Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/7BADD2664E9011EFA2296D3FC4F9AE02.roa
File: 7BADD2664E9011EFA2296D3FC4F9AE02.roa (raw, json)
Hash identifier: PMSpdNr1WjMRATN+1u9x7vYNfFB7DJAjunER8wAACjU=
Subject key identifier: 3E:10:39:66:06:5A:C7:96:4D:BC:4B:45:8C:C9:65:E2:34:E9:3E:81
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2980
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/7BADD2664E9011EFA2296D3FC4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:53:09 +0000
ROA not before: Tue 31 Dec 2024 15:53:09 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152694
IP address blocks: 58.137.116.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10624 (0x2980)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:53:09 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67741365-eb96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:20:da:96:7a:d4:88:1a:87:18:20:48:1e:7d:
fb:47:73:d9:44:8e:17:db:7d:11:f4:53:69:bf:99:
dc:18:3a:2e:71:66:63:76:9e:9a:b0:9d:53:a8:43:
6a:5c:39:48:1f:ab:c0:1d:96:18:39:92:fb:58:50:
30:62:51:44:70:b3:f0:8b:d5:de:a1:ed:0b:23:72:
ee:62:8e:f7:fd:59:13:ab:8c:ea:74:9f:b5:e2:89:
b6:69:5a:ad:7f:7c:ce:38:8a:bb:29:8d:5d:8e:91:
72:1d:63:7f:9e:af:28:17:53:b5:f3:3b:49:b4:bc:
5a:ef:f4:e3:8f:38:c6:19:b7:31:d7:a0:15:9a:c3:
b9:1a:37:b8:2a:60:7a:39:4a:9e:48:0a:db:d2:fd:
1b:43:ea:50:f6:53:c8:0a:b3:e3:18:ff:57:e0:c9:
70:b8:9e:a4:1d:91:95:40:55:81:01:c8:98:fd:34:
2b:7c:f8:78:6c:c6:ea:9c:35:08:2d:0d:c6:ce:00:
1e:6c:fe:7f:0d:26:f8:bf:20:c5:0d:b3:de:76:d4:
7a:42:70:8c:6f:80:a2:11:35:54:9a:f7:a4:e3:10:
c3:b0:bf:28:f2:50:e3:5d:47:69:b6:ce:8f:47:b8:
c9:5d:2e:f9:e4:97:49:a2:c7:52:47:fc:21:92:85:
fc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:10:39:66:06:5A:C7:96:4D:BC:4B:45:8C:C9:65:E2:34:E9:3E:81
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/7BADD2664E9011EFA2296D3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.137.116.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:3c:2c:95:11:a6:6e:8e:5f:96:cc:b2:63:52:47:07:e6:ac:
7b:1a:7b:60:a2:73:1c:8b:96:5e:04:01:36:ba:70:c3:11:c7:
34:76:34:69:71:13:e8:e1:12:ee:ab:e6:c0:b5:6b:a1:0d:e8:
77:1f:6a:8f:f0:93:f9:d5:9a:a6:7f:11:da:14:5e:9b:6b:b0:
0f:4f:5e:e5:43:86:91:db:7b:92:54:f0:21:ad:85:4f:1a:bc:
fc:f4:f9:6c:ef:13:11:8d:c7:64:5c:f2:a5:50:b8:ef:49:23:
09:6b:ec:68:4b:61:0a:eb:38:11:b4:ac:0a:a3:11:df:71:aa:
a9:ff:96:61:fb:ba:9c:1e:b3:c0:98:55:f9:5c:36:1c:44:b9:
13:ad:75:ba:ef:39:8f:ba:93:99:e0:5d:27:8e:6b:fb:00:47:
f0:20:2c:8b:87:de:0a:5a:7b:ba:2f:b6:7c:3c:83:ec:db:28:
bd:b7:2d:29:39:07:7d:d8:b1:8a:54:40:c1:78:29:71:8d:69:
a2:07:d7:3f:b4:6b:8a:32:7e:07:95:6f:e8:63:10:2b:0b:86:
21:c7:55:49:6a:6b:ef:aa:66:8e:72:70:dd:d7:a5:2e:5e:8a:
43:14:bc:6d:c1:65:f1:74:c5:d6:5d:e0:d7:f3:72:a4:a4:ba:
e8:a0:59:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MzA5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM2NS1lYjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzCDalnrUiBqHGCBIHn37R3PZRI4X230R9FNpv5ncGDoucWZjdp6asJ1TqENq
XDlIH6vAHZYYOZL7WFAwYlFEcLPwi9Xeoe0LI3LuYo73/VkTq4zqdJ+14om2aVqt
f3zOOIq7KY1djpFyHWN/nq8oF1O18ztJtLxa7/TjjzjGGbcx16AVmsO5Gje4KmB6
OUqeSArb0v0bQ+pQ9lPICrPjGP9X4MlwuJ6kHZGVQFWBAciY/TQrfPh4bMbqnDUI
LQ3GzgAebP5/DSb4vyDFDbPedtR6QnCMb4CiETVUmvek4xDDsL8o8lDjXUdpts6P
R7jJXS755JdJosdSR/whkoX8TwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD4QOWYG
WseWTbxLRYzJZeI06T6BMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvN0JBREQyNjY0
RTkwMTFFRkEyMjk2RDNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAA6iXQwDQYJKoZIhvcNAQELBQADggEBAJw8LJURpm6OX5bM
smNSRwfmrHsae2CicxyLll4EATa6cMMRxzR2NGlxE+jhEu6r5sC1a6EN6Hcfao/w
k/nVmqZ/EdoUXptrsA9PXuVDhpHbe5JU8CGthU8avPz0+WzvExGNx2Rc8qVQuO9J
Iwlr7GhLYQrrOBG0rAqjEd9xqqn/lmH7upwes8CYVflcNhxEuROtdbrvOY+6k5ng
XSeOa/sAR/AgLIuH3gpae7ovtnw8g+zbKL23LSk5B33YsYpUQMF4KXGNaaIH1z+0
a4oyfgeVb+hjECsLhiHHVUlqa++qZo5ycN3XpS5eikMUvG3BZfF0xdZd4NfzcqSk
uuigWWw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:26 2025 by rpki-client