Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91320D4/0E3F0C66BC1611EEB9059C86C4F9AE02/BAB65090BD7811EEB634A117C4F9AE02.roa
File: BAB65090BD7811EEB634A117C4F9AE02.roa (raw, json)
Hash identifier: rOfi7pLc2YXhQ9Pw2aUr9rz0+D/rY6Ijcu5KC1k/f/s=
Subject key identifier: 68:A4:10:57:5F:24:DC:89:C2:AD:96:08:9F:35:F3:67:D3:90:C0:A8
Certificate issuer: /CN=A91320D4/serialNumber=B97A7F015A736074DF38445C98074378219D2995
Certificate serial: B0
Authority key identifier: B9:7A:7F:01:5A:73:60:74:DF:38:44:5C:98:07:43:78:21:9D:29:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uXp_AVpzYHTfOERcmAdDeCGdKZU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91320D4/0E3F0C66BC1611EEB9059C86C4F9AE02/BAB65090BD7811EEB634A117C4F9AE02.roa
Signing time: Mon 23 Dec 2024 04:19:02 +0000
ROA not before: Mon 23 Dec 2024 04:19:02 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152133
IP address blocks: 36.50.0.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176 (0xb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91320D4
Validity
Not Before: Dec 23 04:19:02 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6768e4b6-393d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e4:55:0d:4f:1b:98:60:15:94:79:8c:9b:9f:
a6:be:3f:74:ce:81:f3:04:68:29:ad:96:ff:21:73:
58:2d:04:07:95:62:1f:96:01:e6:1a:59:a0:9d:87:
91:23:dc:ed:39:3f:78:ec:90:3c:9e:f0:c0:99:df:
96:da:2e:f5:8f:12:65:04:b9:c9:3c:be:75:34:8a:
bb:f4:a9:7d:e7:46:ab:f3:4b:e4:85:bc:cb:6c:9d:
14:d3:be:83:43:09:36:0a:35:44:17:2a:95:f0:6a:
ab:a9:e5:43:69:8c:0d:1c:13:6d:f0:f4:c7:9a:8f:
51:ec:98:e8:e2:53:7e:72:40:51:bf:75:40:32:c7:
a5:28:88:75:fa:46:c0:ae:20:19:4e:24:b1:cb:94:
71:ef:76:80:39:f0:62:01:21:43:e2:13:36:ab:48:
54:7b:2f:8c:16:f2:bb:ab:7a:4a:b2:82:3a:05:6e:
d5:ea:e1:bb:2b:0c:1f:eb:f0:35:64:d5:cf:1a:9f:
95:78:53:5d:2e:3c:33:fa:58:90:f1:d9:0f:64:d7:
e1:db:ec:35:0b:d4:f9:73:b8:35:13:0b:cf:6e:70:
f6:aa:59:31:da:8b:6b:7a:3b:c5:db:28:cb:57:39:
34:dd:21:8a:e6:56:ca:a1:c6:25:b3:af:5f:5f:25:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A4:10:57:5F:24:DC:89:C2:AD:96:08:9F:35:F3:67:D3:90:C0:A8
X509v3 Authority Key Identifier:
keyid:B9:7A:7F:01:5A:73:60:74:DF:38:44:5C:98:07:43:78:21:9D:29:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91320D4/0E3F0C66BC1611EEB9059C86C4F9AE02/uXp_AVpzYHTfOERcmAdDeCGdKZU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uXp_AVpzYHTfOERcmAdDeCGdKZU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91320D4/0E3F0C66BC1611EEB9059C86C4F9AE02/BAB65090BD7811EEB634A117C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.0.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:99:0d:33:8c:9d:d1:a6:d8:42:ee:f8:3e:66:e3:aa:46:23:
