Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/5E2DEF009C5C11E99CCA9656C4F9AE02.roa
File: 5E2DEF009C5C11E99CCA9656C4F9AE02.roa (raw, json)
Hash identifier: 6Ne7hQRkoimBuuEaTeZdl5fhQ7yZ46EDX0Sh7Chvt50=
Subject key identifier: 5E:C4:85:61:77:B1:CD:07:AD:0F:03:98:6D:BC:CE:45:AA:43:68:2D
Certificate issuer: /CN=A9129E3A/serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Certificate serial: 34B7
Authority key identifier: 5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/5E2DEF009C5C11E99CCA9656C4F9AE02.roa
Signing time: Fri 24 Jan 2025 14:50:29 +0000
ROA not before: Fri 24 Jan 2025 14:50:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 131627
IP address blocks: 202.153.171.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13495 (0x34b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129E3A
Validity
Not Before: Jan 24 14:50:29 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6793a8b5-6832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ec:15:a3:b2:d8:45:ef:00:b0:7a:89:96:35:
80:e8:cb:a9:04:df:34:20:d5:5c:91:ed:0e:82:e8:
42:1d:28:a0:0c:7f:f5:8c:03:19:70:c3:81:80:c1:
14:ed:81:9f:ca:66:f8:a7:45:b0:13:28:db:a8:8a:
2b:56:61:ec:be:af:65:d4:fb:61:3f:40:d8:01:3a:
de:27:f1:3b:2f:3e:c1:88:dd:47:79:41:e4:ac:c5:
52:23:e8:13:0c:67:be:1d:28:45:ce:e3:eb:aa:bd:
ed:f1:45:ac:a6:47:4e:91:bb:72:39:13:8c:c5:47:
02:3b:8a:0a:23:05:de:26:52:06:58:66:24:ad:79:
5f:c4:a8:f1:93:b8:69:99:c3:db:5d:09:4b:e7:8f:
50:4e:38:7b:28:01:89:63:57:90:fa:18:49:16:90:
b0:f0:89:ab:a6:4c:59:07:93:12:2f:bf:1a:af:78:
bd:03:eb:e6:88:c0:10:52:22:8c:b6:cb:32:95:ad:
1f:32:da:dc:44:ff:35:7d:6d:fc:64:03:02:21:d1:
2a:37:08:41:06:00:d1:77:93:ff:3f:ec:be:34:05:
df:66:39:03:3c:cb:7f:ac:66:dd:70:a9:86:06:9c:
66:7f:f0:67:65:88:aa:72:9c:7d:07:2c:5b:1d:ce:
62:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C4:85:61:77:B1:CD:07:AD:0F:03:98:6D:BC:CE:45:AA:43:68:2D
X509v3 Authority Key Identifier:
keyid:5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/5E2DEF009C5C11E99CCA9656C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.153.171.0/24
Signature Algorithm: sha256WithRSAEncryption
62:c2:17:cb:e7:ee:fa:77:a0:b1:ab:4f:1c:8f:3c:e8:a0:e1:
a8:af:b7:96:07:d9:c6:f9:08:8d:e1:02:12:43:10:41:c2:ab:
ad:e8:27:67:4d:5f:a8:a5:3c:47:fc:7f:4e:bc:1f:2c:26:44:
da:7e:21:7e:f0:87:f6:b7:41:87:f6:b0:15:34:7a:45:0b:ff:
44:14:a8:ba:8c:8d:af:3b:8b:c4:70:cf:cd:46:d6:67:f5:85:
f5:16:9a:58:61:17:18:dd:b8:3d:4c:55:9d:cc:05:b4:cd:36:
c2:95:80:ad:a4:11:c4:2d:8f:59:1f:e6:c2:2d:33:be:b1:4d:
e0:5e:e5:a7:c3:0a:4f:cf:b5:00:c7:19:e1:5b:44:dd:91:8f:
17:78:a2:a5:41:60:8a:2a:cc:9a:93:05:18:57:b2:b1:b6:ec:
9b:6e:91:08:a7:1e:36:ec:a2:63:1e:da:bb:4e:01:d9:81:e3:
17:e7:2d:58:8c:25:a0:af:4f:e5:a9:81:2c:69:69:ff:d8:fd:
93:fd:db:7e:e5:95:b8:cd:b7:d2:23:49:2d:3d:9d:9e:43:e7:
03:9e:90:6f:08:4e:84:49:a9:b0:8c:e0:85:aa:c4:3d:69:b4:
33:27:27:bb:50:4e:50:d9:47:03:66:cd:9c:98:f9:96:a9:90:
e1:93:1b:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNLcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlFM0ExMTAvBgNVBAUTKDVBOTZENEVDM0QzNTI0OTREOTIzOUQ1MkFGMzVBQzEw
NERBMTJGOUQwHhcNMjUwMTI0MTQ1MDI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYThiNS02ODMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsewVo7LYRe8AsHqJljWA6MupBN80INVcke0OguhCHSigDH/1jAMZcMOBgMEU
7YGfymb4p0WwEyjbqIorVmHsvq9l1PthP0DYATreJ/E7Lz7BiN1HeUHkrMVSI+gT
DGe+HShFzuPrqr3t8UWspkdOkbtyOROMxUcCO4oKIwXeJlIGWGYkrXlfxKjxk7hp
mcPbXQlL549QTjh7KAGJY1eQ+hhJFpCw8ImrpkxZB5MSL78ar3i9A+vmiMAQUiKM
tssyla0fMtrcRP81fW38ZAMCIdEqNwhBBgDRd5P/P+y+NAXfZjkDPMt/rGbdcKmG
Bpxmf/BnZYiqcpx9ByxbHc5iXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF7EhWF3
sc0HrQ8DmG28zkWqQ2gtMB8GA1UdIwQYMBaAFFqW1Ow9NSSU2SOdUq81rBBNoS+d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUUzQS8xOTdFQzBCNjFE
ODYxMUUyQUJFRjIyREQwOEIwMkNEMi9XcGJVN0QwMUpKVFpJNTFTcnpXc0VFMmhM
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dwYlU3RDAxSkpUWkk1MVNyeldzRUUyaEw1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlFM0EvMTk3RUMwQjYxRDg2MTFFMkFCRUYyMkREMDhCMDJDRDIvNUUyREVGMDA5
QzVDMTFFOTlDQ0E5NjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKmaswDQYJKoZIhvcNAQELBQADggEBAGLCF8vn7vp3oLGr
TxyPPOig4aivt5YH2cb5CI3hAhJDEEHCq63oJ2dNX6ilPEf8f068HywmRNp+IX7w
h/a3QYf2sBU0ekUL/0QUqLqMja87i8Rwz81G1mf1hfUWmlhhFxjduD1MVZ3MBbTN
NsKVgK2kEcQtj1kf5sItM76xTeBe5afDCk/PtQDHGeFbRN2Rjxd4oqVBYIoqzJqT
BRhXsrG27JtukQinHjbsomMe2rtOAdmB4xfnLViMJaCvT+WpgSxpaf/Y/ZP9237l
lbjNt9IjSS09nZ5D5wOekG8IToRJqbCM4IWqxD1ptDMnJ7tQTlDZRwNmzZyY+Zap
kOGTG78=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:40:41 2025 by rpki-client