Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/535D1F52069511F090414823C4F9AE02.roa
File: 535D1F52069511F090414823C4F9AE02.roa (raw, json)
Hash identifier: Z1otMQWN0CbTaPhw5EvbwRe+YB3GZZkedSXo8XkS78Q=
Subject key identifier: EF:66:7E:1E:86:71:39:EF:B6:F6:FA:AD:F9:49:5C:9D:D7:C9:2C:6C
Certificate issuer: /CN=A914BAA2/serialNumber=EAA483BBBD5CA0E12B3EC0F6E70C5BAAAE34552B
Certificate serial: 1C
Authority key identifier: EA:A4:83:BB:BD:5C:A0:E1:2B:3E:C0:F6:E7:0C:5B:AA:AE:34:55:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qSDu71coOErPsD25wxbqq40VSs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/535D1F52069511F090414823C4F9AE02.roa
Signing time: Sun 23 Mar 2025 07:31:03 +0000
ROA not before: Sun 23 Mar 2025 07:31:03 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153533
IP address blocks: 163.61.0.0/23 maxlen: 23
163.61.0.0/24 maxlen: 24
163.61.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BAA2
Validity
Not Before: Mar 23 07:31:03 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dfb8b7-b4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:19:37:ef:c4:ac:a1:e9:d6:64:14:c2:43:70:
e6:9e:a1:33:72:f0:de:a5:1e:f5:4b:c9:6d:2e:5e:
65:a2:93:12:3b:0e:46:b2:a9:27:fc:a8:52:51:3a:
50:29:33:2d:90:5c:f8:d8:a0:d9:d9:d6:e8:9a:bb:
fc:d1:be:58:51:17:61:dd:13:9b:8e:d2:d9:50:7f:
a1:e8:89:27:a6:0b:6e:f8:18:e6:33:8e:59:60:b6:
40:69:40:87:d1:2d:e2:38:0e:3c:3e:01:8d:b2:86:
b0:f4:07:67:3e:b5:96:57:7f:e6:be:5d:98:4d:f1:
bb:09:b9:fd:84:eb:98:bc:d3:87:79:0b:9b:99:c4:
52:95:65:b6:51:3c:e6:f3:c1:11:17:14:fa:d2:9f:
93:91:ce:a6:29:72:aa:57:71:b6:56:11:31:e0:ad:
eb:a9:49:37:b1:09:12:98:a4:70:1c:e4:cb:ad:41:
7c:35:10:e0:1e:64:7b:ad:32:a2:84:6d:69:07:ad:
2d:32:2c:40:08:43:5c:9a:39:22:8c:56:00:3a:70:
ca:23:74:15:09:72:6a:6b:31:70:46:84:b5:aa:4b:
7a:c4:b4:ab:92:e6:d7:d0:84:d5:18:16:04:96:25:
0e:92:5d:3d:e6:52:1a:48:f8:7a:ba:4e:0d:48:70:
72:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:66:7E:1E:86:71:39:EF:B6:F6:FA:AD:F9:49:5C:9D:D7:C9:2C:6C
X509v3 Authority Key Identifier:
keyid:EA:A4:83:BB:BD:5C:A0:E1:2B:3E:C0:F6:E7:0C:5B:AA:AE:34:55:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/6qSDu71coOErPsD25wxbqq40VSs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qSDu71coOErPsD25wxbqq40VSs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/535D1F52069511F090414823C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.0.0/23
Signature Algorithm: sha256WithRSAEncryption
