Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/E6E564502DD811EF8471C475C4F9AE02.roa
File: E6E564502DD811EF8471C475C4F9AE02.roa (raw, json)
Hash identifier: Tr9asl+9bdm0TeSvn9r/O8sCMPe6OQ4Bqr4X3WrBuL8=
Subject key identifier: 72:04:0B:A0:DB:D3:B5:6F:DF:2D:2B:64:F5:48:E6:78:5D:9B:CD:BD
Certificate issuer: /CN=A918BCEE/serialNumber=F40BE8B5AD16B1847FC0D4F4708F9D414931ABA6
Certificate serial: 02A3
Authority key identifier: F4:0B:E8:B5:AD:16:B1:84:7F:C0:D4:F4:70:8F:9D:41:49:31:AB:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Avota0WsYR_wNT0cI-dQUkxq6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/E6E564502DD811EF8471C475C4F9AE02.roa
Signing time: Thu 27 Mar 2025 02:08:32 +0000
ROA not before: Thu 27 Mar 2025 02:08:32 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9009
IP address blocks: 36.255.207.0/24 maxlen: 24
2404:5d80:8600::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 675 (0x2a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BCEE
Validity
Not Before: Mar 27 02:08:32 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e4b320-28b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e6:41:04:13:f9:9f:3a:6c:f8:4e:5c:91:ee:
f1:2d:6d:76:50:b8:6f:55:70:97:4e:31:ba:f1:ca:
e2:91:d0:4d:6e:df:3e:13:7b:91:f5:6e:23:24:c3:
16:99:7a:55:c2:8b:bf:dd:58:e6:8c:44:4b:5e:d2:
33:c9:ae:5e:28:f6:61:57:1b:d8:97:41:8b:03:1a:
4b:11:df:7f:96:bc:1f:51:cd:5e:32:0e:87:60:50:
5b:63:af:5f:20:0f:c1:c2:a3:56:34:dc:69:6c:d1:
3c:f7:f2:e1:d0:c0:a7:ef:c1:6f:88:bc:ec:70:b7:
89:94:e0:5f:00:04:9b:26:fd:ef:a0:49:b2:75:8b:
45:13:be:c8:96:72:4b:9d:3d:d4:b3:ce:81:20:cf:
06:93:09:75:0d:c0:bf:8f:fd:80:9d:7f:7c:34:72:
f4:5f:fc:6e:b2:4b:e8:5e:39:23:b6:e2:d2:62:c7:
51:6d:1f:48:13:3d:78:17:d8:3d:32:63:da:e8:3f:
8a:9e:99:2a:94:c0:42:60:02:4a:cf:af:37:e3:d7:
67:a8:2a:39:17:37:b8:89:12:4f:f2:39:7d:d2:e8:
a0:95:f2:f9:81:93:e8:91:f1:3a:65:26:8c:90:a6:
9f:f9:c9:9f:1c:6d:a4:74:55:93:67:81:8c:1f:16:
3e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:04:0B:A0:DB:D3:B5:6F:DF:2D:2B:64:F5:48:E6:78:5D:9B:CD:BD
X509v3 Authority Key Identifier:
keyid:F4:0B:E8:B5:AD:16:B1:84:7F:C0:D4:F4:70:8F:9D:41:49:31:AB:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/9Avota0WsYR_wNT0cI-dQUkxq6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Avota0WsYR_wNT0cI-dQUkxq6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/E6E564502DD811EF8471C475C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.207.0/24
IPv6:
2404:5d80:8600::/40
Signature Algorithm: sha256WithRSAEncryption
