Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/361777766E2F11EE9F5DEF32C4F9AE02.roa
File: 361777766E2F11EE9F5DEF32C4F9AE02.roa (raw, json)
Hash identifier: LjDyklpsY4tER3qyvIF/MVWeA44K8qWvTHC+14bUFS4=
Subject key identifier: 74:84:AA:D6:C6:03:E7:94:B4:25:D9:3E:31:02:61:55:61:0B:CB:60
Certificate issuer: /CN=A91DB7E9/serialNumber=DF51470B15E8C141AF2FA846A28C03B38591BAB4
Certificate serial: 010C
Authority key identifier: DF:51:47:0B:15:E8:C1:41:AF:2F:A8:46:A2:8C:03:B3:85:91:BA:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/31FHCxXowUGvL6hGoowDs4WRurQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/361777766E2F11EE9F5DEF32C4F9AE02.roa
Signing time: Tue 11 Feb 2025 04:28:08 +0000
ROA not before: Tue 11 Feb 2025 04:28:08 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 135889
IP address blocks: 202.36.224.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268 (0x10c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB7E9
Validity
Not Before: Feb 11 04:28:08 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67aad1d8-a7db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:da:43:a8:ee:e6:da:a1:76:49:65:50:31:7d:
79:62:49:c6:02:4e:b0:62:a0:c9:1e:ab:ad:6b:11:
9c:df:85:c6:47:5e:59:86:eb:5b:53:e7:d1:13:eb:
0f:9b:40:71:4c:e8:1e:b9:ef:c1:a0:22:f4:d4:47:
17:b4:53:95:37:18:a2:6b:c7:04:9f:e1:27:16:74:
c7:60:b0:f3:a9:2a:ed:dd:e4:1d:09:9c:46:1e:cb:
f0:a8:1c:cb:22:24:a9:77:dd:a9:f0:af:e0:10:b4:
0d:36:87:61:8c:1f:5c:ba:2d:8b:d8:8c:d4:37:f9:
25:ed:5f:5f:be:25:b2:c9:61:1a:38:73:14:bc:92:
e7:0a:83:22:27:1b:27:e3:3b:48:41:cf:a3:be:e9:
b5:a1:75:31:46:e5:52:81:cc:97:5c:9e:eb:11:43:
94:2f:20:b3:18:4f:3b:14:37:bd:0b:2f:34:7e:45:
92:66:4f:06:ed:eb:4f:6c:d5:df:61:6c:64:38:66:
8b:d1:da:35:6a:4d:22:90:f7:c6:1c:0e:b1:e4:61:
61:c5:a7:b0:df:07:4c:54:b5:8a:aa:30:71:4e:47:
1b:a3:47:4f:52:a1:49:3e:16:24:d5:ec:76:f3:e0:
f6:a0:8f:89:a1:e4:b1:f5:6d:9e:0e:b1:b8:05:e1:
73:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:84:AA:D6:C6:03:E7:94:B4:25:D9:3E:31:02:61:55:61:0B:CB:60
X509v3 Authority Key Identifier:
keyid:DF:51:47:0B:15:E8:C1:41:AF:2F:A8:46:A2:8C:03:B3:85:91:BA:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/31FHCxXowUGvL6hGoowDs4WRurQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/31FHCxXowUGvL6hGoowDs4WRurQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB7E9/E99E7F526E2E11EE85D92D32C4F9AE02/361777766E2F11EE9F5DEF32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.36.224.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:37:11:f8:f6:6d:2c:6b:13:41:48:9b:d3:40:83:a7:3c:c2:
