Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/5F33838C0A7011F0B0245D0BC4F9AE02.roa
File: 5F33838C0A7011F0B0245D0BC4F9AE02.roa (raw, json)
Hash identifier: iK/p7sDK0PSdeG1ZD3k+/Rsr/mnbTZYLfI5mk1YSIWQ=
Subject key identifier: 68:01:51:47:2B:72:CD:F1:57:B8:A7:26:8A:F3:52:AB:A8:29:72:82
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 2809
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/5F33838C0A7011F0B0245D0BC4F9AE02.roa
Signing time: Wed 26 Mar 2025 18:30:20 +0000
ROA not before: Wed 26 Mar 2025 18:30:20 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 7489
IP address blocks: 27.100.36.0/23 maxlen: 24
45.124.64.0/22 maxlen: 24
45.249.88.0/24 maxlen: 24
103.192.176.0/22 maxlen: 24
103.196.20.0/23 maxlen: 24
103.217.252.0/22 maxlen: 22
103.217.253.0/24 maxlen: 24
2402:9e80::/48 maxlen: 48
2402:9e80:1::/48 maxlen: 48
2402:9e80:5::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10249 (0x2809)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D
Validity
Not Before: Mar 26 18:30:20 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67e447bc-8aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e5:0c:72:11:3a:ab:8f:8c:28:5b:78:93:0a:
d5:17:88:d0:ab:4d:6b:d7:f0:a2:0d:b1:57:5a:61:
92:07:4b:1d:79:22:ad:66:b3:10:f5:19:6c:e4:a8:
9d:43:61:87:ab:c4:29:c5:ce:7d:fe:6d:52:78:c7:
b3:4f:39:bb:00:93:f3:f5:11:66:e3:a8:09:e4:03:
48:2b:cc:43:82:53:2b:00:91:ee:3d:04:8e:4d:5c:
19:34:d9:0f:09:67:92:97:a0:f2:6b:7b:fa:e0:00:
4f:65:cf:89:8e:7e:ff:83:12:60:f3:8f:1c:1e:bf:
0e:19:fc:a5:17:72:44:18:56:91:1f:c2:eb:eb:60:
3f:73:d1:fb:09:eb:67:ed:06:b8:23:57:a9:4e:3a:
94:2e:3c:76:68:a7:cc:bf:54:72:f6:a6:6e:36:a9:
1b:22:96:b4:90:aa:02:58:f5:84:72:fc:0c:5e:45:
a1:c2:96:e4:bb:35:9e:99:cd:db:4a:0c:0a:7e:a9:
e9:cc:5e:23:c0:e4:ab:65:59:58:82:ab:dc:06:80:
d5:91:49:79:0c:78:b6:69:7c:68:9d:11:8c:78:06:
ba:54:41:9a:50:4b:2e:8d:1d:27:14:59:e7:04:a5:
f7:fc:4c:0d:ea:e9:62:f5:ac:aa:53:57:f2:f8:8d:
50:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:01:51:47:2B:72:CD:F1:57:B8:A7:26:8A:F3:52:AB:A8:29:72:82
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/5F33838C0A7011F0B0245D0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.100.36.0/23
45.124.64.0/22
45.249.88.0/24
103.192.176.0/22
103.196.20.0/23
103.217.252.0/22
IPv6:
2402:9e80::/47
2402:9e80:5::/48
Signature Algorithm: sha256WithRSAEncryption
35:2a:69:4d:63:86:54:cd:89:6e:61:9e:f6:af:8d:ca:20:0a:
1e:2f:0e:0d:eb:2d:2b:0d:f8:8e:bd:10:6e:4d:8f:84:a0:2c:
30:63:1e:4d:7a:8d:de:1e:e5:b3:4f:62:8d:61:92:af:5d:db:
89:90:8a:07:dd:d0:3f:17:d7:fa:3e:7a:51:6c:67:70:91:ff:
8f:db:ed:d4:fa:d4:86:74:2a:08:74:eb:4e:2c:2c:b4:93:af:
d9:3a:a0:45:b6:3b:9d:b6:17:3c:f0:18:7f:25:a2:44:82:b0:
b2:14:3e:ca:3f:78:a6:72:29:5f:62:43:cc:10:2d:c4:8d:55:
1c:55:11:c8:42:da:93:85:d3:bf:9f:cf:e6:39:87:41:2f:14:
d8:db:36:20:8a:be:3e:ee:c5:8e:8a:e7:6f:a1:71:64:61:67:
06:4a:87:8a:43:bb:78:da:1a:3d:3e:6c:dd:0d:a4:1d:ea:f7:
ac:03:e8:7c:a9:32:bf:e6:70:fb:bb:10:8e:ce:42:ca:f5:83:
48:61:ea:74:e8:31:c5:89:d8:a8:40:75:62:d7:e3:ca:6a:7e:
18:3d:61:0c:2d:48:a7:8d:1b:c6:a1:0e:2f:ea:2e:f1:70:81:
6a:0e:04:55:3e:e0:2a:9b:c3:28:6c:0c:c7:1d:0b:08:6e:ad:
39:16:a4:62
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICKAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjUwMzI2MTgzMDIwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NDdiYy04YWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4eUMchE6q4+MKFt4kwrVF4jQq01r1/CiDbFXWmGSB0sdeSKtZrMQ9Rls5Kid
Q2GHq8Qpxc59/m1SeMezTzm7AJPz9RFm46gJ5ANIK8xDglMrAJHuPQSOTVwZNNkP
CWeSl6Dya3v64ABPZc+Jjn7/gxJg848cHr8OGfylF3JEGFaRH8Lr62A/c9H7Cetn
7Qa4I1epTjqULjx2aKfMv1Ry9qZuNqkbIpa0kKoCWPWEcvwMXkWhwpbkuzWemc3b
SgwKfqnpzF4jwOSrZVlYgqvcBoDVkUl5DHi2aXxonRGMeAa6VEGaUEsujR0nFFnn
BKX3/EwN6uli9ayqU1fy+I1QJQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFGgBUUcr
cs3xV7inJorzUquoKXKCMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvNUYzMzgzOEMw
QTcwMTFGMEIwMjQ1RDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMCoEAgABMCQDBAEbZCQDBAItfEADBAAt+VgDBAJnwLADBAFnxBQDBAJn2fww
GAQCAAIwEgMHASQCnoAAAAMHACQCnoAABTANBgkqhkiG9w0BAQsFAAOCAQEANSpp
TWOGVM2JbmGe9q+NyiAKHi8ODestKw34jr0Qbk2PhKAsMGMeTXqN3h7ls09ijWGS
r13biZCKB93QPxfX+j56UWxncJH/j9vt1PrUhnQqCHTrTiwstJOv2TqgRbY7nbYX
PPAYfyWiRIKwshQ+yj94pnIpX2JDzBAtxI1VHFURyELak4XTv5/P5jmHQS8U2Ns2
IIq+Pu7Fjornb6FxZGFnBkqHikO7eNoaPT5s3Q2kHer3rAPofKkyv+Zw+7sQjs5C
yvWDSGHqdOgxxYnYqEB1Ytfjymp+GD1hDC1Ip40bxqEOL+ou8XCBag4EVT7gKpvD
KGwMxx0LCG6tORakYg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:41 2025 by rpki-client