Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B1EE/DE6A6130A55D11EEB8E9CE10C4F9AE02/0F7A0CD4C72E11EEAA6B423BC4F9AE02.roa
File: 0F7A0CD4C72E11EEAA6B423BC4F9AE02.roa (raw, json)
Hash identifier: lqNFFXORI79Tp9nH7sxtcuWMLXX1DbMNSF2W2W7xgQw=
Subject key identifier: F0:C0:74:4D:97:AC:BD:4A:0E:63:31:46:4D:12:78:CA:64:09:31:83
Certificate issuer: /CN=A917B1EE/serialNumber=6B3BE8F34CEA694B0D64BCF85785D917443695D4
Certificate serial: EA
Authority key identifier: 6B:3B:E8:F3:4C:EA:69:4B:0D:64:BC:F8:57:85:D9:17:44:36:95:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/azvo80zqaUsNZLz4V4XZF0Q2ldQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B1EE/DE6A6130A55D11EEB8E9CE10C4F9AE02/0F7A0CD4C72E11EEAA6B423BC4F9AE02.roa
Signing time: Thu 27 Feb 2025 06:59:48 +0000
ROA not before: Thu 27 Feb 2025 06:59:48 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 152193
IP address blocks: 36.50.250.0/23 maxlen: 23
36.50.250.0/24 maxlen: 24
36.50.251.0/24 maxlen: 24
2401:5f60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234 (0xea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B1EE
Validity
Not Before: Feb 27 06:59:48 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67c00d64-96d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:39:46:e4:ab:80:8d:56:de:38:30:19:04:82:
26:49:6c:18:6c:49:a8:6c:2e:67:0a:40:24:95:4d:
46:87:72:13:c8:2c:46:e0:8d:5a:13:aa:47:93:b4:
db:d0:a6:db:df:ac:69:4d:2c:6b:1a:1c:e6:0e:83:
5b:cc:af:07:a7:b3:4b:e2:4e:86:63:0b:f8:cb:fb:
c8:9b:69:99:13:29:fe:cd:28:b6:e7:e9:76:1f:62:
48:24:64:03:bb:19:3c:15:49:df:34:75:9a:49:88:
09:71:a8:6b:67:38:e1:ee:79:54:b3:19:c3:3c:73:
f6:f4:47:d1:1a:3b:34:3a:85:ae:ea:4a:d2:23:2b:
c8:98:04:dd:3e:be:11:4a:9e:80:41:7e:4d:cc:3a:
f0:ee:b1:1c:22:f5:58:d1:85:23:96:13:ac:d6:b6:
02:7b:dc:2d:3c:00:26:7d:27:ad:4c:a1:85:1e:08:
11:fa:cc:7b:7d:fc:a8:0e:04:10:fe:45:ee:58:df:
1e:21:83:47:af:22:36:05:c2:e9:1d:56:a4:48:f2:
7d:0e:8c:ca:1e:f2:d9:82:00:2e:ad:42:12:a7:71:
2d:e5:dc:f0:8c:55:61:ed:04:6b:a1:27:7c:5c:af:
2c:a2:47:34:d9:48:99:83:a4:63:f5:f5:c5:78:f0:
f5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C0:74:4D:97:AC:BD:4A:0E:63:31:46:4D:12:78:CA:64:09:31:83
X509v3 Authority Key Identifier:
keyid:6B:3B:E8:F3:4C:EA:69:4B:0D:64:BC:F8:57:85:D9:17:44:36:95:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B1EE/DE6A6130A55D11EEB8E9CE10C4F9AE02/azvo80zqaUsNZLz4V4XZF0Q2ldQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/azvo80zqaUsNZLz4V4XZF0Q2ldQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B1EE/DE6A6130A55D11EEB8E9CE10C4F9AE02/0F7A0CD4C72E11EEAA6B423BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.250.0/23
