Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/36E3B902FE4E11EF9F12441CC4F9AE02.roa
File: 36E3B902FE4E11EF9F12441CC4F9AE02.roa (raw, json)
Hash identifier: go1KQLAsWSMcDFpFZPzbcCoYXA902eWujQs5DRA5NuQ=
Subject key identifier: B0:E2:B8:1A:3C:97:85:F9:0E:9D:5D:06:A9:3E:CC:7D:E5:8B:54:43
Certificate issuer: /CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Certificate serial: 032D
Authority key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/36E3B902FE4E11EF9F12441CC4F9AE02.roa
Signing time: Tue 11 Mar 2025 07:55:35 +0000
ROA not before: Tue 11 Mar 2025 07:55:35 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153363
IP address blocks: 202.148.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 813 (0x32d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912442A
Validity
Not Before: Mar 11 07:55:35 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67cfec77-a668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:d4:7a:e8:8b:03:aa:41:5c:90:e2:ca:a5:
0b:a4:de:b2:18:44:cf:73:1b:10:e3:53:d7:50:0f:
bb:29:58:c0:c6:94:4c:6e:f5:14:fe:31:b6:91:26:
f0:3a:86:3d:20:cd:ab:fd:db:6a:62:af:88:07:08:
f8:c5:75:33:c4:a6:f5:8c:e4:51:21:23:34:99:09:
e4:d7:1e:69:65:8d:9a:99:f6:1c:69:12:91:b1:9b:
e3:8b:e4:3a:87:ad:ae:29:82:fb:49:80:73:6f:25:
cf:e1:63:db:db:a5:22:45:07:30:ac:82:21:c9:eb:
8c:5a:14:9c:c2:87:83:79:0a:88:2b:04:b4:a8:75:
54:05:ed:c4:e4:66:9c:36:8c:7c:ec:2a:6b:a1:5c:
7b:a7:fe:de:34:33:bd:ae:71:64:77:0e:4b:4f:e6:
23:9b:db:43:af:60:55:d5:35:bd:03:41:08:55:1a:
4c:5e:44:20:9b:a7:59:0e:94:e1:eb:0d:e9:60:34:
6c:a2:32:65:58:36:58:af:13:59:19:fc:22:69:01:
7e:62:93:9a:99:d2:35:5e:92:77:4f:5e:52:c3:3b:
7d:56:76:a1:60:11:9e:fc:4d:8a:3d:a9:de:e5:25:
64:2e:bf:48:0b:45:0c:87:1e:6f:55:8c:3d:ba:27:
d9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E2:B8:1A:3C:97:85:F9:0E:9D:5D:06:A9:3E:CC:7D:E5:8B:54:43
X509v3 Authority Key Identifier:
keyid:84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/36E3B902FE4E11EF9F12441CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.148.191.0/24
Signature Algorithm: sha256WithRSAEncryption
94:94:87:84:31:52:17:96:f9:33:04:c3:57:aa:bc:98:d2:3e:
31:c7:60:e7:2b:71:11:ff:dd:ed:e8:0d:75:c2:73:82:9d:b3:
75:8e:e4:82:37:d7:dd:81:98:8a:06:50:73:47:a1:e5:80:97:
a4:75:80:76:57:74:a5:c3:43:2d:3a:fc:f5:b9:79:a6:db:13:
30:08:b7:c1:2e:47:19:ba:e1:f2:cb:52:d4:1c:dc:df:3c:7c:
2c:5e:15:ec:79:11:57:b0:e9:94:3b:fb:e6:db:6e:3c:6c:66:
62:ce:a7:86:49:8e:63:17:03:ef:81:60:81:ce:45:92:32:1f:
0e:62:09:3e:6a:d1:eb:3e:04:24:ba:9c:01:29:e0:0a:79:5b:
07:82:69:ef:c8:e9:0f:23:68:a6:1d:cf:ce:43:30:8e:8c:af:
77:5b:d2:ce:35:80:69:57:f7:32:e8:fe:e8:93:48:66:a0:9f:
d8:3a:93:95:ca:f7:55:4a:bf:ed:75:ad:5a:61:47:5f:58:b7:
0d:b5:6d:e8:8b:24:08:b3:6b:45:f1:b1:f0:2a:60:81:11:ef:
3a:b4:da:b9:9b:02:03:ee:25:77:28:2e:cc:2b:c4:2f:4d:37:
e6:9d:db:7b:6e:ea:5a:3c:77:f3:c2:62:68:d8:03:0a:9c:aa:
33:00:47:7b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAy0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5QjJDMkE4MTFG
NUMyMDE1NzAwHhcNMjUwMzExMDc1NTM1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmZWM3Ny1hNjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuyvUeuiLA6pBXJDiyqULpN6yGETPcxsQ41PXUA+7KVjAxpRMbvUU/jG2kSbw
OoY9IM2r/dtqYq+IBwj4xXUzxKb1jORRISM0mQnk1x5pZY2amfYcaRKRsZvji+Q6
h62uKYL7SYBzbyXP4WPb26UiRQcwrIIhyeuMWhScwoeDeQqIKwS0qHVUBe3E5Gac
Nox87CproVx7p/7eNDO9rnFkdw5LT+Yjm9tDr2BV1TW9A0EIVRpMXkQgm6dZDpTh
6w3pYDRsojJlWDZYrxNZGfwiaQF+YpOamdI1XpJ3T15Swzt9VnahYBGe/E2KPane
5SVkLr9IC0UMhx5vVYw9uifZNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLDiuBo8
l4X5Dp1dBqk+zH3li1RDMB8GA1UdIwQYMBaAFISFo57WtiEo7fT5mywqgR9cIBVw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS8yMEYyQ0IwMEVC
OUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRhMklTanQ5UG1iTENxQkgxd2dG
WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hJV2pudGEySVNqdDlQbWJMQ3FCSDF3Z0ZYQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ0MkEvMjBGMkNCMDBFQjlDMTFFQ0E2ODIxMjBDQzRGOUFFMDIvMzZFM0I5MDJG
RTRFMTFFRjlGMTI0NDFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKlL8wDQYJKoZIhvcNAQELBQADggEBAJSUh4QxUheW+TME
w1eqvJjSPjHHYOcrcRH/3e3oDXXCc4Kds3WO5II3192BmIoGUHNHoeWAl6R1gHZX
dKXDQy06/PW5eabbEzAIt8EuRxm64fLLUtQc3N88fCxeFex5EVew6ZQ7++bbbjxs
ZmLOp4ZJjmMXA++BYIHORZIyHw5iCT5q0es+BCS6nAEp4Ap5WweCae/I6Q8jaKYd
z85DMI6Mr3db0s41gGlX9zLo/uiTSGagn9g6k5XK91VKv+11rVphR19Ytw21beiL
JAiza0XxsfAqYIER7zq02rmbAgPuJXcoLswrxC9NN+ad23tu6lo8d/PCYmjYAwqc
qjMAR3s=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:26:17 2025 by rpki-client