Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/00FEEFF0536911EE8594503BC4F9AE02.roa
File: 00FEEFF0536911EE8594503BC4F9AE02.roa (raw, json)
Hash identifier: UhJmIkPW+O+GWS01w9gaCC6S0d+sAspRCQNygto2GKk=
Subject key identifier: F8:2E:77:47:C0:42:6C:CC:B0:2C:75:F8:D6:CF:16:AD:4B:12:38:D4
Certificate issuer: /CN=A91C0D37/serialNumber=CF41CDAF41C5700129064CEF284003BEF0B9BFC2
Certificate serial: FD
Authority key identifier: CF:41:CD:AF:41:C5:70:01:29:06:4C:EF:28:40:03:BE:F0:B9:BF:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z0HNr0HFcAEpBkzvKEADvvC5v8I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/00FEEFF0536911EE8594503BC4F9AE02.roa
Signing time: Tue 07 Jan 2025 03:57:17 +0000
ROA not before: Tue 07 Jan 2025 03:57:17 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 4768
IP address blocks: 202.36.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253 (0xfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0D37
Validity
Not Before: Jan 7 03:57:17 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677ca61d-192e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d5:2c:c3:99:ad:6f:a6:c3:63:4c:21:d7:3c:
b1:53:ca:43:29:d9:e8:d3:b5:ef:b0:25:f6:1c:d7:
fa:35:56:5e:ce:b9:8a:28:b4:60:f5:75:8f:dd:a1:
4a:a5:b4:06:19:5f:35:7c:13:cb:ad:46:a3:c5:3e:
29:61:c3:d0:47:20:16:3e:5e:a4:71:da:0c:64:ae:
ee:09:00:63:08:e5:3f:12:5b:3e:5b:77:b4:19:8e:
49:7d:ab:36:0d:c4:88:40:26:ed:9e:8e:3e:51:30:
6c:93:80:e4:59:ed:55:38:d9:51:06:1d:fc:f6:e5:
6e:32:e6:e2:03:d4:07:16:51:75:88:d8:0f:5c:e3:
6f:ce:11:15:7d:8f:f3:9a:4a:29:ec:4d:a4:04:80:
3d:bb:db:40:f4:e7:7f:e3:fc:8b:d7:c1:ea:e5:69:
3d:63:f0:e8:5d:b8:09:cb:5a:c5:cd:98:47:aa:0e:
4e:4e:4f:80:ff:3c:c2:bd:84:3c:3d:97:7b:b4:8d:
11:19:40:32:93:a3:ba:03:69:08:a0:93:7b:5b:7a:
57:22:48:8f:f3:8b:5f:36:a9:79:b0:a8:f9:a8:3a:
7b:81:50:b3:bc:bf:08:db:9f:2f:0b:70:a4:5b:88:
57:da:08:dd:b9:d1:20:d1:8a:01:81:db:e1:20:e4:
45:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2E:77:47:C0:42:6C:CC:B0:2C:75:F8:D6:CF:16:AD:4B:12:38:D4
X509v3 Authority Key Identifier:
keyid:CF:41:CD:AF:41:C5:70:01:29:06:4C:EF:28:40:03:BE:F0:B9:BF:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/z0HNr0HFcAEpBkzvKEADvvC5v8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z0HNr0HFcAEpBkzvKEADvvC5v8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0D37/0E8BCB38535B11EE9BF20A6BC4F9AE02/00FEEFF0536911EE8594503BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.36.44.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:06:fc:e0:57:b8:5e:28:7d:25:91:ca:68:cf:0c:2e:15:5f:
