Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/CAB9BACCE26B11EF82F3EC6DC4F9AE02.roa
File: CAB9BACCE26B11EF82F3EC6DC4F9AE02.roa (raw, json)
Hash identifier: 2GcmklpP3I0gEeRDygj8a6xc69fk4ExhFQPeMiG4MHo=
Subject key identifier: 90:51:82:A3:A1:D7:95:38:B5:14:ED:DD:59:E1:EC:33:3A:CA:B6:15
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 0435
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/CAB9BACCE26B11EF82F3EC6DC4F9AE02.roa
Signing time: Mon 03 Feb 2025 20:16:46 +0000
ROA not before: Mon 03 Feb 2025 20:16:46 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 43260
IP address blocks: 113.20.40.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1077 (0x435)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73
Validity
Not Before: Feb 3 20:16:46 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67a1242e-36c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b4:24:5c:09:03:22:6d:06:6d:ec:b6:f4:d7:
ba:48:8e:c3:98:c4:70:18:e8:b6:db:8c:84:dd:ff:
c2:3f:e6:17:0d:d7:42:1d:a6:1d:52:1b:1e:3e:98:
ed:20:d8:29:d3:67:7f:66:90:5a:8a:80:28:32:d0:
fe:ee:36:1f:0f:ec:af:8d:39:e2:bd:06:13:d6:77:
80:7b:34:eb:46:fc:c6:23:84:64:28:df:f4:a7:6d:
8a:97:bf:9f:63:cd:e2:0e:97:38:c2:b4:e8:77:c1:
77:05:90:5a:d0:3c:f2:c2:1f:2c:ef:e0:c8:1a:f9:
6a:9a:5b:1e:30:22:a9:6e:30:04:63:d5:57:4a:01:
c6:63:d3:8c:93:53:2c:a2:c1:13:99:a4:d4:5e:e5:
11:19:71:53:67:16:cd:37:de:6a:7c:0f:95:b1:88:
8f:b0:2c:02:5d:87:58:81:f1:13:fa:89:1d:37:2a:
2a:b1:99:0b:8d:30:f2:65:9c:9f:33:69:97:3f:e8:
25:35:dd:33:03:f7:20:49:df:70:e1:2c:24:ab:1f:
72:ea:a4:3e:cf:58:d1:78:d6:4f:fd:15:48:1c:66:
58:18:cf:93:b1:cb:8d:9b:f1:2f:0e:44:55:19:6a:
8b:63:61:0f:f1:ab:4e:9f:00:63:1e:91:7a:58:05:
6e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:51:82:A3:A1:D7:95:38:B5:14:ED:DD:59:E1:EC:33:3A:CA:B6:15
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/CAB9BACCE26B11EF82F3EC6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:f0:4b:e7:91:b3:17:51:df:c5:c4:c1:86:24:e3:6d:a6:e0:
8b:d6:c3:15:c7:46:f8:0d:0d:64:01:26:42:e0:a6:b5:76:c5:
43:0a:ed:4d:36:89:ca:cd:d9:61:9f:c4:2f:51:2b:10:5b:13:
4e:52:42:14:54:42:b9:17:7a:bb:fd:84:cc:ac:f3:33:d9:a3:
be:2e:3e:4a:21:55:4b:46:0a:f8:74:41:67:15:3f:32:ca:b6:
48:c1:cc:68:0e:34:b4:08:08:53:c3:11:ca:10:70:9f:c4:04:
a3:7a:a0:b4:4d:df:b6:06:3c:80:a6:72:2d:29:be:57:cd:8c:
00:cc:26:1d:dd:f4:bb:71:d7:34:9f:28:3d:09:3a:3c:2f:bc:
25:7f:11:ef:58:70:30:07:f6:98:46:31:ca:e1:c6:92:01:02:
6e:a0:c2:a5:76:6d:a7:fc:f4:56:ea:80:c1:37:63:93:a3:7d:
69:c3:95:52:ea:ba:ee:1f:c0:1a:7b:60:16:28:b9:90:2f:33:
db:1b:b9:cc:6f:6d:72:ec:0e:15:94:c8:32:49:72:32:29:c3:
3b:75:ec:e9:4a:fd:d2:7a:be:9b:a1:50:b5:b7:af:af:49:1c:
af:d2:2f:36:fe:56:c7:c6:24:1c:55:9a:3d:79:a3:b2:ee:81:
84:76:d0:83
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjUwMjAzMjAxNjQ2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExMjQyZS0zNmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA37QkXAkDIm0Gbey29Ne6SI7DmMRwGOi224yE3f/CP+YXDddCHaYdUhsePpjt
INgp02d/ZpBaioAoMtD+7jYfD+yvjTnivQYT1neAezTrRvzGI4RkKN/0p22Kl7+f
Y83iDpc4wrTod8F3BZBa0Dzywh8s7+DIGvlqmlseMCKpbjAEY9VXSgHGY9OMk1Ms
osETmaTUXuURGXFTZxbNN95qfA+VsYiPsCwCXYdYgfET+okdNyoqsZkLjTDyZZyf
M2mXP+glNd0zA/cgSd9w4Swkqx9y6qQ+z1jReNZP/RVIHGZYGM+TscuNm/EvDkRV
GWqLY2EP8atOnwBjHpF6WAVuAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJBRgqOh
15U4tRTt3Vnh7DM6yrYVMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvQ0FCOUJBQ0NF
MjZCMTFFRjgyRjNFQzZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJxFCgwDQYJKoZIhvcNAQELBQADggEBAKDwS+eRsxdR38XE
wYYk422m4IvWwxXHRvgNDWQBJkLgprV2xUMK7U02icrN2WGfxC9RKxBbE05SQhRU
QrkXerv9hMys8zPZo74uPkohVUtGCvh0QWcVPzLKtkjBzGgONLQICFPDEcoQcJ/E
BKN6oLRN37YGPICmci0pvlfNjADMJh3d9Ltx1zSfKD0JOjwvvCV/Ee9YcDAH9phG
McrhxpIBAm6gwqV2baf89FbqgME3Y5OjfWnDlVLquu4fwBp7YBYouZAvM9sbucxv
bXLsDhWUyDJJcjIpwzt17OlK/dJ6vpuhULW3r69JHK/SLzb+VsfGJBxVmj15o7Lu
gYR20IM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:57:51 2025 by rpki-client