Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
File: BF80484C737D11E8950B2925C4F9AE02.roa (raw, json)
Hash identifier: QCuppHLOv1w39+p/x44V4+sVyV2OCcYMsGwegGrKF3s=
Subject key identifier: 89:87:29:1C:87:11:83:5C:47:94:D0:B6:58:0E:D4:B1:01:5B:5E:68
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2969
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:52:47 +0000
ROA not before: Tue 31 Dec 2024 15:52:47 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134240
IP address blocks: 27.254.31.0/24 maxlen: 24
27.254.185.0/24 maxlen: 24
27.254.186.0/24 maxlen: 24
27.254.231.0/24 maxlen: 24
27.254.233.0/24 maxlen: 24
49.229.88.0/23 maxlen: 23
49.229.90.0/23 maxlen: 23
58.64.24.0/24 maxlen: 24
58.64.27.0/24 maxlen: 24
103.20.204.0/22 maxlen: 24
110.49.141.0/24 maxlen: 24
110.49.142.0/23 maxlen: 24
2405:9800:d000::/36 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10601 (0x2969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Dec 31 15:52:47 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6774134e-e99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:66:80:51:55:e8:af:c1:84:b7:69:04:2f:
de:a0:f9:81:bb:fc:3a:db:4d:5b:95:03:46:e4:85:
8f:59:bb:bb:83:0b:79:ce:fd:9e:10:30:8e:f9:3a:
c1:71:d1:ac:a8:57:74:2d:a4:42:3b:4f:c7:c4:00:
4f:92:fd:10:2b:4f:0f:98:16:a4:13:54:dd:0f:3b:
9c:9c:a2:83:a4:38:b9:a7:58:54:c8:98:96:7f:83:
67:05:82:93:9f:64:17:92:ab:69:71:59:b1:a7:0c:
7e:86:4b:32:36:15:13:2a:9b:15:60:e2:fa:f2:1c:
a4:bd:32:75:59:4e:c7:f3:b2:b9:82:27:d3:08:c3:
1a:30:51:fc:e1:cb:aa:f8:71:9f:0d:45:ba:16:d1:
a1:01:dc:76:ff:e0:81:bd:82:0e:d4:99:5b:f9:75:
3f:8d:00:f7:d9:55:d8:20:b6:6b:10:ea:a8:0a:c8:
cf:5e:70:b0:17:be:e2:ec:69:06:0c:25:3a:90:d3:
fa:43:21:70:5b:19:6c:af:65:94:6e:a9:6b:b7:34:
8a:7f:0e:9e:ef:c9:0d:f4:3c:d9:4d:12:28:f7:c7:
6e:aa:a0:f9:cc:f0:08:68:e1:b1:86:60:3c:fb:a8:
90:7f:2d:3d:5d:9e:3c:8d:69:3b:c8:4a:44:31:0b:
80:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:87:29:1C:87:11:83:5C:47:94:D0:B6:58:0E:D4:B1:01:5B:5E:68
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.254.31.0/24
27.254.185.0-27.254.186.255
27.254.231.0/24
27.254.233.0/24
49.229.88.0/22
58.64.24.0/24
58.64.27.0/24
103.20.204.0/22
110.49.141.0-110.49.143.255
IPv6:
2405:9800:d000::/36
Signature Algorithm: sha256WithRSAEncryption
02:33:c2:a7:d4:c7:0f:58:cf:cf:af:f5:b9:94:20:79:4e:ea:
78:a0:43:b2:d9:76:56:4c:d7:3c:1a:8d:2e:97:b0:bb:6c:a1:
95:34:59:df:4c:23:e5:c7:a4:06:9b:0d:4e:d6:e8:a0:50:60:
c7:cd:6b:3a:53:39:d6:00:ed:49:29:8b:8f:03:ca:42:45:b7:
ca:8b:9c:66:2b:92:89:38:b9:8d:ee:de:2f:ad:00:8f:f6:81:
c7:54:04:75:9e:3b:97:a6:7d:14:b1:e2:ba:fb:3b:8c:7c:3e:
2d:1e:bd:6b:30:75:07:3c:44:f4:c8:55:b1:8b:c5:5a:81:32:
44:1a:c2:1e:df:26:5d:05:70:4e:3c:3d:7d:a8:9a:f8:27:0d:
52:24:26:c8:fa:54:c6:e3:6c:cf:45:c4:4d:8f:bc:77:c1:9a:
5e:c1:ec:d8:2f:b7:27:dc:4d:ea:01:a7:b3:f8:57:22:f1:1a:
b0:7b:df:88:ed:9d:90:72:cb:59:6d:2a:f5:04:6c:ff:0d:78:
8b:ad:e0:d0:94:38:14:cc:40:e4:7c:f6:75:d0:88:bd:6c:05:
39:a5:db:7c:d0:fd:92:a3:32:53:c2:7e:f7:46:e8:ae:99:38:
bb:ea:c1:6f:e5:9b:9a:be:98:f9:42:56:66:29:1e:55:81:53:
df:e7:a0:57
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICKWkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjQxMjMxMTU1MjQ3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM0ZS1lOTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArN5mgFFV6K/BhLdpBC/eoPmBu/w6201blQNG5IWPWbu7gwt5zv2eEDCO+TrB
cdGsqFd0LaRCO0/HxABPkv0QK08PmBakE1TdDzucnKKDpDi5p1hUyJiWf4NnBYKT
n2QXkqtpcVmxpwx+hksyNhUTKpsVYOL68hykvTJ1WU7H87K5gifTCMMaMFH84cuq
+HGfDUW6FtGhAdx2/+CBvYIO1Jlb+XU/jQD32VXYILZrEOqoCsjPXnCwF77i7GkG
DCU6kNP6QyFwWxlsr2WUbqlrtzSKfw6e78kN9DzZTRIo98duqqD5zPAIaOGxhmA8
+6iQfy09XZ48jWk7yEpEMQuAYQIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFImHKRyH
EYNcR5TQtlgO1LEBW15oMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQkY4MDQ4NEM3
MzdEMTFFODk1MEIyOTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMEwEAgABMEYDBAAb/h8wDAMEABv+uQMEABv+ugMEABv+5wMEABv+6QMEAjHl
WAMEADpAGAMEADpAGwMEAmcUzDAMAwQAbjGNAwQEbjGAMA4EAgACMAgDBgQkBZgA
0DANBgkqhkiG9w0BAQsFAAOCAQEAAjPCp9THD1jPz6/1uZQgeU7qeKBDstl2VkzX
PBqNLpewu2yhlTRZ30wj5cekBpsNTtbooFBgx81rOlM51gDtSSmLjwPKQkW3youc
ZiuSiTi5je7eL60Aj/aBx1QEdZ47l6Z9FLHiuvs7jHw+LR69azB1BzxE9MhVsYvF
WoEyRBrCHt8mXQVwTjw9faia+CcNUiQmyPpUxuNsz0XETY+8d8GaXsHs2C+3J9xN
6gGns/hXIvEasHvfiO2dkHLLWW0q9QRs/w14i63g0JQ4FMxA5Hz2ddCIvWwFOaXb
fND9kqMyU8J+90borpk4u+rBb+Wbmr6Y+UJWZikeVYFT3+egVw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:01 2025 by rpki-client