Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/8A0E66D647FC11EE838F6160C4F9AE02.roa
File: 8A0E66D647FC11EE838F6160C4F9AE02.roa (raw, json)
Hash identifier: rALO/Lu7rOVuXfsNKsgW9obWV+R382rqfNHaGZDPjYY=
Subject key identifier: 1B:A2:01:8D:3A:50:70:F9:A4:65:66:EC:83:A6:DC:17:FF:FD:BD:68
Certificate issuer: /CN=A912CB2A/serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7
Certificate serial: 0658
Authority key identifier: 14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/8A0E66D647FC11EE838F6160C4F9AE02.roa
Signing time: Thu 20 Mar 2025 23:03:06 +0000
ROA not before: Thu 20 Mar 2025 23:03:06 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 150139
IP address blocks: 2403:6900:c000::/36 maxlen: 36
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1624 (0x658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912CB2A
Validity
Not Before: Mar 20 23:03:06 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67dc9ea9-9511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1d:0b:8b:38:24:4f:cb:8c:06:35:c4:aa:d5:
d5:c6:63:37:27:0f:69:09:eb:3c:3b:59:1c:5d:8f:
e7:a4:1a:66:81:42:0a:0a:85:cb:e0:e3:5a:c0:fe:
c8:d2:93:d6:04:31:cd:89:16:f9:d1:9c:4f:81:c1:
45:1a:aa:3b:c4:86:59:66:1f:3b:e7:2e:3e:77:06:
c2:3d:01:c2:08:60:71:66:25:56:9e:f0:ba:31:8b:
20:85:bb:5c:f9:91:f3:e3:2d:49:22:dc:da:a2:4d:
f1:58:2c:bd:03:27:95:90:37:72:80:19:e4:cd:a5:
8e:99:52:05:a0:4c:e3:56:4e:34:73:23:b1:34:7d:
21:af:54:38:d5:d4:55:ba:ba:1f:25:fa:4f:e4:77:
bf:3d:a1:6c:79:b0:d1:af:b8:63:69:92:ce:59:17:
b2:80:e5:97:d6:28:b6:29:2e:c4:1f:62:db:33:b8:
e8:53:83:f0:47:1d:7c:a0:8e:05:26:e8:ce:e3:1d:
e1:17:ea:a1:f7:7e:b0:1f:6e:ea:4b:72:0f:08:fc:
5c:ac:99:a2:56:16:4e:e7:f2:99:45:eb:81:51:20:
61:e5:e0:4d:12:10:1c:a4:af:b3:84:19:5b:6a:d5:
c3:e2:4a:78:96:f6:1f:06:78:e4:83:0c:3b:a1:99:
d7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A2:01:8D:3A:50:70:F9:A4:65:66:EC:83:A6:DC:17:FF:FD:BD:68
X509v3 Authority Key Identifier:
keyid:14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/8A0E66D647FC11EE838F6160C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:6900:c000::/36
Signature Algorithm: sha256WithRSAEncryption
4d:db:ea:49:69:79:c5:52:88:f5:b4:87:5b:35:d5:ba:d1:1e:
33:45:8d:83:11:0d:9f:ed:4e:56:0a:c0:4b:9e:ef:ee:4b:5d:
d8:5a:52:ec:4a:3f:4c:9a:c4:d7:fb:34:c8:35:d8:d2:c9:1a:
f2:f8:1e:0f:15:70:1e:18:0a:6e:89:bb:65:28:0b:98:9b:ce:
db:9e:96:28:43:31:22:00:09:a8:69:f1:73:70:50:c3:9b:f8:
d0:97:75:fe:bf:0d:0a:52:54:10:71:0e:6a:40:ec:49:27:34:
77:b9:1e:af:85:03:d8:db:57:15:e2:5f:45:f8:77:ff:8a:9e:
be:a3:0f:37:ea:ed:24:69:f8:37:87:d7:a4:e4:9b:bb:1e:2b:
b4:bd:80:d6:6f:a2:db:11:b6:28:5a:71:d5:b7:e9:05:b3:39:
1f:dc:a0:97:c6:7a:62:ae:c3:e3:2e:e2:e0:18:e1:96:46:9b:
54:1c:26:f1:e3:69:4c:a4:09:35:0b:4b:ab:29:15:84:9d:52:
72:15:83:7c:e9:a6:dc:bb:eb:d4:33:d5:a1:0a:7b:23:1b:73:
89:15:9f:da:f6:5d:3b:3a:b3:4d:60:91:40:c7:56:e0:8c:14:
69:5e:cc:10:7c:60:2c:c7:16:da:55:3f:a8:23:82:e5:14:94:
c9:e4:0b:75
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICBlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkNCMkExMTAvBgNVBAUTKDE0N0U5NzU2NDM5RDlEQjcxNTYxMzRBQzc4RjkxQzIz
M0I5MzkyQTcwHhcNMjUwMzIwMjMwMzA2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjOWVhOS05NTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnB0LizgkT8uMBjXEqtXVxmM3Jw9pCes8O1kcXY/npBpmgUIKCoXL4ONawP7I
0pPWBDHNiRb50ZxPgcFFGqo7xIZZZh875y4+dwbCPQHCCGBxZiVWnvC6MYsghbtc
+ZHz4y1JItzaok3xWCy9AyeVkDdygBnkzaWOmVIFoEzjVk40cyOxNH0hr1Q41dRV
urofJfpP5He/PaFsebDRr7hjaZLOWReygOWX1ii2KS7EH2LbM7joU4PwRx18oI4F
JujO4x3hF+qh936wH27qS3IPCPxcrJmiVhZO5/KZReuBUSBh5eBNEhAcpK+zhBlb
atXD4kp4lvYfBnjkgww7oZnXZQIDAQABo4IClzCCApMwHQYDVR0OBBYEFBuiAY06
UHD5pGVm7IOm3Bf//b1oMB8GA1UdIwQYMBaAFBR+l1ZDnZ23FWE0rHj5HCM7k5Kn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0IyQS9FMDFDN0E4NDkw
RTAxMUVCQTEwNTg3MUZDNEY5QUUwMi9GSDZYVmtPZG5iY1ZZVFNzZVBrY0l6dVRr
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZINlhWa09kbmJjVllUU3NlUGtjSXp1VGtxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkNCMkEvRTAxQzdBODQ5MEUwMTFFQkExMDU4NzFGQzRGOUFFMDIvOEEwRTY2RDY0
N0ZDMTFFRTgzOEY2MTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgQkA2kAwDANBgkqhkiG9w0BAQsFAAOCAQEATdvqSWl5xVKI
9bSHWzXVutEeM0WNgxENn+1OVgrAS57v7ktd2FpS7Eo/TJrE1/s0yDXY0ska8vge
DxVwHhgKbom7ZSgLmJvO256WKEMxIgAJqGnxc3BQw5v40Jd1/r8NClJUEHEOakDs
SSc0d7ker4UD2NtXFeJfRfh3/4qevqMPN+rtJGn4N4fXpOSbux4rtL2A1m+i2xG2
KFpx1bfpBbM5H9ygl8Z6Yq7D4y7i4BjhlkabVBwm8eNpTKQJNQtLqykVhJ1SchWD
fOmm3Lvr1DPVoQp7IxtziRWf2vZdOzqzTWCRQMdW4IwUaV7MEHxgLMcW2lU/qCOC
5RSUyeQLdQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:11 2025 by rpki-client