Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3DC39FDAE82D11EF86C76B75C4F9AE02.roa
File: 3DC39FDAE82D11EF86C76B75C4F9AE02.roa (raw, json)
Hash identifier: CB42rPIllKFi14OnASR8kG8ELcV0c2sBojJ+pQ7hSCE=
Subject key identifier: 40:C9:9C:78:85:DE:26:A7:F8:B9:5C:66:69:92:2A:B3:F6:86:BD:29
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 071D
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3DC39FDAE82D11EF86C76B75C4F9AE02.roa
Signing time: Tue 11 Feb 2025 04:04:08 +0000
ROA not before: Tue 11 Feb 2025 04:04:08 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 136173
IP address blocks: 36.255.192.0/24 maxlen: 24
43.229.155.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1821 (0x71d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Feb 11 04:04:08 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67aacc38-4422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:94:8f:2e:8b:29:bd:06:73:ff:33:81:95:67:
c6:a5:2e:66:ff:18:c4:c2:05:ae:04:28:19:0d:6e:
e6:26:4d:37:f7:be:fb:a6:c4:34:d6:a5:10:50:1a:
a9:d4:b2:15:0b:24:44:bc:95:66:38:69:0b:51:ad:
9b:68:9b:6e:f8:81:93:9f:79:26:e0:f8:6c:ee:25:
dd:9e:47:50:57:ee:13:2a:91:e2:d0:e3:65:3d:16:
15:52:65:8f:8f:e3:53:47:d9:5b:bb:2f:d6:a1:c4:
a7:5a:7c:79:50:1a:44:33:78:b1:2b:c9:67:11:1b:
eb:95:34:aa:0d:cb:03:3f:c5:51:98:ee:63:c7:a1:
dc:15:1a:49:d5:81:79:78:b9:10:80:39:88:05:8d:
88:7e:13:65:ca:4a:52:0d:44:bb:3b:11:d5:78:fc:
25:1d:f1:a9:32:98:eb:dd:7b:a4:0c:6d:78:40:cf:
23:e9:e6:33:53:07:5f:65:04:28:9b:72:4d:33:c5:
97:0c:2d:9b:5b:c1:10:08:df:c0:e5:9a:f7:96:a3:
92:3b:6a:43:66:73:86:50:f0:a4:d8:ea:bc:ff:4a:
7e:65:6b:6e:1f:9e:93:fb:dd:ee:0f:8c:03:b2:3c:
47:d1:c2:99:89:4c:8b:59:27:ef:5d:d6:e6:e5:74:
63:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C9:9C:78:85:DE:26:A7:F8:B9:5C:66:69:92:2A:B3:F6:86:BD:29
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3DC39FDAE82D11EF86C76B75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.192.0/24
43.229.155.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:2d:f1:b8:a5:26:38:89:0e:c6:a0:37:84:aa:08:ab:b9:37:
0c:1a:f9:8e:46:22:81:d0:67:fc:60:13:fc:e1:2e:83:ac:b5:
f4:0d:a0:ad:33:ff:1d:99:96:f3:7a:59:dc:eb:50:bf:1b:8d:
0d:83:82:0e:86:fb:ed:37:87:54:60:b8:03:ee:9d:a1:bb:de:
0c:78:c3:e0:d1:c0:2f:41:0e:f4:50:a1:a0:0e:b5:d6:02:d8:
a7:f9:1c:28:da:f6:e3:19:44:41:0a:81:80:8a:57:1a:cb:03:
9d:05:e1:32:58:0b:2d:c3:94:67:b6:b2:ee:a3:1b:dc:90:4b:
3f:5c:df:05:29:8f:e2:56:07:58:e2:e5:94:fb:7b:c8:89:26:
38:60:18:28:77:51:5a:c8:54:df:f0:32:1f:55:8d:ca:a2:25:
eb:e1:5f:1d:de:56:b0:51:b8:b4:5f:ca:d3:11:b1:9a:89:9b:
74:3f:98:b2:7d:98:7e:f9:80:99:a6:c3:d9:4c:e3:11:96:e0:
7e:fc:67:57:0b:8b:3d:8c:15:76:ab:bf:dc:11:c6:ee:f3:ce:
35:e8:78:7c:2e:b8:51:bf:11:d3:3e:f1:8d:fc:a5:8b:25:26:
d7:cf:85:e6:82:40:15:90:a3:76:1f:8f:88:10:5d:3b:7d:0f:
a8:fc:c6:9c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMjExMDQwNDA4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhY2MzOC00NDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7JSPLospvQZz/zOBlWfGpS5m/xjEwgWuBCgZDW7mJk039777psQ01qUQUBqp
1LIVCyREvJVmOGkLUa2baJtu+IGTn3km4Phs7iXdnkdQV+4TKpHi0ONlPRYVUmWP
j+NTR9lbuy/WocSnWnx5UBpEM3ixK8lnERvrlTSqDcsDP8VRmO5jx6HcFRpJ1YF5
eLkQgDmIBY2IfhNlykpSDUS7OxHVePwlHfGpMpjr3XukDG14QM8j6eYzUwdfZQQo
m3JNM8WXDC2bW8EQCN/A5Zr3lqOSO2pDZnOGUPCk2Oq8/0p+ZWtuH56T+93uD4wD
sjxH0cKZiUyLWSfvXdbm5XRj+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEDJnHiF
3ian+LlcZmmSKrP2hr0pMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvM0RDMzlGREFF
ODJEMTFFRjg2Qzc2Qjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAk/8ADBAAr5ZswDQYJKoZIhvcNAQELBQADggEBALMt8bil
JjiJDsagN4SqCKu5Nwwa+Y5GIoHQZ/xgE/zhLoOstfQNoK0z/x2ZlvN6WdzrUL8b
jQ2Dgg6G++03h1RguAPunaG73gx4w+DRwC9BDvRQoaAOtdYC2Kf5HCja9uMZREEK
gYCKVxrLA50F4TJYCy3DlGe2su6jG9yQSz9c3wUpj+JWB1ji5ZT7e8iJJjhgGCh3
UVrIVN/wMh9VjcqiJevhXx3eVrBRuLRfytMRsZqJm3Q/mLJ9mH75gJmmw9lM4xGW
4H78Z1cLiz2MFXarv9wRxu7zzjXoeHwuuFG/EdM+8Y38pYslJtfPheaCQBWQo3Yf
j4gQXTt9D6j8xpw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:47 2025 by rpki-client