08:de:3e:ba:14:81:9e:83:75:a0:7e:a8:fd:57:03:cd:2c:e7:
88:06:ea:34:84:d2:be:b4:ce:49:fe:c5:37:ca:2f:cc:0f:16:
0d:e1:db:79:62:d6:34:41:9a:13:57:ee:b1:57:e2:f8:1f:ed:
e4:b3:4c:5d:eb:57:f7:89:e9:8a:2d:74:83:a6:18:75:5b:16:
28:ff:e9:12:7e:05:af:fa:b6:62:2e:57:ed:61:54:98:73:a8:
3f:3f:c1:a1:d9:4e:53:f3:d3:7e:de:db:ee:58:54:ed:81:99:
38:94:72:9f:68:6f:7a:fb:77:16:30:2d:c5:27:ad:08:fd:cf:
46:7c:83:76:6c:7b:06:4b:c8:ac:e5:89:e9:cb:5f:88:0b:f7:
d7:b2:90:94:fd:ee:a5:cb:72:1f:e9:bf:6f:cb:8c:81:86:53:
c1:87:1a:3f:c6:02:76:81:de:aa:58:aa:10:5a:3f:1c:ba:30:
e4:05:73:0b:d3:a5:7a:f9:97:09:c9:0f:68:dc:f2:e2:06:b1:
4e:39:8f:92:b6:2e:01:8d:c5:bc:3a:28:5e:45:b5:71:14:0a:
ea:06:67:80:50:b4:9d:42:58:4f:f8:2d:c1:3f:9d:da:d1:5b:
a5:7a:15:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI3RTkxMTAvBgNVBAUTKERGNTE0NzBCMTVFOEMxNDFBRjJGQTg0NkEyOEMwM0Iz
ODU5MUJBQjQwHhcNMjUwMjExMDQyODA4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhZDFkOC1hN2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqNpDqO7m2qF2SWVQMX15YknGAk6wYqDJHqutaxGc34XGR15ZhutbU+fRE+sP
m0BxTOgeue/BoCL01EcXtFOVNxiia8cEn+EnFnTHYLDzqSrt3eQdCZxGHsvwqBzL
IiSpd92p8K/gELQNNodhjB9cui2L2IzUN/kl7V9fviWyyWEaOHMUvJLnCoMiJxsn
4ztIQc+jvum1oXUxRuVSgcyXXJ7rEUOULyCzGE87FDe9Cy80fkWSZk8G7etPbNXf
YWxkOGaL0do1ak0ikPfGHA6x5GFhxaew3wdMVLWKqjBxTkcbo0dPUqFJPhYk1ex2
8+D2oI+JoeSx9W2eDrG4BeFz3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHSEqtbG
A+eUtCXZPjECYVVhC8tgMB8GA1UdIwQYMBaAFN9RRwsV6MFBry+oRqKMA7OFkbq0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjdFOS9FOTlFN0Y1MjZF
MkUxMUVFODVEOTJEMzJDNEY5QUUwMi8zMUZIQ3hYb3dVR3ZMNmhHb293RHM0V1J1
clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzMxRkhDeFhvd1VHdkw2aEdvb3dEczRXUnVyUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI3RTkvRTk5RTdGNTI2RTJFMTFFRTg1RDkyRDMyQzRGOUFFMDIvMzYxNzc3NzY2
RTJGMTFFRTlGNURFRjMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHKJOAwDQYJKoZIhvcNAQELBQADggEBAB83Efj2bSxrE0FI
m9NAg6c8wgjeProUgZ6DdaB+qP1XA80s54gG6jSE0r60zkn+xTfKL8wPFg3h23li
1jRBmhNX7rFX4vgf7eSzTF3rV/eJ6YotdIOmGHVbFij/6RJ+Ba/6tmIuV+1hVJhz
qD8/waHZTlPz037e2+5YVO2BmTiUcp9ob3r7dxYwLcUnrQj9z0Z8g3ZsewZLyKzl
ienLX4gL99eykJT97qXLch/pv2/LjIGGU8GHGj/GAnaB3qpYqhBaPxy6MOQFcwvT
pXr5lwnJD2jc8uIGsU45j5K2LgGNxbw6KF5FtXEUCuoGZ4BQtJ1CWE/4LcE/ndrR
W6V6FWw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:39:16 2025 by rpki-client