Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/93F6CBFED61111E999D7033CC4F9AE02.roa
File: 93F6CBFED61111E999D7033CC4F9AE02.roa (raw, json)
Hash identifier: yIdRFF5FwBvg5RreylKNPQhY0vjrp4tCGgTtHM7927o=
Subject key identifier: C4:E8:22:0C:1E:98:F9:D3:60:FC:02:E2:51:84:59:6E:F3:18:6B:27
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2988
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/93F6CBFED61111E999D7033CC4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:53:16 +0000
ROA not before: Tue 31 Dec 2024 15:53:16 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 38820
IP address blocks: 49.231.206.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10632 (0x2988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:53:16 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6774136c-5cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:47:ea:b3:f4:f5:5a:75:2e:ad:d8:e3:72:
58:ff:68:fc:4c:fd:ad:30:52:ec:e4:16:69:de:cd:
9b:04:1c:3d:bb:40:ec:bd:3e:ed:2c:34:11:40:5f:
8c:b4:66:f6:f5:e7:0d:ad:3a:f6:02:97:92:8a:a0:
68:5f:cd:e0:c4:9d:9a:63:c1:89:e3:3e:4f:a5:96:
42:27:59:03:4c:d4:d6:c6:9b:1c:74:48:0c:a8:b2:
0f:c5:e5:e6:07:aa:cc:66:75:a0:df:ec:89:8d:bd:
92:b1:d9:4d:1a:57:8b:42:d3:64:62:60:ce:f2:c5:
d9:cf:64:f9:1b:f2:7e:7b:df:81:68:24:d9:98:eb:
16:9b:17:05:24:00:fa:1e:c8:54:d9:b7:b0:55:b5:
6f:25:0a:3f:b7:c4:94:14:b6:8d:ff:36:ed:e3:df:
fe:5b:3f:1b:ab:85:dc:04:c4:c5:ab:d1:0a:e8:98:
22:ad:02:0c:c1:3f:6e:e1:e5:8f:44:f8:2e:58:68:
f3:fd:a7:a3:17:68:05:10:ba:8f:e3:a7:d5:10:ed:
9d:77:23:d6:d5:bf:83:2e:bb:67:71:2c:eb:2b:7d:
57:72:c7:c1:ed:f9:7a:e6:77:71:31:0b:72:8c:42:
e2:0a:f5:f5:f7:37:14:2e:2a:23:a8:23:6b:61:c6:
f4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E8:22:0C:1E:98:F9:D3:60:FC:02:E2:51:84:59:6E:F3:18:6B:27
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/93F6CBFED61111E999D7033CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.231.206.0/24
Signature Algorithm: sha256WithRSAEncryption
72:cc:cb:8f:90:2b:84:45:a2:cd:db:a2:19:b8:c9:ea:0d:87:
49:1a:ad:d6:6a:6e:db:b6:3e:5a:9a:ec:81:4e:dd:a4:41:ce:
08:4a:cb:ba:06:bb:14:9c:bd:48:dc:5d:30:0a:81:a7:47:31:
7e:a4:55:07:2a:f8:ee:5e:d5:30:c3:e1:43:c9:d5:07:68:bd:
a3:30:3a:87:83:a5:fd:6b:71:7d:0d:17:a0:ba:92:08:c5:2f:
ca:12:0c:8d:16:7d:c5:24:3c:fd:fe:32:a1:cb:90:10:33:2f:
c4:04:3c:31:45:f8:6c:b1:a9:68:ee:be:8e:9c:26:c6:a9:fa:
75:e8:7c:50:11:b2:ef:14:7e:05:9e:60:3a:e7:9e:ca:5b:ce:
18:ea:e0:bd:e5:1d:ac:83:04:f2:e0:87:ed:ae:75:7b:1c:f0:
47:5b:12:fe:0e:2f:4d:f7:f7:20:13:5b:23:e1:72:5b:61:62:
5b:00:29:69:af:0d:3f:b6:58:76:6c:3b:94:92:af:88:1e:69:
7b:89:57:a8:cf:39:e5:10:9b:08:54:3e:23:f6:ac:fa:fe:c9:
5f:5c:94:4a:64:cc:f2:18:66:ac:af:a1:42:3e:fd:5f:57:6f:
ad:53:dc:8b:84:09:03:24:78:18:87:c4:55:26:c3:6a:2a:29:
74:7e:30:e9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MzE2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM2Yy01Y2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoqRH6rP09Vp1Lq3Y43JY/2j8TP2tMFLs5BZp3s2bBBw9u0DsvT7tLDQRQF+M
tGb29ecNrTr2ApeSiqBoX83gxJ2aY8GJ4z5PpZZCJ1kDTNTWxpscdEgMqLIPxeXm
B6rMZnWg3+yJjb2SsdlNGleLQtNkYmDO8sXZz2T5G/J+e9+BaCTZmOsWmxcFJAD6
HshU2bewVbVvJQo/t8SUFLaN/zbt49/+Wz8bq4XcBMTFq9EK6JgirQIMwT9u4eWP
RPguWGjz/aejF2gFELqP46fVEO2ddyPW1b+DLrtncSzrK31XcsfB7fl65ndxMQty
jELiCvX19zcULiojqCNrYcb0DwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMToIgwe
mPnTYPwC4lGEWW7zGGsnMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvOTNGNkNCRkVE
NjExMTFFOTk5RDcwMzNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAx584wDQYJKoZIhvcNAQELBQADggEBAHLMy4+QK4RFos3b
ohm4yeoNh0kardZqbtu2Plqa7IFO3aRBzghKy7oGuxScvUjcXTAKgadHMX6kVQcq
+O5e1TDD4UPJ1QdovaMwOoeDpf1rcX0NF6C6kgjFL8oSDI0WfcUkPP3+MqHLkBAz
L8QEPDFF+GyxqWjuvo6cJsap+nXofFARsu8UfgWeYDrnnspbzhjq4L3lHayDBPLg
h+2udXsc8EdbEv4OL0339yATWyPhclthYlsAKWmvDT+2WHZsO5SSr4geaXuJV6jP
OeUQmwhUPiP2rPr+yV9clEpkzPIYZqyvoUI+/V9Xb61T3IuECQMkeBiHxFUmw2oq
KXR+MOk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:18:25 2025 by rpki-client