Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa
File: 1D1E9F72A05011ED8B25FE52C4F9AE02.roa (raw, json)
Hash identifier: cOsKGiNuw+TOW2A6oQ6w++MvZswAsRBIZTMKNl1+jmk=
Subject key identifier: 3D:87:EA:7B:72:50:D4:D6:DE:3B:99:88:9C:71:6E:D5:5B:AE:B4:FD
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2967
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:52:45 +0000
ROA not before: Tue 31 Dec 2024 15:52:45 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133848
IP address blocks: 49.0.124.0/24 maxlen: 24
49.231.72.0/21 maxlen: 23
49.231.73.0/24 maxlen: 24
49.231.75.0/24 maxlen: 24
49.231.76.0/22 maxlen: 24
49.231.128.0/22 maxlen: 24
49.231.132.0/22 maxlen: 24
110.49.2.0/24 maxlen: 24
110.49.99.0/24 maxlen: 24
110.49.112.0/23 maxlen: 24
2405:9800:d003::/48 maxlen: 48
2405:9800:d007::/48 maxlen: 48
2405:9800:d008::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10599 (0x2967)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:52:45 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6774134d-0fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4a:11:7b:df:70:25:ad:a8:f8:91:f1:2f:c4:
b6:57:4c:dc:9c:e9:be:5a:30:18:bc:cc:a7:7f:cf:
c5:7e:3d:36:af:f0:b9:d9:07:6f:92:52:54:12:dd:
08:e6:4d:12:4f:9d:7b:01:74:7b:c8:84:16:d8:f5:
0a:ad:76:30:83:8b:9a:0f:d2:ac:ad:f6:c9:2f:87:
f4:cc:3e:a0:18:8f:56:33:f8:80:d0:7c:f8:fb:99:
0e:a9:03:a8:1a:2d:db:94:1f:64:66:43:84:aa:ae:
47:9b:a1:78:f2:9c:7b:45:39:03:40:64:38:56:3f:
4c:3d:b4:c7:df:eb:55:03:e1:c6:06:7a:d0:f1:6b:
a4:29:a4:7f:d2:8e:ef:5b:a5:41:9e:b7:f0:d1:63:
22:2f:e4:d5:5d:bc:1a:73:50:08:2a:ac:68:27:bd:
35:2a:07:db:35:54:7a:a6:d4:e9:df:fa:f2:f1:87:
cf:50:68:8a:92:9b:e5:41:be:03:02:43:8e:84:0e:
85:22:e1:ef:f2:f3:76:ea:15:95:69:83:b1:c3:5b:
e8:d4:73:ed:ec:c0:7f:59:cd:69:17:0f:cc:4e:85:
d5:6f:ce:5e:34:8c:78:75:d7:7d:e8:bc:d7:f2:b2:
40:15:b2:23:12:13:f7:00:a4:48:c4:f8:85:3f:0c:
f4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:87:EA:7B:72:50:D4:D6:DE:3B:99:88:9C:71:6E:D5:5B:AE:B4:FD
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.0.124.0/24
49.231.72.0/21
49.231.128.0/21
110.49.2.0/24
110.49.99.0/24
110.49.112.0/23
IPv6:
2405:9800:d003::/48
2405:9800:d007::-2405:9800:d008:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
13:29:98:78:bc:e7:2c:8e:eb:a8:17:af:cf:02:d1:c1:bd:75:
43:1c:be:a3:d5:e5:23:51:2a:d2:82:4a:af:07:6a:b2:81:bb:
53:4b:d7:83:77:6a:76:af:e5:96:49:ce:cd:7b:cf:28:ec:61:
f0:37:ea:61:f6:84:b3:00:7f:4f:07:bd:7d:11:50:90:e7:34:
ae:0d:3f:86:7e:a4:b7:ed:b2:70:28:18:2e:e3:4c:08:2f:49:
04:5a:5f:52:e0:83:d9:11:1a:df:38:50:10:27:75:73:c9:e8:
9b:b4:f7:60:5b:20:4e:3b:1c:d6:1c:2c:7e:61:13:b7:4c:d3:
b1:b6:3b:1e:0c:d8:6c:00:bd:24:af:c8:48:50:5d:c1:38:1e:
14:ed:76:43:65:09:f9:33:d2:58:3b:c5:54:5e:9a:a5:58:e5:
0a:8b:ef:65:a5:f9:e6:5d:c1:08:20:39:5f:7c:71:40:3b:e5:
e9:f8:bb:28:6d:14:6f:fc:01:95:32:bc:05:2a:3f:ae:2a:f5:
20:4e:02:23:cc:22:0d:60:09:71:41:4d:d2:32:3e:af:2a:bc:
5a:a6:c9:6f:ce:6c:18:6d:4f:47:cd:af:9a:c4:74:87:fb:a0:
fc:e5:dc:e7:07:c5:fd:e6:04:7d:f1:ed:6d:58:c8:9d:ea:0e:
67:5f:90:a7
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgICKWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MjQ1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM0ZC0wZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvUoRe99wJa2o+JHxL8S2V0zcnOm+WjAYvMynf8/Ffj02r/C52QdvklJUEt0I
5k0ST517AXR7yIQW2PUKrXYwg4uaD9KsrfbJL4f0zD6gGI9WM/iA0Hz4+5kOqQOo
Gi3blB9kZkOEqq5Hm6F48px7RTkDQGQ4Vj9MPbTH3+tVA+HGBnrQ8WukKaR/0o7v
W6VBnrfw0WMiL+TVXbwac1AIKqxoJ701KgfbNVR6ptTp3/ry8YfPUGiKkpvlQb4D
AkOOhA6FIuHv8vN26hWVaYOxw1vo1HPt7MB/Wc1pFw/MToXVb85eNIx4ddd96LzX
8rJAFbIjEhP3AKRIxPiFPwz0vwIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFD2H6nty
UNTW3juZiJxxbtVbrrT9MB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvMUQxRTlGNzJB
MDUwMTFFRDhCMjVGRTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQcBAf8E
UzBRMCoEAgABMCQDBAAxAHwDBAMx50gDBAMx54ADBABuMQIDBABuMWMDBAFuMXAw
IwQCAAIwHQMHACQFmADQAzASAwcAJAWYANAHAwcAJAWYANAIMA0GCSqGSIb3DQEB
CwUAA4IBAQATKZh4vOcsjuuoF6/PAtHBvXVDHL6j1eUjUSrSgkqvB2qygbtTS9eD
d2p2r+WWSc7Ne88o7GHwN+ph9oSzAH9PB719EVCQ5zSuDT+GfqS37bJwKBgu40wI
L0kEWl9S4IPZERrfOFAQJ3VzyeibtPdgWyBOOxzWHCx+YRO3TNOxtjseDNhsAL0k
r8hIUF3BOB4U7XZDZQn5M9JYO8VUXpqlWOUKi+9lpfnmXcEIIDlffHFAO+Xp+Lso
bRRv/AGVMrwFKj+uKvUgTgIjzCINYAlxQU3SMj6vKrxapslvzmwYbU9Hza+axHSH
+6D85dznB8X95gR98e1tWMid6g5nX5Cn
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:08 2025 by rpki-client