92:92:52:6f:a4:ee:73:a5:02:4d:cc:50:8c:e9:1d:c5:8d:84:
45:7b:e2:fd:e7:16:cf:ac:c4:2d:6f:2b:1c:dc:ae:a8:13:ee:
8c:aa:52:97:76:31:6a:55:4f:36:d7:3c:41:c8:bf:96:27:78:
77:1c:69:42:33:63:f1:e6:f4:22:53:ef:9f:ec:ff:6b:b7:31:
d7:98:27:f1:ac:ad:1c:58:95:04:9a:9a:f2:44:b1:f7:8d:fe:
07:93:5a:bc:5b:a9:34:f2:88:a7:31:3c:af:28:cd:fb:48:7e:
d6:dd:f6:a3:44:98:52:6c:08:90:07:80:ee:29:80:3a:1b:1a:
17:26:b1:2d:51:b0:45:32:2b:f3:7f:a7:b6:06:28:52:cc:34:
27:5e:7f:53:a8:91:8e:f6:a6:aa:22:52:10:7c:21:a9:57:ef:
59:48:4e:ab:83:a0:80:b4:e7:8e:e0:65:d5:18:9d:e6:f4:d6:
9a:bd:55:07:3c:e9:79:4c:96:ab:c9:97:39:a6:21:d1:14:c3:
db:fe:f5:3e:3c:13:7a:0b:a3:0d:31:90:55:ba:02:6d:b0:91:
99:dd:81:5c:28:3a:32:bd:54:2f:95:0f:c8:38:cd:ea:19:8e:
78:65:94:36:14:57:12:c8:fb:ef:1e:c6:4d:b2:af:75:01:1d:
17:0e:9e:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICAqMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJDRUUxMTAvBgNVBAUTKEY0MEJFOEI1QUQxNkIxODQ3RkMwRDRGNDcwOEY5RDQx
NDkzMUFCQTYwHhcNMjUwMzI3MDIwODMyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0YjMyMC0yOGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuOZBBBP5nzps+E5cke7xLW12ULhvVXCXTjG68crikdBNbt8+E3uR9W4jJMMW
mXpVwou/3VjmjERLXtIzya5eKPZhVxvYl0GLAxpLEd9/lrwfUc1eMg6HYFBbY69f
IA/BwqNWNNxpbNE89/Lh0MCn78FviLzscLeJlOBfAASbJv3voEmydYtFE77IlnJL
nT3Us86BIM8Gkwl1DcC/j/2AnX98NHL0X/xuskvoXjkjtuLSYsdRbR9IEz14F9g9
MmPa6D+KnpkqlMBCYAJKz68349dnqCo5Fze4iRJP8jl90uiglfL5gZPokfE6ZSaM
kKaf+cmfHG2kdFWTZ4GMHxY+zwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHIEC6Db
07Vv3y0rZPVI5nhdm829MB8GA1UdIwQYMBaAFPQL6LWtFrGEf8DU9HCPnUFJMaum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkNFRS82OEMzNTYzMDEz
RkYxMUVEQTNGMzM5NDFDNEY5QUUwMi85QXZvdGEwV3NZUl93TlQwY0ktZFFVa3hx
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlBdm90YTBXc1lSX3dOVDBjSS1kUVVreHE2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJDRUUvNjhDMzU2MzAxM0ZGMTFFREEzRjMzOTQxQzRGOUFFMDIvRTZFNTY0NTAy
REQ4MTFFRjg0NzFDNDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAAk/88wDgQCAAIwCAMGACQEXYCGMA0GCSqGSIb3DQEBCwUA
A4IBAQCSklJvpO5zpQJNzFCM6R3FjYRFe+L95xbPrMQtbysc3K6oE+6MqlKXdjFq
VU821zxByL+WJ3h3HGlCM2Px5vQiU++f7P9rtzHXmCfxrK0cWJUEmpryRLH3jf4H
k1q8W6k08oinMTyvKM37SH7W3fajRJhSbAiQB4DuKYA6GxoXJrEtUbBFMivzf6e2
BihSzDQnXn9TqJGO9qaqIlIQfCGpV+9ZSE6rg6CAtOeO4GXVGJ3m9NaavVUHPOl5
TJaryZc5piHRFMPb/vU+PBN6C6MNMZBVugJtsJGZ3YFcKDoyvVQvlQ/IOM3qGY54
ZZQ2FFcSyPvvHsZNsq91AR0XDp4R
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:38:05 2025 by rpki-client