Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/8FC3656CCE6B11EF90AD9413C4F9AE02.roa
File: 8FC3656CCE6B11EF90AD9413C4F9AE02.roa (raw, json)
Hash identifier: gZtWAKAUMwr/x0EQVymUoJL6ChkEmm3s+W09M5NLn7E=
Subject key identifier: 4D:52:10:A2:D3:21:4A:05:66:99:29:30:EA:65:D4:54:4C:47:A4:C9
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0722
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/8FC3656CCE6B11EF90AD9413C4F9AE02.roa
Signing time: Tue 11 Feb 2025 04:08:57 +0000
ROA not before: Tue 11 Feb 2025 04:08:57 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 21859
IP address blocks: 36.255.193.0/24 maxlen: 24
36.255.194.0/24 maxlen: 24
43.229.152.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1826 (0x722)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Feb 11 04:08:57 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67aacd59-4c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:12:a1:f5:51:a2:49:f4:f4:c7:84:5d:79:cb:
94:40:fc:a6:aa:f8:93:d4:6d:56:63:64:a5:dc:13:
22:74:e2:8f:5c:55:7b:a5:79:ad:f0:1d:30:a2:1e:
b8:f8:33:d3:94:74:a7:d5:cc:a7:bf:9a:f5:4b:c7:
ac:03:99:ce:21:18:bc:d9:c8:8e:9e:72:37:dc:ef:
38:8d:75:01:fc:3c:02:64:54:29:fd:ed:df:a8:7e:
71:f5:13:d6:5e:e0:34:d0:10:df:30:b1:b4:07:03:
0e:9f:d4:f6:5c:52:d3:bc:fa:eb:f3:72:49:42:54:
40:11:46:30:b6:a4:35:ce:95:b7:08:e5:d1:55:90:
b9:b1:ef:fc:d4:d4:1d:e5:3f:16:70:63:10:e8:07:
c6:2d:bb:da:c9:6b:f2:55:a0:33:94:41:53:43:97:
97:54:d7:ce:0f:9f:d5:e8:5a:e0:2c:71:00:9d:0a:
52:63:ac:3e:f0:29:be:45:e0:7a:1a:7a:01:4e:c9:
8e:03:c9:6c:1f:e9:c7:10:e0:35:b5:86:96:b7:3b:
ed:3b:2d:16:f8:b0:0b:ee:43:ca:03:27:2b:e3:af:
5d:2d:c9:ec:81:80:ea:d0:c1:bf:31:ab:51:fd:5f:
25:6a:c0:16:0c:d5:38:64:c5:fb:72:73:91:c5:54:
6b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:52:10:A2:D3:21:4A:05:66:99:29:30:EA:65:D4:54:4C:47:A4:C9
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/8FC3656CCE6B11EF90AD9413C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.193.0-36.255.194.255
43.229.152.0/24
150.107.0.0/24
Signature Algorithm: sha256WithRSAEncryption
04:77:ce:58:fd:a6:04:b6:35:72:a6:1a:7f:d1:20:d6:c3:4b:
8b:44:63:f7:01:49:91:d7:62:bd:17:a6:85:7c:9f:c1:da:07:
74:17:d2:c3:4c:10:a3:5d:54:32:1c:cb:e4:56:2a:67:27:10:
0e:25:74:7c:ac:99:96:82:e9:4a:36:f4:de:a0:e4:d4:d9:5c:
be:06:41:03:36:78:a1:56:41:fe:2d:15:d3:a4:ed:be:19:f8:
25:39:1d:33:05:42:af:8d:af:57:af:59:81:9c:d2:c4:b3:7e:
eb:64:dc:54:00:5f:2f:aa:cf:43:60:d8:aa:67:38:f4:fd:41:
e2:c0:92:10:95:31:90:54:1f:9c:4f:e7:fb:a3:aa:d0:50:4d:
2c:b6:4a:e2:18:aa:15:dd:ad:29:ce:2b:41:74:4b:d1:0c:1a:
8a:51:79:4c:13:64:92:b7:3b:c3:ca:23:c9:6d:f0:81:8f:89:
5e:67:62:98:33:74:f2:f8:e1:21:d8:de:85:85:b4:56:12:24:
ed:17:e2:09:8a:57:b2:fc:81:06:25:44:62:67:77:17:43:d8:
ba:41:72:aa:8c:5d:7b:7d:fd:f0:e7:da:a2:37:6d:dc:91:9f:
1b:f9:ec:c7:b7:79:e0:33:24:33:10:ea:c6:0b:31:e8:d5:22:
d3:f4:20:97
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICByIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMjExMDQwODU3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhY2Q1OS00YzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApxKh9VGiSfT0x4RdecuUQPymqviT1G1WY2Sl3BMidOKPXFV7pXmt8B0woh64
+DPTlHSn1cynv5r1S8esA5nOIRi82ciOnnI33O84jXUB/DwCZFQp/e3fqH5x9RPW
XuA00BDfMLG0BwMOn9T2XFLTvPrr83JJQlRAEUYwtqQ1zpW3COXRVZC5se/81NQd
5T8WcGMQ6AfGLbvayWvyVaAzlEFTQ5eXVNfOD5/V6FrgLHEAnQpSY6w+8Cm+ReB6
GnoBTsmOA8lsH+nHEOA1tYaWtzvtOy0W+LAL7kPKAycr469dLcnsgYDq0MG/MatR
/V8lasAWDNU4ZMX7cnORxVRr0wIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFE1SEKLT
IUoFZpkpMOpl1FRMR6TJMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOEZDMzY1NkND
RTZCMTFFRjkwQUQ5NDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEACT/wQMEACT/wgMEACvlmAMEAJZrADANBgkqhkiG9w0B
AQsFAAOCAQEABHfOWP2mBLY1cqYaf9Eg1sNLi0Rj9wFJkddivRemhXyfwdoHdBfS
w0wQo11UMhzL5FYqZycQDiV0fKyZloLpSjb03qDk1NlcvgZBAzZ4oVZB/i0V06Tt
vhn4JTkdMwVCr42vV69ZgZzSxLN+62TcVABfL6rPQ2DYqmc49P1B4sCSEJUxkFQf
nE/n+6Oq0FBNLLZK4hiqFd2tKc4rQXRL0QwailF5TBNkkrc7w8ojyW3wgY+JXmdi
mDN08vjhIdjehYW0VhIk7RfiCYpXsvyBBiVEYmd3F0PYukFyqoxde3398Ofaojdt
3JGfG/nsx7d54DMkMxDqxgsx6NUi0/Qglw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:58 2025 by rpki-client