Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/90BB5EBCFCC811EF9A7A8158C4F9AE02.roa
File: 90BB5EBCFCC811EF9A7A8158C4F9AE02.roa (raw, json)
Hash identifier: qsbC2KTNZNLVL4h8YOegLuBzbsDf37gTaYIY/y3pFyI=
Subject key identifier: 43:D7:74:8D:CB:12:C4:8B:79:93:2A:28:9D:C5:94:4E:FA:9B:10:C5
Certificate issuer: /CN=A912F17E/serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2
Certificate serial: 3459
Authority key identifier: 1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/90BB5EBCFCC811EF9A7A8158C4F9AE02.roa
Signing time: Sun 09 Mar 2025 09:26:22 +0000
ROA not before: Sun 09 Mar 2025 09:26:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 10102
IP address blocks: 27.0.8.0/22 maxlen: 24
103.4.108.0/22 maxlen: 24
114.141.208.0/21 maxlen: 24
182.16.140.0/22 maxlen: 24
2404:a100::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13401 (0x3459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F17E
Validity
Not Before: Mar 9 09:26:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cd5ebe-6aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:f7:cb:a3:bf:13:5e:19:ff:3f:4a:e5:62:
8b:89:e0:70:54:ad:e6:64:c8:79:30:eb:b5:3f:d4:
d7:94:94:3b:a5:4c:85:63:70:44:57:7e:37:06:25:
0c:6d:36:58:de:63:f2:0d:bb:24:20:0f:2c:ed:6e:
19:cf:22:fa:53:3e:5c:90:62:3d:a4:c9:93:97:a8:
1f:cd:3b:30:96:a0:b2:7f:a4:d4:ad:be:ee:64:d9:
14:b6:2b:4f:2f:e7:c9:8a:d4:a9:b5:3c:27:6d:c6:
ea:18:c5:a0:0f:f1:d6:b4:95:7d:b8:93:55:fc:29:
0f:52:03:8b:fe:20:82:27:b8:8e:73:ca:f1:75:9e:
7d:fb:75:8c:7a:cf:26:a1:cc:2f:89:22:3f:21:4a:
bd:68:c4:e9:a0:e9:d6:ce:a8:0f:ed:e0:91:cd:ad:
93:c3:e9:94:6f:f9:8f:54:e6:78:4a:be:69:cf:39:
c0:6f:a7:1e:d5:70:67:19:a8:bf:24:5c:75:d1:66:
22:4e:75:36:52:be:00:80:f0:de:6e:80:66:24:ef:
ea:64:0d:f5:73:49:d7:9c:f0:0c:8e:a3:62:b2:0a:
dd:cb:1a:06:46:56:8c:85:2f:e4:b0:79:a3:17:df:
d7:05:30:2f:f7:7d:2f:b2:ff:32:0c:51:b7:de:fa:
c9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D7:74:8D:CB:12:C4:8B:79:93:2A:28:9D:C5:94:4E:FA:9B:10:C5
X509v3 Authority Key Identifier:
keyid:1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/90BB5EBCFCC811EF9A7A8158C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.8.0/22
103.4.108.0/22
114.141.208.0/21
182.16.140.0/22
IPv6:
2404:a100::/32
Signature Algorithm: sha256WithRSAEncryption
19:15:1e:99:f5:f9:06:90:f8:7a:da:41:6e:9a:10:f9:08:7e:
f7:01:d4:1a:79:d6:50:c1:c9:69:c3:93:f3:30:46:13:d6:41:
