Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/955A10B4D61111E999D7033CC4F9AE02.roa
File: 955A10B4D61111E999D7033CC4F9AE02.roa (raw, json)
Hash identifier: BhIAuOWna5HuFhbt5lDDfCzVx1O03qlZMBQB2mlohZQ=
Subject key identifier: F9:C8:81:3E:B1:D7:47:06:DB:F1:FA:A3:41:14:8F:D8:E6:4D:CE:CF
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 299B
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/955A10B4D61111E999D7033CC4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:53:33 +0000
ROA not before: Tue 31 Dec 2024 15:53:33 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9551
IP address blocks: 49.231.232.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10651 (0x299b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:53:33 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6774137d-3b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ca:61:4e:f8:db:cb:e0:53:1f:77:a1:ff:21:
b2:2a:4c:49:1a:7f:52:c8:8e:91:c4:bd:eb:91:f5:
30:00:bd:6a:a9:47:59:68:63:ee:2c:1d:c1:0f:d6:
df:e2:2d:52:c0:74:74:e5:a7:39:d6:48:e9:2e:0f:
8b:5b:f2:23:66:47:4c:df:96:53:06:6d:c7:0e:75:
ef:9a:82:42:87:ce:f0:01:03:ea:04:70:df:63:9a:
0c:8c:ca:16:98:f7:40:61:15:81:fb:3a:4b:4a:79:
73:47:52:77:1b:e9:8c:42:82:61:07:8d:ce:da:3d:
03:c3:85:8e:94:d4:69:48:30:20:a9:e1:ec:e9:46:
09:1d:c9:64:d5:6f:8d:d3:f5:97:c8:f9:8b:38:00:
40:16:68:fd:ed:e0:70:d3:d9:06:81:d5:34:52:93:
65:5d:ca:0e:25:89:99:21:18:b0:b6:f9:2c:1d:4d:
e9:89:bb:18:5b:89:b3:23:6a:de:a6:9a:01:e8:b3:
72:2b:4e:02:e1:17:6c:aa:38:9d:8a:8f:c2:22:5a:
87:d7:7c:5e:64:1f:29:81:40:b1:6b:69:a6:d0:00:
e0:cf:6f:3d:11:82:98:e1:cf:bf:02:38:29:e6:97:
2a:17:f4:7b:83:fd:49:80:cb:31:f8:69:9e:e5:77:
f4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C8:81:3E:B1:D7:47:06:DB:F1:FA:A3:41:14:8F:D8:E6:4D:CE:CF
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/955A10B4D61111E999D7033CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.231.232.0/23
Signature Algorithm: sha256WithRSAEncryption
08:95:91:f3:e8:42:d9:c6:04:91:68:b2:80:bb:bd:3d:76:2f:
cc:d3:97:9b:93:ef:ac:d6:9b:f4:83:5c:6d:58:96:a3:7e:35:
29:56:fe:10:8d:81:fc:38:d3:5c:bd:e8:32:39:8a:3f:2f:b4:
b8:21:42:d1:3a:8a:2d:fb:6c:85:e9:c7:6f:84:7d:6d:14:9e:
53:6e:ad:5f:56:9e:7b:de:d0:5a:2a:df:cb:04:71:99:36:e3:
9f:15:f2:e5:c1:10:a1:7f:14:f3:0b:c3:d4:f3:38:8a:80:b6:
52:a2:da:d9:9b:4a:2f:39:46:e5:be:dd:48:b1:64:d4:92:54:
40:6e:00:97:2c:46:5e:03:f4:2f:d2:c1:14:ec:ff:01:87:cd:
a1:b5:e3:a2:e1:ed:87:a7:aa:ec:b0:0d:bf:96:9c:da:0f:b3:
b7:7f:57:07:3d:a6:2e:23:6b:cd:8c:45:8f:d6:17:69:1e:ff:
bd:a8:f4:e2:b5:bf:32:d2:cb:90:39:f5:1a:12:e8:83:99:21:
c1:b8:41:5c:66:7a:d0:17:b0:f0:b4:7e:f8:7d:c2:17:a6:27:
41:ab:de:4d:40:dd:f5:a6:a5:62:1b:25:c8:fe:d9:81:fc:56:
e7:f7:c0:dd:b4:fb:95:7f:74:b1:c9:e3:a5:08:14:72:82:e9:
09:b2:b7:02
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MzMzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM3ZC0zYjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArcphTvjby+BTH3eh/yGyKkxJGn9SyI6RxL3rkfUwAL1qqUdZaGPuLB3BD9bf
4i1SwHR05ac51kjpLg+LW/IjZkdM35ZTBm3HDnXvmoJCh87wAQPqBHDfY5oMjMoW
mPdAYRWB+zpLSnlzR1J3G+mMQoJhB43O2j0Dw4WOlNRpSDAgqeHs6UYJHclk1W+N
0/WXyPmLOABAFmj97eBw09kGgdU0UpNlXcoOJYmZIRiwtvksHU3pibsYW4mzI2re
ppoB6LNyK04C4Rdsqjidio/CIlqH13xeZB8pgUCxa2mm0ADgz289EYKY4c+/Ajgp
5pcqF/R7g/1JgMsx+Gme5Xf0mwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPnIgT6x
10cG2/H6o0EUj9jmTc7PMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvOTU1QTEwQjRE
NjExMTFFOTk5RDcwMzNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEx5+gwDQYJKoZIhvcNAQELBQADggEBAAiVkfPoQtnGBJFo
soC7vT12L8zTl5uT76zWm/SDXG1YlqN+NSlW/hCNgfw401y96DI5ij8vtLghQtE6
ii37bIXpx2+EfW0UnlNurV9Wnnve0Foq38sEcZk2458V8uXBEKF/FPMLw9TzOIqA
tlKi2tmbSi85RuW+3UixZNSSVEBuAJcsRl4D9C/SwRTs/wGHzaG146Lh7Yenquyw
Db+WnNoPs7d/Vwc9pi4ja82MRY/WF2ke/72o9OK1vzLSy5A59RoS6IOZIcG4QVxm
etAXsPC0fvh9whemJ0Gr3k1A3fWmpWIbJcj+2YH8Vuf3wN20+5V/dLHJ46UIFHKC
6QmytwI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:42 2025 by rpki-client