Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/371AC6101E0111E9A590C837C4F9AE02.roa
File: 371AC6101E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier: Dyr2503USpY++nzstoFEJPsUA2Mnm4jbi6/I3PUzWm4=
Subject key identifier: 7B:F1:DC:17:BF:E1:5F:8C:7B:98:6E:4B:D6:B9:EE:EC:40:24:DB:06
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 3884
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/371AC6101E0111E9A590C837C4F9AE02.roa
Signing time: Tue 16 Jul 2024 14:30:32 +0000
ROA not before: Tue 16 Jul 2024 14:30:32 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 134095
IP address blocks: 110.170.137.0/24 maxlen: 24
110.170.147.0/24 maxlen: 24
110.170.238.0/24 maxlen: 24
210.86.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14468 (0x3884)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC
Validity
Not Before: Jul 16 14:30:32 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66968407-78f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ba:c8:3c:65:c0:a3:61:98:b8:6f:d5:a3:bf:
87:78:61:4d:a5:83:28:05:aa:b3:a8:8a:6e:89:0c:
0a:63:18:ef:df:25:33:6b:17:8b:cd:b0:a3:89:81:
3d:0b:57:f4:44:1c:3c:02:8e:30:d5:21:23:8b:2c:
38:9a:86:e6:34:27:ba:73:4c:d0:31:23:6c:b6:60:
3e:41:b2:04:a9:e3:3b:7c:ea:d4:76:f4:ef:77:4b:
f8:81:b5:c0:67:92:a6:aa:6e:b4:e1:fd:be:ff:c9:
71:5c:f1:a0:b1:f5:8e:40:df:a0:b6:10:8c:3a:60:
ec:07:04:4b:a0:42:5b:bd:e4:6c:5e:50:29:97:2e:
d2:b3:1e:c9:3e:eb:08:de:5c:98:f9:0b:00:5c:d2:
71:d2:4c:ff:c4:66:2e:bb:a4:70:24:e1:78:1a:c8:
cb:0c:26:69:67:c0:68:7e:60:53:83:f0:06:9a:3c:
32:23:1d:60:b0:32:8b:a9:f4:85:7f:70:b9:94:af:
09:25:69:29:23:f7:36:72:35:69:ec:99:f3:d7:55:
1a:dd:29:f3:83:21:e8:36:8e:66:21:a8:03:f8:fb:
18:91:66:60:6c:5c:e8:5d:6f:0e:06:8e:77:b7:7f:
96:f8:e1:d3:ca:18:a5:80:be:7a:21:d3:80:f6:01:
54:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F1:DC:17:BF:E1:5F:8C:7B:98:6E:4B:D6:B9:EE:EC:40:24:DB:06
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/371AC6101E0111E9A590C837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.170.137.0/24
110.170.147.0/24
110.170.238.0/24
210.86.152.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:e6:a4:13:d5:58:d3:f6:aa:7d:a4:e9:dc:7a:07:84:59:32:
80:85:84:72:bf:b8:bf:5d:b1:6a:9b:63:e6:37:9d:ad:06:1c:
60:62:c0:7f:58:85:b9:b7:98:25:9d:45:d3:88:43:42:f0:d9:
ac:0a:2b:68:55:4a:28:ce:34:2f:34:ae:d9:3e:e0:93:4c:5f:
b2:81:aa:df:f9:7e:7b:2e:be:8b:bd:bf:07:b8:0e:8b:fe:e6:
26:58:bd:55:e0:14:08:db:64:d4:60:32:a4:39:e9:29:60:03:
8c:07:74:b3:c2:86:fa:4f:c2:e2:67:28:f2:5b:f3:75:df:0b:
ff:8c:0c:2a:3c:da:86:f2:8e:d1:ae:66:65:5f:39:2e:35:8c:
bb:cd:ad:b8:20:38:c4:6f:1c:23:76:59:a3:d1:18:45:48:13:
03:0d:aa:aa:1b:a2:b2:fe:6a:6a:99:67:33:97:43:49:86:30:
95:17:12:1c:54:54:27:81:df:89:fc:9a:da:b8:80:66:4f:fd:
fb:9a:cd:c6:e1:10:71:09:a0:8f:4f:c7:f3:dc:75:b7:98:58:
7c:34:4f:fa:02:38:9d:44:1f:be:be:81:8b:f9:b5:65:2a:07:
4f:cd:9a:76:d7:5b:a7:a2:79:60:59:2f:01:cd:91:bf:41:e1:
85:ad:50:41
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICOIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjQwNzE2MTQzMDMyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk2ODQwNy03OGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybrIPGXAo2GYuG/Vo7+HeGFNpYMoBaqzqIpuiQwKYxjv3yUzaxeLzbCjiYE9
C1f0RBw8Ao4w1SEjiyw4mobmNCe6c0zQMSNstmA+QbIEqeM7fOrUdvTvd0v4gbXA
Z5Kmqm604f2+/8lxXPGgsfWOQN+gthCMOmDsBwRLoEJbveRsXlAply7Ssx7JPusI
3lyY+QsAXNJx0kz/xGYuu6RwJOF4GsjLDCZpZ8BofmBTg/AGmjwyIx1gsDKLqfSF
f3C5lK8JJWkpI/c2cjVp7Jnz11Ua3SnzgyHoNo5mIagD+PsYkWZgbFzoXW8OBo53
t3+W+OHTyhilgL56IdOA9gFU5QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFHvx3Be/
4V+Me5huS9a57uxAJNsGMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvMzcxQUM2MTAx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABuqokDBABuqpMDBABuqu4DBADSVpgwDQYJKoZIhvcNAQEL
BQADggEBAD7mpBPVWNP2qn2k6dx6B4RZMoCFhHK/uL9dsWqbY+Y3na0GHGBiwH9Y
hbm3mCWdRdOIQ0Lw2awKK2hVSijONC80rtk+4JNMX7KBqt/5fnsuvou9vwe4Dov+
5iZYvVXgFAjbZNRgMqQ56SlgA4wHdLPChvpPwuJnKPJb83XfC/+MDCo82obyjtGu
ZmVfOS41jLvNrbggOMRvHCN2WaPRGEVIEwMNqqoborL+amqZZzOXQ0mGMJUXEhxU
VCeB34n8mtq4gGZP/fuazcbhEHEJoI9Px/PcdbeYWHw0T/oCOJ1EH76+gYv5tWUq
B0/NmnbXW6eieWBZLwHNkb9B4YWtUEE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:01:23 2025 by rpki-client