Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa
File: 2A3B0CECF89E11EFBEB09C18C4F9AE02.roa (raw, json)
Hash identifier: PkbRupW5bn+ucU9bJZqykLgwHdqi0bZNiDs5XjA8wiY=
Subject key identifier: 26:D4:7A:4F:33:61:7B:EF:10:F5:4D:C1:1C:05:DB:BB:42:ED:5C:BF
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0737
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa
Signing time: Tue 04 Mar 2025 02:27:52 +0000
ROA not before: Tue 04 Mar 2025 02:27:52 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 62610
IP address blocks: 36.255.195.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.129.40.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1847 (0x737)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Mar 4 02:27:52 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c66528-ef72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1b:5d:75:9b:56:37:3b:8d:ab:b0:1e:04:1a:
e1:e6:68:8d:8a:1b:2b:7f:db:fb:f3:81:15:e0:0c:
93:23:57:0f:9e:f2:3f:bc:c6:82:2f:ca:2d:e2:a7:
22:f5:c2:f6:6d:8d:fc:2f:b4:69:0c:5c:8f:5d:15:
b1:6c:a2:35:68:98:e6:28:62:4d:1a:95:f0:f5:9d:
7e:c8:b4:f6:c4:42:7b:8b:8e:17:f7:bf:1e:a7:69:
6e:4e:c4:c0:1c:52:45:92:02:ef:4c:38:42:49:ba:
fd:49:83:d3:71:e7:f4:16:43:b0:a4:64:f8:73:c9:
af:e4:a6:16:be:dc:b1:42:54:f9:2c:70:b2:91:3b:
35:b2:de:48:b6:00:30:02:c8:0d:35:22:a7:55:1c:
89:3a:6f:59:15:75:8c:e5:c2:6e:e3:84:cd:38:90:
86:df:bc:ac:bf:e7:97:49:80:4b:17:ed:40:20:42:
ec:4a:b6:70:7b:fd:7f:cc:a0:fe:17:43:62:da:67:
8c:19:e2:3b:4f:02:c5:87:fe:e4:ca:58:c9:e5:d8:
fb:aa:92:81:54:af:1e:5f:ef:7d:06:13:f2:3f:bc:
da:3c:6b:8f:a6:76:27:71:e9:b3:f8:42:40:b4:18:
fa:51:bc:dd:0f:b0:87:43:33:b8:10:ef:19:a5:c2:
6b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D4:7A:4F:33:61:7B:EF:10:F5:4D:C1:1C:05:DB:BB:42:ED:5C:BF
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.195.0/24
150.107.0.0/24
150.129.40.0/24
150.129.42.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a9:54:a6:5b:c4:8b:88:87:e1:7f:b8:55:20:34:87:5f:eb:
97:cc:6c:21:34:fe:a1:52:65:be:a2:d1:64:0e:21:9e:43:5d:
6d:bc:46:48:cc:fb:bf:00:7b:37:ae:c0:ee:25:50:1d:ab:51:
65:7f:39:21:0e:17:d3:22:4b:ab:d3:fe:80:c0:e8:55:56:8c:
58:7e:f3:14:17:77:40:6e:b5:fc:14:04:7a:76:3d:f9:fb:14:
86:4e:59:fc:e7:15:8b:0d:1f:bd:5e:8c:a3:d2:c0:1f:ac:99:
f5:2f:70:94:c3:60:83:33:33:90:12:45:f9:19:bf:68:8a:15:
f2:f9:64:8a:73:3c:d5:b6:a6:45:b8:f1:6c:07:6a:e8:19:2e:
fb:9e:64:56:ee:71:bb:e6:90:58:54:48:7b:05:86:0f:f3:e8:
ca:2f:24:0f:2b:13:d6:f4:88:93:d1:5c:c5:ed:55:79:17:c3:
31:21:bb:ce:f6:7a:0a:29:71:b1:38:75:b8:0a:a6:55:db:a5:
71:d1:51:05:a6:a2:d7:38:68:23:2c:2b:df:99:c8:79:6e:71:
46:07:14:f6:99:66:73:c8:7e:98:0c:bd:85:82:a7:85:46:c2:
3f:f9:7c:64:35:99:aa:01:bb:48:a9:76:ca:a5:c6:18:4c:d3:
44:7d:d7:fe
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMzA0MDIyNzUyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M2NjUyOC1lZjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3xtddZtWNzuNq7AeBBrh5miNihsrf9v784EV4AyTI1cPnvI/vMaCL8ot4qci
9cL2bY38L7RpDFyPXRWxbKI1aJjmKGJNGpXw9Z1+yLT2xEJ7i44X978ep2luTsTA
HFJFkgLvTDhCSbr9SYPTcef0FkOwpGT4c8mv5KYWvtyxQlT5LHCykTs1st5ItgAw
AsgNNSKnVRyJOm9ZFXWM5cJu44TNOJCG37ysv+eXSYBLF+1AIELsSrZwe/1/zKD+
F0Ni2meMGeI7TwLFh/7kyljJ5dj7qpKBVK8eX+99BhPyP7zaPGuPpnYncemz+EJA
tBj6UbzdD7CHQzO4EO8ZpcJrxQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFCbUek8z
YXvvEPVNwRwF27tC7Vy/MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkEzQjBDRUNG
ODlFMTFFRkJFQjA5QzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAAk/8MDBACWawADBACWgSgDBACWgSowDQYJKoZIhvcNAQEL
BQADggEBABSpVKZbxIuIh+F/uFUgNIdf65fMbCE0/qFSZb6i0WQOIZ5DXW28RkjM
+78AezeuwO4lUB2rUWV/OSEOF9MiS6vT/oDA6FVWjFh+8xQXd0ButfwUBHp2Pfn7
FIZOWfznFYsNH71ejKPSwB+smfUvcJTDYIMzM5ASRfkZv2iKFfL5ZIpzPNW2pkW4
8WwHaugZLvueZFbucbvmkFhUSHsFhg/z6MovJA8rE9b0iJPRXMXtVXkXwzEhu872
egopcbE4dbgKplXbpXHRUQWmotc4aCMsK9+ZyHlucUYHFPaZZnPIfpgMvYWCp4VG
wj/5fGQ1maoBu0ipdsqlxhhM00R91/4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:22:52 2025 by rpki-client