Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/699C6052D60D11E9A0539B2EC4F9AE02.roa
File: 699C6052D60D11E9A0539B2EC4F9AE02.roa (raw, json)
Hash identifier: iQrMuQPBAP9v/xDYK7niJxPhELKqnCNwhQpacZAYqf0=
Subject key identifier: 3F:26:08:61:B1:ED:2F:00:D8:B5:8A:3F:83:50:25:DA:A4:74:D0:F5
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 296D
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/699C6052D60D11E9A0539B2EC4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:52:50 +0000
ROA not before: Tue 31 Dec 2024 15:52:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136605
IP address blocks: 202.80.255.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10605 (0x296d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:52:50 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67741352-f3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:95:52:9a:ea:d0:c0:06:45:24:17:bc:8a:ff:
9f:ab:e8:cd:fd:3f:5a:fc:1e:7b:63:9c:6d:da:df:
8a:a0:b2:70:2e:98:8a:03:f3:1b:b7:05:93:54:76:
0b:66:ab:56:ff:ac:30:5e:13:3c:0d:39:a1:9d:f1:
19:ca:4a:78:d7:ab:7d:09:cf:0c:a3:1d:18:a3:47:
40:9f:dc:61:c1:82:18:fd:1e:20:bb:52:c0:e1:a2:
73:6c:3f:f4:e7:37:4d:ca:f3:49:c3:50:bc:d8:0c:
73:75:3a:3a:4b:b3:46:35:c3:07:56:1b:1b:ad:ec:
85:e4:c8:de:d5:83:d6:05:23:20:13:4b:4d:d9:b0:
67:66:6b:97:e9:92:f6:90:36:24:81:bd:36:51:15:
0e:c5:01:5f:e3:35:e9:f8:4f:73:91:87:8a:62:e1:
17:2c:ab:1b:1e:26:c6:e0:2d:32:a6:d8:ad:06:50:
1b:ab:6c:41:93:c2:31:b7:91:9e:a7:3e:85:a8:a6:
8e:86:52:6e:01:c2:67:c6:79:05:0c:48:fa:76:2d:
63:db:8b:20:05:5a:7f:a0:80:62:21:c4:bf:b8:55:
35:4b:01:2e:df:89:78:c2:5a:05:5a:38:50:90:ae:
bd:5c:6f:e3:68:6a:89:a6:7d:28:de:26:2f:b1:61:
50:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:26:08:61:B1:ED:2F:00:D8:B5:8A:3F:83:50:25:DA:A4:74:D0:F5
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/699C6052D60D11E9A0539B2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.80.255.0/24
Signature Algorithm: sha256WithRSAEncryption
07:16:ef:d5:c0:9f:2c:74:83:39:9e:86:01:c2:b0:40:74:9a:
02:76:79:ef:ab:fd:2b:7b:7d:93:c4:da:db:e6:4c:20:b0:87:
af:5b:16:c8:6b:a0:02:58:74:60:49:ac:57:01:7f:90:27:90:
d2:d6:da:53:b1:75:78:19:a9:28:1d:fc:d5:c7:de:67:e3:d4:
49:78:ce:57:a2:bb:d9:22:5c:70:8e:0b:76:f3:6d:b7:20:0d:
f9:7c:1a:a6:a5:3f:24:84:58:24:28:50:99:31:ea:b0:14:67:
b8:56:2c:b5:de:f3:cb:85:ad:20:aa:72:a0:04:db:2d:d2:67:
3d:08:36:4d:24:e7:b7:f8:b1:45:e5:5e:a5:a8:89:4b:aa:07:
de:76:41:f7:a4:f7:74:58:10:9e:a2:ab:95:39:dc:bf:dd:84:
e9:20:46:47:e9:15:ca:e3:66:89:26:18:a7:e0:05:78:47:97:
d5:4c:fd:31:77:1c:e7:a5:66:dd:fd:27:dc:6a:93:cd:82:78:
9c:41:56:76:06:49:2a:2b:43:6f:42:0e:45:07:c4:d3:dd:0a:
b7:2e:43:d3:9c:28:e2:8a:a2:c8:00:7b:10:2d:2e:4a:5c:d7:
60:54:79:86:7b:2b:3b:5e:1f:67:4e:17:eb:50:d1:d2:79:63:
8c:17:ee:5f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKW0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MjUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM1Mi1mM2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtJVSmurQwAZFJBe8iv+fq+jN/T9a/B57Y5xt2t+KoLJwLpiKA/MbtwWTVHYL
ZqtW/6wwXhM8DTmhnfEZykp416t9Cc8Mox0Yo0dAn9xhwYIY/R4gu1LA4aJzbD/0
5zdNyvNJw1C82AxzdTo6S7NGNcMHVhsbreyF5Mje1YPWBSMgE0tN2bBnZmuX6ZL2
kDYkgb02URUOxQFf4zXp+E9zkYeKYuEXLKsbHibG4C0yptitBlAbq2xBk8Ixt5Ge
pz6FqKaOhlJuAcJnxnkFDEj6di1j24sgBVp/oIBiIcS/uFU1SwEu34l4wloFWjhQ
kK69XG/jaGqJpn0o3iYvsWFQeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD8mCGGx
7S8A2LWKP4NQJdqkdND1MB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvNjk5QzYwNTJE
NjBEMTFFOUEwNTM5QjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKUP8wDQYJKoZIhvcNAQELBQADggEBAAcW79XAnyx0gzme
hgHCsEB0mgJ2ee+r/St7fZPE2tvmTCCwh69bFshroAJYdGBJrFcBf5AnkNLW2lOx
dXgZqSgd/NXH3mfj1El4zleiu9kiXHCOC3bzbbcgDfl8GqalPySEWCQoUJkx6rAU
Z7hWLLXe88uFrSCqcqAE2y3SZz0INk0k57f4sUXlXqWoiUuqB952Qfek93RYEJ6i
q5U53L/dhOkgRkfpFcrjZokmGKfgBXhHl9VM/TF3HOelZt39J9xqk82CeJxBVnYG
SSorQ29CDkUHxNPdCrcuQ9OcKOKKosgAexAtLkpc12BUeYZ7KzteH2dOF+tQ0dJ5
Y4wX7l8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:23 2025 by rpki-client