Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/228647E8639E11ECA24A0411C4F9AE02.roa
File: 228647E8639E11ECA24A0411C4F9AE02.roa (raw, json)
Hash identifier: w/S6OQdT4bR1D/dqyz9Db+7Sc6095muOhxb8MXGrsm8=
Subject key identifier: E7:F2:E7:AD:54:FA:66:A0:E2:E1:91:FD:1E:88:7B:40:5A:97:8D:EA
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 298C
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/228647E8639E11ECA24A0411C4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:53:19 +0000
ROA not before: Tue 31 Dec 2024 15:53:19 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45255
IP address blocks: 49.231.28.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10636 (0x298c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:53:19 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6774136f-28af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c8:86:a4:6b:cf:88:76:32:82:dc:d4:93:1c:
83:18:a3:c1:9a:3a:7e:cd:94:34:bf:b6:bd:1c:d1:
7d:16:1f:91:a8:ef:44:44:51:ab:65:e8:b8:9e:09:
fe:89:36:a4:38:3f:60:dd:0e:6a:41:d0:d8:3f:e9:
c1:dd:c5:3e:6d:c2:8a:4e:85:b6:50:a0:0d:ff:79:
54:fa:a0:fb:72:ea:80:2c:17:7f:4f:f8:16:17:78:
bc:c9:1d:42:a1:e9:05:c3:42:f2:ef:bd:ee:3f:db:
7a:ae:7a:9c:9f:04:d4:c2:47:3e:e5:00:10:96:fe:
69:16:23:53:71:3b:3e:07:a0:35:10:e7:a7:e3:40:
70:07:f9:39:c8:61:9f:c3:10:4b:66:c9:b4:bd:cf:
24:03:1e:ba:a7:1b:42:eb:9f:2f:a9:08:04:7a:b3:
5d:07:31:5e:ae:c8:2a:c8:6e:cc:03:a5:f0:49:1c:
44:49:7e:7d:87:50:41:e5:7d:05:2a:84:e9:64:d9:
89:50:9d:99:9d:62:6f:1f:e3:e4:65:7f:ec:d6:88:
85:78:5b:93:4f:5e:ec:75:4d:38:33:90:84:4a:12:
d4:d4:d3:2f:5b:ff:d7:a7:9c:58:ea:ad:b9:ba:8b:
3b:3b:cd:f0:d1:0f:41:7f:84:9a:da:46:4d:a9:1d:
ae:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F2:E7:AD:54:FA:66:A0:E2:E1:91:FD:1E:88:7B:40:5A:97:8D:EA
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/228647E8639E11ECA24A0411C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.231.28.0/24
Signature Algorithm: sha256WithRSAEncryption
89:23:0a:90:e4:8a:71:0c:03:77:19:e6:28:d8:bc:c7:b9:91:
7a:7a:92:63:23:40:64:d5:75:26:47:f1:b1:17:39:d8:4c:80:
91:93:65:49:82:d6:79:26:5c:3a:55:2f:1d:68:13:8e:88:b6:
77:d6:79:56:18:0f:2c:f7:0f:ba:64:b6:e1:f3:ef:78:55:af:
6e:71:35:52:0a:53:6e:0d:80:cf:89:f3:d0:37:6b:51:3d:d0:
05:61:f5:ba:f8:6f:ae:53:c3:20:b2:e0:28:da:72:3b:92:8e:
c6:4d:16:35:da:4b:75:f8:e4:df:2b:05:1c:af:54:a0:90:dc:
c8:07:1c:8f:15:ac:81:6d:d9:16:81:d5:a2:18:c2:68:75:c6:
9d:ed:6f:7a:39:9a:60:93:da:f8:b6:a5:33:38:91:c0:56:54:
6c:ac:3c:d4:d7:57:45:72:22:14:08:86:9a:8a:9b:45:97:47:
a1:36:3a:59:81:09:b5:d4:fd:5c:9d:b7:13:88:f3:a2:c4:c4:
a9:47:2f:8e:90:4e:7e:60:17:0d:05:d0:ed:5f:89:80:89:88:
8a:ad:0e:62:e5:cc:e8:9b:8f:db:db:8c:ee:ef:6b:d5:42:80:
cb:49:59:00:5b:d9:a5:30:d0:00:de:1a:38:7a:29:03:bf:8f:
0d:b3:f5:18
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MzE5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM2Zi0yOGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ciGpGvPiHYygtzUkxyDGKPBmjp+zZQ0v7a9HNF9Fh+RqO9ERFGrZei4ngn+
iTakOD9g3Q5qQdDYP+nB3cU+bcKKToW2UKAN/3lU+qD7cuqALBd/T/gWF3i8yR1C
oekFw0Ly773uP9t6rnqcnwTUwkc+5QAQlv5pFiNTcTs+B6A1EOen40BwB/k5yGGf
wxBLZsm0vc8kAx66pxtC658vqQgEerNdBzFersgqyG7MA6XwSRxESX59h1BB5X0F
KoTpZNmJUJ2ZnWJvH+PkZX/s1oiFeFuTT17sdU04M5CEShLU1NMvW//Xp5xY6q25
uos7O83w0Q9Bf4Sa2kZNqR2unwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOfy561U
+mag4uGR/R6Ie0Bal43qMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvMjI4NjQ3RTg2
MzlFMTFFQ0EyNEEwNDExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAx5xwwDQYJKoZIhvcNAQELBQADggEBAIkjCpDkinEMA3cZ
5ijYvMe5kXp6kmMjQGTVdSZH8bEXOdhMgJGTZUmC1nkmXDpVLx1oE46ItnfWeVYY
Dyz3D7pktuHz73hVr25xNVIKU24NgM+J89A3a1E90AVh9br4b65TwyCy4CjacjuS
jsZNFjXaS3X45N8rBRyvVKCQ3MgHHI8VrIFt2RaB1aIYwmh1xp3tb3o5mmCT2vi2
pTM4kcBWVGysPNTXV0VyIhQIhpqKm0WXR6E2OlmBCbXU/VydtxOI86LExKlHL46Q
Tn5gFw0F0O1fiYCJiIqtDmLlzOibj9vbjO7va9VCgMtJWQBb2aUw0ADeGjh6KQO/
jw2z9Rg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:20 2025 by rpki-client