26:33:85:81:87:79:31:80:95:3c:6a:3e:24:25:4c:2c:02:7c:
2f:09:9d:e6:1e:fa:cb:c5:9c:e3:0e:b9:0a:b4:a3:64:4b:0d:
31:6d:d2:95:0c:2b:3a:32:8c:df:ef:26:08:3f:67:42:91:ce:
67:7b:37:6d:0b:58:c0:fe:1f:20:4f:d3:84:01:fb:27:65:7c:
e9:8a:98:a8:33:90:1b:4c:cf:52:bc:fe:65:b3:d7:d1:5b:df:
2e:3b:70:d5:63:40:28:ec:2b:d2:70:8c:87:00:48:0d:a6:8e:
8c:ca:8a:d2:72:13:8e:65:bb:87:e7:4d:4f:cd:87:44:7e:74:
9a:04:5a:9d:3f:16:c4:77:6f:0b:e2:10:78:0e:77:10:9c:88:
8e:c1:a2:61:d3:dc:8b:c5:5f:19:af:ea:a0:64:c5:9e:3f:d8:
97:a8:db:59:9c:10:f6:4d:ed:55:6c:4f:f5:39:aa:ae:17:47:
11:52:58:af:ac:de:6f:7b:59:c1:e3:d5:18:1a:5d:99:69:23:
ba:ea:e4:35:f0:b1:fb:b2:83:63:f7:19:f6:6a:91:b3:fc:89:
f3:b9:bd:de:b1:31:5d:1d:8b:9f:9f:fc:09:fc:20:57:ae:53:
53:e7:1f:66
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzIwRDQxMTAvBgNVBAUTKEI5N0E3RjAxNUE3MzYwNzRERjM4NDQ1Qzk4MDc0Mzc4
MjE5RDI5OTUwHhcNMjQxMjIzMDQxOTAyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4ZTRiNi0zOTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzeRVDU8bmGAVlHmMm5+mvj90zoHzBGgprZb/IXNYLQQHlWIflgHmGlmgnYeR
I9ztOT947JA8nvDAmd+W2i71jxJlBLnJPL51NIq79Kl950ar80vkhbzLbJ0U076D
Qwk2CjVEFyqV8GqrqeVDaYwNHBNt8PTHmo9R7Jjo4lN+ckBRv3VAMselKIh1+kbA
riAZTiSxy5Rx73aAOfBiASFD4hM2q0hUey+MFvK7q3pKsoI6BW7V6uG7Kwwf6/A1
ZNXPGp+VeFNdLjwz+liQ8dkPZNfh2+w1C9T5c7g1EwvPbnD2qlkx2otrejvF2yjL
Vzk03SGK5lbKocYls69fXyWVQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGikEFdf
JNyJwq2WCJ8182fTkMCoMB8GA1UdIwQYMBaAFLl6fwFac2B03zhEXJgHQ3ghnSmV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjBENC8wRTNGMEM2NkJD
MTYxMUVFQjkwNTlDODZDNEY5QUUwMi91WHBfQVZwellIVGZPRVJjbUFkRGVDR2RL
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VYcF9BVnB6WUhUZk9FUmNtQWREZUNHZEtaVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzIwRDQvMEUzRjBDNjZCQzE2MTFFRUI5MDU5Qzg2QzRGOUFFMDIvQkFCNjUwOTBC
RDc4MTFFRUI2MzRBMTE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEkMgAwDQYJKoZIhvcNAQELBQADggEBAMqZDTOMndGm2ELu
+D5m46pGIyYzhYGHeTGAlTxqPiQlTCwCfC8JneYe+svFnOMOuQq0o2RLDTFt0pUM
KzoyjN/vJgg/Z0KRzmd7N20LWMD+HyBP04QB+ydlfOmKmKgzkBtMz1K8/mWz19Fb
3y47cNVjQCjsK9JwjIcASA2mjozKitJyE45lu4fnTU/Nh0R+dJoEWp0/FsR3bwvi
EHgOdxCciI7BomHT3IvFXxmv6qBkxZ4/2Jeo21mcEPZN7VVsT/U5qq4XRxFSWK+s
3m97WcHj1RgaXZlpI7rq5DXwsfuyg2P3GfZqkbP8ifO5vd6xMV0di5+f/An8IFeu
U1PnH2Y=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:59:03 2025 by rpki-client