Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/23A38F44D74C11EF9514995EC4F9AE02.roa
File: 23A38F44D74C11EF9514995EC4F9AE02.roa (raw, json)
Hash identifier: cj/OytvVnHfcbk5Gia2XhIeg24Q5C0dlS7O/OI0qxz0=
Subject key identifier: C2:91:71:7F:CB:01:70:33:10:0E:7E:22:46:DF:32:99:9F:EA:C0:B6
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 0AAA
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/23A38F44D74C11EF9514995EC4F9AE02.roa
Signing time: Mon 10 Mar 2025 20:40:39 +0000
ROA not before: Mon 10 Mar 2025 20:40:39 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 24105
IP address blocks: 110.34.36.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2730 (0xaaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB
Validity
Not Before: Mar 10 20:40:39 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cf4e46-4413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f0:3a:96:d1:02:3b:21:f4:65:8b:8b:9c:e9:
8f:96:b9:5e:35:51:68:4b:2e:32:f3:3b:3e:74:d2:
cb:20:c3:b0:14:f8:88:ad:60:e2:ac:b6:2a:80:d4:
0e:e6:c1:3e:b6:3f:cf:e8:50:fe:b0:0a:65:7c:f4:
11:75:5b:b2:a6:7f:30:ba:0b:d2:9a:e7:60:e9:5f:
57:61:ff:38:04:90:74:65:a9:29:8d:16:f8:cb:64:
18:b8:09:54:ba:01:58:60:23:1f:57:6e:ce:b1:df:
9e:fc:9a:f5:64:1c:36:5b:13:bf:94:db:93:08:68:
45:1b:0a:2e:80:e8:1b:00:e2:c5:22:72:15:49:09:
15:af:ad:a8:d0:d6:66:9d:b2:27:ea:b8:aa:ed:87:
31:7e:5c:07:ce:b7:0a:2f:80:f0:91:bd:44:d3:e5:
ef:13:60:d3:9e:a3:61:b8:20:5e:87:08:8d:b6:a9:
6d:68:10:32:bb:a5:01:e1:ad:35:5f:5d:6a:df:7a:
17:84:17:5b:37:99:c5:3b:1a:83:ee:07:5f:64:b6:
0b:c8:38:59:0f:7a:34:7f:27:7d:e5:37:db:4a:43:
75:26:33:98:05:af:a6:38:6a:8c:34:03:48:a3:6f:
fa:de:d6:c6:f2:05:26:40:25:01:bd:5f:ad:a4:30:
b7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:91:71:7F:CB:01:70:33:10:0E:7E:22:46:DF:32:99:9F:EA:C0:B6
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/23A38F44D74C11EF9514995EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.34.36.0/24
192.135.90.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:1a:ad:9e:db:d7:de:9a:e4:00:67:e8:6a:3a:98:20:47:32:
29:c0:79:4a:cf:88:13:c1:39:00:05:e3:06:92:75:7c:e4:dd:
24:28:99:1f:6d:f5:cd:27:b2:1e:87:63:e9:2f:b7:55:29:c2:
e4:44:9f:f1:25:1f:8b:cd:75:41:5f:b5:c9:83:c0:ae:bf:bb:
75:08:58:44:ee:e1:6d:97:b7:22:7e:ef:05:1f:4e:85:13:6c:
af:4e:a4:25:f9:20:8f:c6:05:5c:cd:51:17:d7:5f:4d:e2:e8:
24:cb:75:8a:d6:8f:93:85:2f:c3:d8:a0:ab:72:26:21:30:bb:
1e:ad:2c:82:18:53:c5:8d:47:3d:76:77:0d:0c:05:7d:de:14:
3f:57:14:0a:9b:59:ba:b5:43:df:6c:10:c3:ca:f6:1d:25:a8:
36:5b:a8:a8:d4:4c:be:3f:73:44:7c:f2:90:7c:7c:c8:7c:64:
44:a1:03:0b:ea:38:88:6b:69:22:0e:2c:f3:97:b4:ea:73:63:
da:09:07:79:a0:d3:c2:2c:08:b4:b4:9d:76:86:63:af:5d:0b:
a7:68:ce:f8:ff:c6:76:73:8a:a6:61:6a:09:e9:0c:90:22:51:
d9:16:9f:60:31:11:ab:ac:e6:e3:20:ad:81:4c:91:6b:28:cd:
29:4d:84:37
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjUwMzEwMjA0MDM5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmNGU0Ni00NDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArfA6ltECOyH0ZYuLnOmPlrleNVFoSy4y8zs+dNLLIMOwFPiIrWDirLYqgNQO
5sE+tj/P6FD+sAplfPQRdVuypn8wugvSmudg6V9XYf84BJB0ZakpjRb4y2QYuAlU
ugFYYCMfV27Osd+e/Jr1ZBw2WxO/lNuTCGhFGwougOgbAOLFInIVSQkVr62o0NZm
nbIn6riq7YcxflwHzrcKL4Dwkb1E0+XvE2DTnqNhuCBehwiNtqltaBAyu6UB4a01
X11q33oXhBdbN5nFOxqD7gdfZLYLyDhZD3o0fyd95TfbSkN1JjOYBa+mOGqMNANI
o2/63tbG8gUmQCUBvV+tpDC3NwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMKRcX/L
AXAzEA5+IkbfMpmf6sC2MB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvMjNBMzhGNDRE
NzRDMTFFRjk1MTQ5OTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABuIiQDBAHAh1owDQYJKoZIhvcNAQELBQADggEBAI0arZ7b
196a5ABn6Go6mCBHMinAeUrPiBPBOQAF4waSdXzk3SQomR9t9c0nsh6HY+kvt1Up
wuREn/ElH4vNdUFftcmDwK6/u3UIWETu4W2XtyJ+7wUfToUTbK9OpCX5II/GBVzN
URfXX03i6CTLdYrWj5OFL8PYoKtyJiEwux6tLIIYU8WNRz12dw0MBX3eFD9XFAqb
Wbq1Q99sEMPK9h0lqDZbqKjUTL4/c0R88pB8fMh8ZEShAwvqOIhraSIOLPOXtOpz
Y9oJB3mg08IsCLS0nXaGY69dC6dozvj/xnZziqZhagnpDJAiUdkWn2AxEaus5uMg
rYFMkWsozSlNhDc=
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:46:40 2025 by rpki-client