59:39:fe:ae:05:17:88:2d:75:69:ec:fc:74:8c:03:52:50:3f:
36:9d:3d:17:db:1b:24:1b:11:db:a1:8d:2e:9a:30:f7:e8:d5:
cd:91:4f:7e:cc:90:c8:c9:15:b5:1c:f4:26:7f:a8:99:b7:40:
e6:7d:34:4b:02:49:78:bf:59:4e:b0:ad:61:03:7f:29:0f:67:
24:dc:9e:a1:10:ed:1f:e3:ad:db:af:43:52:66:33:c9:c6:f0:
fd:14:13:30:ac:2c:f9:72:8b:3d:0e:43:2b:98:b5:41:50:b3:
19:b8:0e:4c:2e:bb:67:cd:c4:c6:f3:2e:e3:cf:c5:1b:b6:d9:
28:44:fd:4c:6d:2a:a1:9e:f5:56:b0:a2:a5:0e:cc:ea:61:cc:
45:09:15:20:fe:66:5e:27:5d:9c:ee:1a:73:55:ec:09:84:7e:
c0:e3:39:b9:01:7d:ad:87:e1:c3:99:79:84:ff:d3:e7:a2:a7:
7e:0f:bf:a2:1b:7c:74:c3:19:09:24:8f:92:33:47:e2:03:d9:
7d:7a:0e:01:9c:21:f3:09:fb:74:d6:d6:a9:c2:9a:db:06:0f:
ac:89:3f:b1
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNFkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkYxN0UxMTAvBgNVBAUTKDFGM0U4QjAxRDg0MUNCRTYyMjBEMDJEMkNEMTExMzU0
RjE5QzQ3QjIwHhcNMjUwMzA5MDkyNjIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NkNWViZS02YWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqwz3y6O/E14Z/z9K5WKLieBwVK3mZMh5MOu1P9TXlJQ7pUyFY3BEV343BiUM
bTZY3mPyDbskIA8s7W4ZzyL6Uz5ckGI9pMmTl6gfzTswlqCyf6TUrb7uZNkUtitP
L+fJitSptTwnbcbqGMWgD/HWtJV9uJNV/CkPUgOL/iCCJ7iOc8rxdZ59+3WMes8m
ocwviSI/IUq9aMTpoOnWzqgP7eCRza2Tw+mUb/mPVOZ4Sr5pzznAb6ce1XBnGai/
JFx10WYiTnU2Ur4AgPDeboBmJO/qZA31c0nXnPAMjqNisgrdyxoGRlaMhS/ksHmj
F9/XBTAv930vsv8yDFG33vrJyQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFEPXdI3L
EsSLeZMqKJ3FlE76mxDFMB8GA1UdIwQYMBaAFB8+iwHYQcvmIg0C0s0RE1TxnEey
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjE3RS9GQ0ZGODQ2NjFE
QTMxMUUyODFFQUFGOTkwOEIwMkNEMi9IejZMQWRoQnktWWlEUUxTelJFVFZQR2NS
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h6NkxBZGhCeS1ZaURRTFN6UkVUVlBHY1I3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkYxN0UvRkNGRjg0NjYxREEzMTFFMjgxRUFBRjk5MDhCMDJDRDIvOTBCQjVFQkNG
Q0M4MTFFRjlBN0E4MTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIbAAgDBAJnBGwDBANyjdADBAK2EIwwDQQCAAIwBwMFACQE
oQAwDQYJKoZIhvcNAQELBQADggEBABkVHpn1+QaQ+HraQW6aEPkIfvcB1Bp51lDB
yWnDk/MwRhPWQVk5/q4FF4gtdWns/HSMA1JQPzadPRfbGyQbEduhjS6aMPfo1c2R
T37MkMjJFbUc9CZ/qJm3QOZ9NEsCSXi/WU6wrWEDfykPZyTcnqEQ7R/jrduvQ1Jm
M8nG8P0UEzCsLPlyiz0OQyuYtUFQsxm4Dkwuu2fNxMbzLuPPxRu22ShE/UxtKqGe
9VawoqUOzOphzEUJFSD+Zl4nXZzuGnNV7AmEfsDjObkBfa2H4cOZeYT/0+eip34P
v6IbfHTDGQkkj5IzR+ID2X16DgGcIfMJ+3TW1qnCmtsGD6yJP7E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:42:37 2025 by rpki-client