Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/23A38F44D74C11EF9514995EC4F9AE02.roa
File: 23A38F44D74C11EF9514995EC4F9AE02.roa (raw, json)
Hash identifier: uQ6I3e0o8JnPRZxIvKe74jd/emFKj+hEJegapcf9rgQ=
Subject key identifier: DE:DE:AA:41:41:DE:43:9F:74:CC:69:17:2A:88:1F:C7:DF:37:D1:56
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 0A87
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/23A38F44D74C11EF9514995EC4F9AE02.roa
Signing time: Mon 20 Jan 2025 16:32:29 +0000
ROA not before: Mon 20 Jan 2025 16:32:29 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 24105
IP address blocks: 110.34.36.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2695 (0xa87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: Jan 20 16:32:29 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=678e7a9d-dc63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:8f:10:ac:2c:96:3a:48:59:bd:77:c6:c6:
7e:fa:90:d1:33:e6:c3:82:c3:f5:5f:d1:1b:91:14:
d9:ff:e4:e7:65:e2:2f:4f:91:dd:6a:2c:50:60:93:
0e:25:b4:32:bb:20:4e:98:ed:d7:f2:c6:b8:0e:b1:
71:6b:d6:3b:76:ab:9d:88:0e:7c:bf:4c:af:42:a0:
66:99:29:4e:cb:89:07:a2:34:31:d1:0d:7c:33:fd:
a4:33:94:8b:48:ab:d9:c2:ab:9d:d1:9b:40:8e:81:
36:75:ca:58:af:ae:63:c5:c9:8c:49:db:e3:58:cc:
dc:7f:d5:a4:e9:c0:a5:cc:ac:77:2d:56:25:2f:ec:
6d:0c:82:7e:77:0e:70:34:eb:01:77:d7:cd:f5:9f:
4c:85:e7:ea:cc:2a:c6:64:d7:8a:d9:5f:da:2a:93:
87:cb:38:de:40:cb:7e:23:e9:ab:94:40:3b:1f:4a:
2f:f4:5d:92:75:ed:b6:09:89:d8:9e:96:c1:c5:79:
36:c2:c9:48:40:07:55:66:07:ad:53:7b:42:37:c3:
e8:f0:16:f7:d4:aa:6c:aa:cd:c5:e1:39:6f:07:d1:
a8:f2:95:4c:5d:86:80:45:07:db:24:4a:04:60:07:
1b:c3:3e:0a:80:aa:ce:9d:6d:c1:1c:0b:4f:8d:8d:
64:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:DE:AA:41:41:DE:43:9F:74:CC:69:17:2A:88:1F:C7:DF:37:D1:56
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/23A38F44D74C11EF9514995EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.34.36.0/24
192.135.90.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:30:a0:84:05:ab:57:ab:b7:30:e2:1c:1f:d8:f8:dd:db:1f:
cc:cd:8b:77:97:1e:b9:db:c0:5d:32:19:84:24:9f:aa:08:25:
3a:e4:b1:44:96:da:ed:7a:a8:42:46:3a:e7:b3:1f:3d:75:e2:
89:ab:6e:d4:db:2b:99:59:ea:76:c2:77:11:b8:04:49:a0:32:
37:68:3b:33:19:37:ef:62:3d:0c:8b:53:3d:9e:4a:63:17:a3:
9f:b6:7a:62:1f:0f:0c:f9:82:6c:6e:19:06:5b:62:73:53:73:
d6:ea:b7:7c:98:2c:48:c8:03:6c:4f:0e:7a:11:f5:a0:cc:a9:
b3:5d:54:4b:00:3e:40:8c:2e:2f:e5:76:2b:49:b7:a1:ab:ed:
c5:4d:3e:a5:8b:7f:1f:d8:37:ab:99:6f:96:3a:67:1a:91:ff:
0e:3d:41:00:f3:7d:5a:cf:8a:01:01:b9:84:0a:a9:05:b5:39:
22:5f:95:15:ce:fd:df:7f:98:55:93:cf:60:ff:5f:af:31:b5:
4f:9a:6e:08:40:e9:51:c5:24:b1:93:71:88:f4:e0:b0:e8:58:
6c:cb:59:ca:ab:1c:cf:45:64:5f:d1:4f:67:a2:a2:f6:5a:cf:
54:3c:54:01:30:43:66:03:c7:b1:c3:6b:48:27:1a:11:c2:f3:
2d:5e:a2:d2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjUwMTIwMTYzMjI5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhlN2E5ZC1kYzYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApvaPEKwsljpIWb13xsZ++pDRM+bDgsP1X9EbkRTZ/+TnZeIvT5HdaixQYJMO
JbQyuyBOmO3X8sa4DrFxa9Y7dqudiA58v0yvQqBmmSlOy4kHojQx0Q18M/2kM5SL
SKvZwqud0ZtAjoE2dcpYr65jxcmMSdvjWMzcf9Wk6cClzKx3LVYlL+xtDIJ+dw5w
NOsBd9fN9Z9MhefqzCrGZNeK2V/aKpOHyzjeQMt+I+mrlEA7H0ov9F2Sde22CYnY
npbBxXk2wslIQAdVZgetU3tCN8Po8Bb31Kpsqs3F4TlvB9Go8pVMXYaARQfbJEoE
YAcbwz4KgKrOnW3BHAtPjY1kZwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN7eqkFB
3kOfdMxpFyqIH8ffN9FWMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvMjNBMzhGNDRE
NzRDMTFFRjk1MTQ5OTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABuIiQDBAHAh1owDQYJKoZIhvcNAQELBQADggEBAKEwoIQF
q1ertzDiHB/Y+N3bH8zNi3eXHrnbwF0yGYQkn6oIJTrksUSW2u16qEJGOuezHz11
4omrbtTbK5lZ6nbCdxG4BEmgMjdoOzMZN+9iPQyLUz2eSmMXo5+2emIfDwz5gmxu
GQZbYnNTc9bqt3yYLEjIA2xPDnoR9aDMqbNdVEsAPkCMLi/lditJt6Gr7cVNPqWL
fx/YN6uZb5Y6ZxqR/w49QQDzfVrPigEBuYQKqQW1OSJflRXO/d9/mFWTz2D/X68x
tU+abghA6VHFJLGTcYj04LDoWGzLWcqrHM9FZF/RT2eiovZaz1Q8VAEwQ2YDx7HD
a0gnGhHC8y1eotI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:43:29 2025 by rpki-client