dc:c6:ba:9b:77:aa:bc:db:af:65:54:00:66:79:a1:57:72:cf:
e6:85:a2:e7:5c:fa:21:4b:2a:ad:83:89:7b:99:73:c0:38:cd:
3e:f8:37:8d:fa:68:83:59:5f:b4:35:80:cc:ae:de:a5:64:c9:
cc:a8:4c:3d:2c:ba:50:e9:aa:91:c9:b2:c2:f4:d5:54:b6:26:
ca:e3:76:85:aa:c9:d8:4e:4f:5f:47:55:02:a7:a9:8b:49:0d:
4b:4c:c8:01:93:57:05:a4:fa:e1:5e:e0:14:88:e3:24:4f:50:
9d:e0:97:ed:7a:f7:36:7b:e8:69:dd:3f:73:25:ed:b1:b8:1d:
38:35:85:cc:67:95:99:58:98:54:f3:be:b2:18:d5:c2:08:2e:
cd:1a:76:8a:e3:43:bf:ec:55:c8:56:36:cb:a1:17:29:da:5a:
04:09:46:bd:5e:64:42:ee:9f:e4:18:7c:30:22:62:3b:a7:36:
55:28:8b:16:fe:65:47:57:69:59:32:f1:23:67:f3:b7:07:c5:
8f:2a:24:27:2f:59:5b:00:e6:82:4b:bb:fa:8e:61:95:53:19:
4c:d2:e6:06:7f:60:36:f6:51:30:61:77:17:5b:63:e6:a3:0d:
58:65:96:79
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBEMzcxMTAvBgNVBAUTKENGNDFDREFGNDFDNTcwMDEyOTA2NENFRjI4NDAwM0JF
RjBCOUJGQzIwHhcNMjUwMTA3MDM1NzE3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjYTYxZC0xOTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8NUsw5mtb6bDY0wh1zyxU8pDKdno07XvsCX2HNf6NVZezrmKKLRg9XWP3aFK
pbQGGV81fBPLrUajxT4pYcPQRyAWPl6kcdoMZK7uCQBjCOU/Els+W3e0GY5Jfas2
DcSIQCbtno4+UTBsk4DkWe1VONlRBh389uVuMubiA9QHFlF1iNgPXONvzhEVfY/z
mkop7E2kBIA9u9tA9Od/4/yL18Hq5Wk9Y/DoXbgJy1rFzZhHqg5OTk+A/zzCvYQ8
PZd7tI0RGUAyk6O6A2kIoJN7W3pXIkiP84tfNql5sKj5qDp7gVCzvL8I258vC3Ck
W4hX2gjdudEg0YoBgdvhIORFbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPgud0fA
QmzMsCx1+NbPFq1LEjjUMB8GA1UdIwQYMBaAFM9Bza9BxXABKQZM7yhAA77wub/C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEQzNy8wRThCQ0IzODUz
NUIxMUVFOUJGMjBBNkJDNEY5QUUwMi96MEhOcjBIRmNBRXBCa3p2S0VBRHZ2QzV2
OEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3owSE5yMEhGY0FFcEJrenZLRUFEdnZDNXY4SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBEMzcvMEU4QkNCMzg1MzVCMTFFRTlCRjIwQTZCQzRGOUFFMDIvMDBGRUVGRjA1
MzY5MTFFRTg1OTQ1MDNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKJCwwDQYJKoZIhvcNAQELBQADggEBAEsG/OBXuF4ofSWR
ymjPDC4VX9zGupt3qrzbr2VUAGZ5oVdyz+aFoudc+iFLKq2DiXuZc8A4zT74N436
aINZX7Q1gMyu3qVkycyoTD0sulDpqpHJssL01VS2JsrjdoWqydhOT19HVQKnqYtJ
DUtMyAGTVwWk+uFe4BSI4yRPUJ3gl+169zZ76GndP3Ml7bG4HTg1hcxnlZlYmFTz
vrIY1cIILs0adorjQ7/sVchWNsuhFynaWgQJRr1eZELun+QYfDAiYjunNlUoixb+
ZUdXaVky8SNn87cHxY8qJCcvWVsA5oJLu/qOYZVTGUzS5gZ/YDb2UTBhdxdbY+aj
DVhllnk=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:22:28 2025 by rpki-client