Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/1DB9AEFAE5EE11EABA8AEC34C4F9AE02.roa
File: 1DB9AEFAE5EE11EABA8AEC34C4F9AE02.roa (raw, json)
Hash identifier: 5aV9XBXrcvbjgf/LPgaKXuKSTwY+yKVYWBNYr04mwwM=
Subject key identifier: CF:0C:15:C4:37:13:26:1B:A9:BA:DF:6A:66:07:C3:33:75:DB:CA:03
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 2771
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/1DB9AEFAE5EE11EABA8AEC34C4F9AE02.roa
Signing time: Tue 30 Jul 2024 16:04:26 +0000
ROA not before: Tue 30 Jul 2024 16:04:25 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 43603
IP address blocks: 2402:9e80:2::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10097 (0x2771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D
Validity
Not Before: Jul 30 16:04:25 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a90f09-8702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:16:76:8a:67:85:c2:1e:6a:ef:1b:85:77:84:
62:9d:cc:c4:15:e7:10:a6:09:7c:7e:68:69:5c:41:
79:9f:2b:59:41:4b:8c:2a:9d:95:5e:0c:91:f3:44:
1c:0c:4e:3e:2b:13:36:f4:56:82:1c:d5:3f:b5:0e:
fe:83:35:2a:ad:3c:dc:45:60:42:01:aa:e5:f3:35:
8a:67:92:a5:75:5f:76:27:b7:05:37:f7:73:3c:00:
1d:fa:b7:33:43:05:ae:15:05:67:5d:92:05:53:8d:
b4:34:d5:a3:92:7e:15:de:1f:0e:65:96:31:ea:85:
9b:bd:6a:37:5e:f4:4a:d4:fd:6e:3d:5b:28:05:a8:
3f:4e:ea:ed:0f:cf:40:df:ac:70:51:31:d2:ad:ad:
37:81:50:5d:92:bb:ab:34:89:8c:99:5e:f9:3a:f6:
14:8e:77:c0:83:2d:3f:38:f4:79:9e:8e:5e:09:da:
87:18:80:e5:c6:e1:7f:44:ed:08:8b:6e:0b:3f:25:
72:87:75:d8:6b:b4:5f:b4:95:aa:fa:28:e1:11:9a:
5e:c1:fe:99:ed:1b:be:84:01:0e:de:d0:f6:53:df:
be:13:8a:bf:94:9c:b6:d6:80:2b:c4:94:4e:54:23:
cd:ed:1d:99:ba:2b:e1:7e:ff:6e:52:07:44:8a:55:
4b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0C:15:C4:37:13:26:1B:A9:BA:DF:6A:66:07:C3:33:75:DB:CA:03
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/1DB9AEFAE5EE11EABA8AEC34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:9e80:2::/48
Signature Algorithm: sha256WithRSAEncryption
ba:28:52:1e:df:11:da:77:74:96:28:80:a0:88:be:7f:05:da:
2c:66:dc:8f:81:ca:fc:81:09:58:cc:03:0f:f8:39:4d:73:9c:
29:fd:ad:9d:5c:71:e6:8e:89:ea:3f:06:4a:cf:d5:f5:65:b2:
bc:67:9e:4f:c9:80:38:c6:db:ae:ff:f2:5f:d4:f6:b5:17:65:
2d:31:24:56:89:0c:85:0a:00:c8:65:ee:f4:8a:40:82:39:03:
66:ae:14:e6:92:ea:e2:6d:0c:88:18:2c:81:13:dc:5a:94:0e:
e7:1e:94:b1:bf:9d:d0:12:3a:10:72:86:2a:c2:58:b2:2f:42:
fe:cc:7f:6e:4e:d4:48:a3:8a:4c:f6:1b:fa:5f:50:3d:fb:3b:
8a:12:b9:1f:05:70:d0:a0:84:5a:61:f9:65:85:c8:49:22:a4:
fd:95:a6:16:ec:4f:48:68:c9:30:c2:18:21:d5:16:db:f0:20:
16:a3:13:8f:1d:c0:e0:b6:27:d0:97:4d:59:96:21:8e:b4:4b:
aa:b0:0d:25:87:1d:40:a4:5e:31:c3:54:d2:ff:e8:1a:1d:b7:
90:2a:4e:93:64:43:92:20:f5:76:6b:71:36:83:dd:6f:0f:2e:
0c:00:22:94:cb:0d:7e:20:68:62:a5:d3:93:25:9b:7e:54:5a:
70:1a:04:1e
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICJ3EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjQwNzMwMTYwNDI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5MGYwOS04NzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArBZ2imeFwh5q7xuFd4RinczEFecQpgl8fmhpXEF5nytZQUuMKp2VXgyR80Qc
DE4+KxM29FaCHNU/tQ7+gzUqrTzcRWBCAarl8zWKZ5KldV92J7cFN/dzPAAd+rcz
QwWuFQVnXZIFU420NNWjkn4V3h8OZZYx6oWbvWo3XvRK1P1uPVsoBag/TurtD89A
36xwUTHSra03gVBdkrurNImMmV75OvYUjnfAgy0/OPR5no5eCdqHGIDlxuF/RO0I
i24LPyVyh3XYa7RftJWq+ijhEZpewf6Z7Ru+hAEO3tD2U9++E4q/lJy21oArxJRO
VCPN7R2Zuivhfv9uUgdEilVLBwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFM8MFcQ3
EyYbqbrfamYHwzN128oDMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvMURCOUFFRkFF
NUVFMTFFQUJBOEFFQzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAp6AAAIwDQYJKoZIhvcNAQELBQADggEBALooUh7fEdp3
dJYogKCIvn8F2ixm3I+ByvyBCVjMAw/4OU1znCn9rZ1cceaOieo/BkrP1fVlsrxn
nk/JgDjG267/8l/U9rUXZS0xJFaJDIUKAMhl7vSKQII5A2auFOaS6uJtDIgYLIET
3FqUDucelLG/ndASOhByhirCWLIvQv7Mf25O1Eijikz2G/pfUD37O4oSuR8FcNCg
hFph+WWFyEkipP2VphbsT0hoyTDCGCHVFtvwIBajE48dwOC2J9CXTVmWIY60S6qw
DSWHHUCkXjHDVNL/6Bodt5AqTpNkQ5Ig9XZrcTaD3W8PLgwAIpTLDX4gaGKl05Ml
m35UWnAaBB4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:02 2025 by rpki-client