IPv6:
2401:5f60::/32
Signature Algorithm: sha256WithRSAEncryption
52:87:a3:e5:c9:9e:dc:3a:52:b9:60:98:25:e4:ef:5e:6f:49:
d3:df:fe:cc:b4:f1:81:ef:67:15:53:7b:1f:0d:92:5f:98:e4:
b2:7e:6c:27:25:d0:18:88:95:be:b4:a1:cb:35:3a:0e:f4:a2:
bc:11:25:f8:0f:ba:97:24:f0:de:07:e1:aa:35:b2:fc:ef:4f:
21:76:8e:9f:bf:db:e3:fb:53:a3:82:d4:de:97:af:e3:40:80:
d4:25:9b:57:e8:d2:6f:b2:3c:20:d2:92:6d:94:c4:a3:3d:45:
e0:80:07:5a:57:a2:9c:fa:91:6d:05:77:c6:28:5e:22:ec:2a:
80:fe:a4:69:42:fb:55:85:f4:20:6f:bb:97:9e:a7:94:66:2f:
6a:09:e0:de:e4:7b:93:17:e1:21:ed:df:31:73:a9:d8:00:e7:
25:eb:2e:a5:7a:2f:86:92:38:5f:a5:59:d0:75:78:97:7e:f2:
83:2e:8a:71:5a:a3:6b:a0:1c:a6:16:ed:84:00:92:ee:e2:96:
63:8e:3d:21:10:57:67:3c:5e:f2:38:47:d6:6b:70:16:3a:a5:
1b:0b:3b:a8:fb:56:52:d9:97:f0:2b:47:86:9e:2e:ca:26:56:
91:57:48:44:8d:68:98:ed:39:e6:50:94:9c:c9:b7:97:cb:39:
56:16:93:7d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0IxRUUxMTAvBgNVBAUTKDZCM0JFOEYzNENFQTY5NEIwRDY0QkNGODU3ODVEOTE3
NDQzNjk1RDQwHhcNMjUwMjI3MDY1OTQ4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MwMGQ2NC05NmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3TlG5KuAjVbeODAZBIImSWwYbEmobC5nCkAklU1Gh3ITyCxG4I1aE6pHk7Tb
0Kbb36xpTSxrGhzmDoNbzK8Hp7NL4k6GYwv4y/vIm2mZEyn+zSi25+l2H2JIJGQD
uxk8FUnfNHWaSYgJcahrZzjh7nlUsxnDPHP29EfRGjs0OoWu6krSIyvImATdPr4R
Sp6AQX5NzDrw7rEcIvVY0YUjlhOs1rYCe9wtPAAmfSetTKGFHggR+sx7ffyoDgQQ
/kXuWN8eIYNHryI2BcLpHVakSPJ9DozKHvLZggAurUISp3Et5dzwjFVh7QRroSd8
XK8sokc02UiZg6Rj9fXFePD1ZQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPDAdE2X
rL1KDmMxRk0SeMpkCTGDMB8GA1UdIwQYMBaAFGs76PNM6mlLDWS8+FeF2RdENpXU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjFFRS9ERTZBNjEzMEE1
NUQxMUVFQjhFOUNFMTBDNEY5QUUwMi9henZvODB6cWFVc05aTHo0VjRYWkYwUTJs
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F6dm84MHpxYVVzTlpMejRWNFhaRjBRMmxkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0IxRUUvREU2QTYxMzBBNTVEMTFFRUI4RTlDRTEwQzRGOUFFMDIvMEY3QTBDRDRD
NzJFMTFFRUFBNkI0MjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAEkMvowDQQCAAIwBwMFACQBX2AwDQYJKoZIhvcNAQELBQAD
ggEBAFKHo+XJntw6UrlgmCXk715vSdPf/sy08YHvZxVTex8Nkl+Y5LJ+bCcl0BiI
lb60ocs1Og70orwRJfgPupck8N4H4ao1svzvTyF2jp+/2+P7U6OC1N6Xr+NAgNQl
m1fo0m+yPCDSkm2UxKM9ReCAB1pXopz6kW0Fd8YoXiLsKoD+pGlC+1WF9CBvu5ee
p5RmL2oJ4N7ke5MX4SHt3zFzqdgA5yXrLqV6L4aSOF+lWdB1eJd+8oMuinFao2ug
HKYW7YQAku7ilmOOPSEQV2c8XvI4R9ZrcBY6pRsLO6j7VlLZl/ArR4aeLsomVpFX
SESNaJjtOeZQlJzJt5fLOVYWk30=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:14:00 2025 by rpki-client