Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/35154B601E0111E9A590C837C4F9AE02.roa
File: 35154B601E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier: Aq+TU9CK0yjVgtsDSkxfU41uLwLxNHJt6ogV3hUsL9k=
Subject key identifier: B1:A2:20:8C:75:52:95:C8:53:B5:1C:90:BE:18:04:A8:F5:88:08:59
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 387C
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/35154B601E0111E9A590C837C4F9AE02.roa
Signing time: Tue 16 Jul 2024 14:30:24 +0000
ROA not before: Tue 16 Jul 2024 14:30:24 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133167
IP address blocks: 61.90.249.0/24 maxlen: 24
110.170.151.0/24 maxlen: 24
2001:fb0:1035::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14460 (0x387c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC
Validity
Not Before: Jul 16 14:30:24 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66968400-3369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:be:b9:05:ca:a8:0f:ed:a1:15:f2:81:b9:
d4:8c:7b:b2:b9:85:7f:42:c5:39:86:2b:90:7a:2d:
96:ef:97:a0:ca:c0:37:35:44:5d:51:20:7d:eb:b1:
79:7d:fa:6f:4b:93:45:b0:58:49:34:2f:3b:74:54:
4d:22:a5:e6:d4:f8:9e:c1:37:7b:ae:d9:2a:e5:e3:
fa:e4:b9:ad:4b:30:6f:bc:3e:95:d0:fd:7c:4e:fa:
75:87:49:ff:5c:67:4b:c9:04:cd:4c:d9:50:6b:68:
bb:c4:59:37:0f:91:20:72:41:19:71:8f:a1:98:ef:
df:2b:78:c2:21:1b:a9:1e:c6:69:74:f7:65:28:84:
08:f8:76:98:82:69:da:27:f7:5d:03:de:37:7c:d7:
e4:c2:bf:0a:b6:1d:10:c0:55:22:c7:85:9d:ae:26:
51:bd:8c:a9:94:0c:e2:ac:20:58:a2:27:9e:df:75:
d8:7d:a0:2a:9b:47:6e:4f:84:5b:fb:59:ff:91:1a:
7e:47:de:0b:a8:99:b4:83:41:a3:40:c7:e3:5d:f6:
27:0f:4c:ca:8e:b5:e9:7f:66:b8:9f:18:80:0c:b7:
cf:7b:96:0e:b4:0b:d3:4f:d2:f2:1e:c9:c8:ad:90:
90:17:dc:4b:76:ad:ee:6d:2b:c5:95:41:a3:1a:35:
6b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A2:20:8C:75:52:95:C8:53:B5:1C:90:BE:18:04:A8:F5:88:08:59
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/35154B601E0111E9A590C837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.90.249.0/24
110.170.151.0/24
IPv6:
2001:fb0:1035::/48
Signature Algorithm: sha256WithRSAEncryption
0d:87:f9:93:0c:f8:58:c2:63:b0:89:41:73:83:26:a9:8e:42:
64:c8:02:f7:6b:c2:d2:b6:2f:c1:91:09:78:cb:5d:23:40:8c:
c2:2d:75:55:89:1e:15:ea:4c:8b:1b:f8:f8:18:66:38:31:b4:
7b:fd:59:b3:0b:ea:8f:76:80:ed:21:1c:b5:2e:48:92:c4:1e:
4d:15:1e:15:27:b4:f5:cb:2b:d5:f2:43:f2:66:ab:e3:26:d1:
d4:86:1d:a6:9a:73:b7:19:1c:f5:64:a8:d9:da:e1:69:e1:9c:
ca:4e:64:31:92:df:16:9a:ae:e4:98:6a:c1:16:e6:bc:39:33:
36:09:44:61:2a:35:dd:c7:29:8e:53:fb:9b:1b:b7:62:1a:50:
d5:da:77:49:cc:64:47:1f:ca:e0:ce:0f:ab:fd:b5:c9:8f:f5:
c8:02:88:ed:80:93:3a:d2:30:29:9d:26:f8:a7:86:97:85:25:
ad:2c:1d:0d:4e:ba:16:ff:1a:77:7e:29:63:da:ea:bb:94:c0:
63:29:ca:de:06:26:00:20:e3:5a:d2:9d:7c:66:44:d5:2b:7d:
e6:66:3f:21:3a:ac:fe:d1:53:66:b7:f6:6d:27:b8:14:43:66:
17:ce:2a:c4:57:d2:bb:9d:38:fd:10:9b:ba:42:ef:2d:af:01:
9c:35:20:75
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICOHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjQwNzE2MTQzMDI0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk2ODQwMC0zMzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvtG+uQXKqA/toRXygbnUjHuyuYV/QsU5hiuQei2W75egysA3NURdUSB967F5
ffpvS5NFsFhJNC87dFRNIqXm1PiewTd7rtkq5eP65LmtSzBvvD6V0P18Tvp1h0n/
XGdLyQTNTNlQa2i7xFk3D5EgckEZcY+hmO/fK3jCIRupHsZpdPdlKIQI+HaYgmna
J/ddA943fNfkwr8Kth0QwFUix4WdriZRvYyplAzirCBYoiee33XYfaAqm0duT4Rb
+1n/kRp+R94LqJm0g0GjQMfjXfYnD0zKjrXpf2a4nxiADLfPe5YOtAvTT9LyHsnI
rZCQF9xLdq3ubSvFlUGjGjVrtQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLGiIIx1
UpXIU7UckL4YBKj1iAhZMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvMzUxNTRCNjAx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAA9WvkDBABuqpcwDwQCAAIwCQMHACABD7AQNTANBgkqhkiG
9w0BAQsFAAOCAQEADYf5kwz4WMJjsIlBc4MmqY5CZMgC92vC0rYvwZEJeMtdI0CM
wi11VYkeFepMixv4+BhmODG0e/1Zswvqj3aA7SEctS5IksQeTRUeFSe09csr1fJD
8mar4ybR1IYdpppztxkc9WSo2drhaeGcyk5kMZLfFpqu5JhqwRbmvDkzNglEYSo1
3ccpjlP7mxu3YhpQ1dp3ScxkRx/K4M4Pq/21yY/1yAKI7YCTOtIwKZ0m+KeGl4Ul
rSwdDU66Fv8ad34pY9rqu5TAYynK3gYmACDjWtKdfGZE1St95mY/ITqs/tFTZrf2
bSe4FENmF84qxFfSu504/RCbukLvLa8BnDUgdQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:09:47 2025 by rpki-client