66:40:36:e4:1e:37:47:fd:df:30:12:48:f1:62:0f:f1:95:85:
1c:70:5c:25:4b:b8:5a:7b:0e:70:bd:86:5d:cc:7a:e9:b6:b6:
a0:33:d5:7b:0f:3d:45:2c:20:62:70:19:0d:5a:36:82:7a:4b:
c9:4a:62:57:a2:89:ed:45:45:27:57:16:1d:2d:f6:41:3b:23:
2e:ae:ea:63:a5:58:ea:80:38:b4:70:a3:00:75:07:e5:ec:2d:
5b:71:20:53:f9:11:5a:6c:e5:ed:29:9c:d0:ad:e6:13:20:05:
0d:c1:f8:e8:5a:b4:a1:a7:f6:6e:6a:30:17:82:9d:c3:7d:36:
04:e2:c5:61:ee:ef:b3:3b:53:be:ef:00:b3:f3:46:b5:c9:65:
5b:0f:d8:0b:44:ea:7f:f7:e9:03:53:58:dc:63:d9:b2:a8:ca:
0b:4c:3f:f3:e8:b4:29:5b:42:bc:14:aa:a6:7b:49:2c:e6:d1:
f5:c6:0b:03:3c:af:a4:9e:95:d1:cc:8e:87:cc:2c:1c:6b:64:
49:56:34:2d:eb:c3:23:01:9b:55:5a:63:83:b6:7d:86:e6:c6:
8c:dd:71:cb:f9:4e:75:f3:96:4d:94:64:fa:ea:fb:35:07:04:
77:fa:29:48:fe:4c:89:f6:2c:99:0b:32:b1:a0:bb:04:c9:f4:
d4:d3:c1:c5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QkFBMjExMC8GA1UEBRMoRUFBNDgzQkJCRDVDQTBFMTJCM0VDMEY2RTcwQzVCQUFB
RTM0NTUyQjAeFw0yNTAzMjMwNzMxMDNaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZGZiOGI3LWI0ZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXGTfvxKyh6dZkFMJDcOaeoTNy8N6lHvVLyW0uXmWikxI7DkayqSf8qFJROlAp
My2QXPjYoNnZ1uiau/zRvlhRF2HdE5uO0tlQf6HoiSemC274GOYzjllgtkBpQIfR
LeI4Djw+AY2yhrD0B2c+tZZXf+a+XZhN8bsJuf2E65i804d5C5uZxFKVZbZRPObz
wREXFPrSn5ORzqYpcqpXcbZWETHgreupSTexCRKYpHAc5MutQXw1EOAeZHutMqKE
bWkHrS0yLEAIQ1yaOSKMVgA6cMojdBUJcmprMXBGhLWqS3rEtKuS5tfQhNUYFgSW
JQ6SXT3mUhpI+Hq6Tg1IcHJjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU72Z+HoZx
Oe+29vqt+UlcndfJLGwwHwYDVR0jBBgwFoAU6qSDu71coOErPsD25wxbqq40VSsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCQUEyLzRERUNEMDgwRkU2
NjExRUY4OTJFNTIxNEM0RjlBRTAyLzZxU0R1NzFjb09FclBzRDI1d3hicXE0MFZT
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNnFTRHU3MWNvT0VyUHNEMjV3eGJxcTQwVlNzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QkFBMi80REVDRDA4MEZFNjYxMUVGODkyRTUyMTRDNEY5QUUwMi81MzVEMUY1MjA2
OTUxMUYwOTA0MTQ4MjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaM9ADANBgkqhkiG9w0BAQsFAAOCAQEAZkA25B43R/3fMBJI
8WIP8ZWFHHBcJUu4WnsOcL2GXcx66ba2oDPVew89RSwgYnAZDVo2gnpLyUpiV6KJ
7UVFJ1cWHS32QTsjLq7qY6VY6oA4tHCjAHUH5ewtW3EgU/kRWmzl7Smc0K3mEyAF
DcH46Fq0oaf2bmowF4Kdw302BOLFYe7vsztTvu8As/NGtcllWw/YC0Tqf/fpA1NY
3GPZsqjKC0w/8+i0KVtCvBSqpntJLObR9cYLAzyvpJ6V0cyOh8wsHGtkSVY0LevD
IwGbVVpjg7Z9hubGjN1xy/lOdfOWTZRk+ur7NQcEd/opSP5MifYsmQsysaC7BMn0
1NPBxQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 02:57:52 2025 by rpki-client