7d:84:46:8a:5a:
bd:bd:6e:c9:26:6e:f1:3c:10:e8:d0:5b:3d:52:cf:e8:da:6b:
c7:84:4b:37:d6:2b:c3:58:7f:e0:a5:6f:b5:e3:5f:c2:22:70:
49:ca:07:86:49:4f:75:a0:20:c4:66:5b:c4:b8:9c:0d:44:56:
96:4c:59:29:b6:49:53:d1:1d:6f:7f:07:84:b0:22:39:07:93:
0f:e2:0e:71:a6:2e:eb:47:9f:45:71:73:5f:0e:e4:33:44:28:
23:60:27:84:f0:d7:17:4f:d3:5d:65:6d:2e:e0:27:cf:ef:59:
90:6f:da:f9:28:5d:cc:a9:c0:d0:1d:44:88:48:2f:0a:29:9f:
e2:ed:8a:a5:03:7d:ef:5c:25:2e:88:13:1f:0d:50:12:06:c9:
84:06:9f:fa:ec:21:a9:af:7c:9c:6b:bd:fa:55:c9:a7:89:c5:
df:1e:c2:0d:d6:c7:cd:ba:6d:8a:c4:fa:2f:ab:2d:46:b0:15:
c2:d2:43:82
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U0MDMxMTAvBgNVBAUTKEQ3OEYzMDkwNEU3NURGOTRDRUI3NTk2NkFGODM4RTc2
M0VBODk3NjIwHhcNMjUwMTI5MDUwODM4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5YjdkNS04YjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw98VDM19UMoZuVL1EUmaF1k1wHSl/GFfEs5fbbM4Pz1FoILijtTfhe7rFhJA
CkufjARuB9OzXMH1b6HLBehgdL/J1aXgHTsKdZc+zfQ/5RQENvPVXFdlsaYtfqTH
PA/2JVIfzCaM8eg4w4gCcw5xcdupiFq0C0KV+YmUnfpmsNnYXngYme4F/CggXSsy
3pvKCC+RtolHWTcvNhgaBpo9SdFLR7ieoidxr7wjhUrPqVTS3CoklfQPh4KvOXv0
4fooOUtJk9VWm5mM2MYdhGm9rz3a6qwYqd2QSduYbtNMnZK8wTz9LgOrBlesgVBz
bJ1g4kSo/f4NoAq7QVe/PP2S5wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFA3abvwQ
1iJsGOCdu1v5lC46GJJcMB8GA1UdIwQYMBaAFNePMJBOdd+UzrdZZq+DjnY+qJdi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTQwMy84MDIwNzJFODE4
QkUxMUVGQURBN0U1MURDNEY5QUUwMi8xNDh3a0U1MTM1VE90MWxtcjRPT2RqNm9s
MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzE0OHdrRTUxMzVUT3QxbG1yNE9PZGo2b2wySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U0MDMvODAyMDcyRTgxOEJFMTFFRkFEQTdFNTFEQzRGOUFFMDIvQjc0QkY3RjAx
OEJGMTFFRkI1NEFGQjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAEkMmIwDQQCAAIwBwMFACQBWmAwDQYJKoZIhvcNAQELBQAD
ggEBAFe0WGSu5Nuo2GCOugQ9zEIfqYhJ2XnuYI77G6uG7TKjnBYfThCsUP1OhewR
9FVEaoOKhdvX8vfXhAYqrQpSyDopuz59hEaKWr29bskmbvE8EOjQWz1Sz+jaa8eE
SzfWK8NYf+Clb7XjX8IicEnKB4ZJT3WgIMRmW8S4nA1EVpZMWSm2SVPRHW9/B4Sw
IjkHkw/iDnGmLutHn0Vxc18O5DNEKCNgJ4Tw1xdP011lbS7gJ8/vWZBv2vkoXcyp
wNAdRIhILwopn+LtiqUDfe9cJS6IEx8NUBIGyYQGn/rsIamvfJxrvfpVyaeJxd8e
wg3Wx826bYrE+i+rLUawFcLSQ4I=
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:57:12 2025 by rpki-client