Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/EE1F1B3AE2DC11EFAEA1F511C4F9AE02.roa
File: EE1F1B3AE2DC11EFAEA1F511C4F9AE02.roa (raw, json)
Hash identifier: qBkKxNjO6tHwrOVZV+rzWXdMxgTpAPYR64lEnJJMXCM=
Subject key identifier: 79:54:CC:2C:35:3E:7B:88:BE:3B:08:F2:86:64:F2:54:BB:D3:58:0E
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 043A
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/EE1F1B3AE2DC11EFAEA1F511C4F9AE02.roa
Signing time: Tue 04 Feb 2025 09:46:39 +0000
ROA not before: Tue 04 Feb 2025 09:46:39 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 62425
IP address blocks: 113.20.40.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1082 (0x43a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73
Validity
Not Before: Feb 4 09:46:39 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67a1e1fe-5727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:af:fa:70:c7:1f:c1:4b:f7:31:68:42:0e:
ab:06:a2:12:40:ac:89:cb:e9:e0:f2:b1:ec:81:4b:
14:44:77:a9:4a:69:86:21:6a:52:55:4f:4c:f2:a8:
ac:42:70:e9:2f:c2:09:f8:e6:16:3c:0a:45:29:10:
c4:ef:af:93:4a:d1:ef:dc:d8:c4:8a:fe:5f:7e:8e:
ca:99:14:df:4d:61:e9:ee:e3:e1:c9:41:9b:dd:11:
cd:44:2f:97:03:96:d6:10:8d:a5:53:78:28:09:41:
fc:e0:80:b0:1a:e4:3a:c7:f4:c3:cc:97:18:9b:7b:
17:4a:3c:21:c6:2f:17:6d:a7:72:72:be:95:24:c8:
ea:d0:e5:33:5e:24:33:73:17:9c:fe:5a:0d:fb:55:
72:14:66:85:20:f7:b4:2e:53:f1:c7:17:cf:93:8c:
af:c1:8f:90:ff:d8:95:ed:7a:74:dc:c8:49:53:37:
f2:d0:f3:ba:b0:04:80:f0:0b:79:93:d8:3f:ca:03:
88:d0:86:30:46:28:0d:bb:ea:f0:ff:a0:ee:d0:f9:
f5:35:53:38:09:72:7c:6a:5f:55:3b:ae:54:b2:80:
54:66:61:b1:30:6f:48:24:a0:f5:8e:44:2c:52:74:
d1:4a:5e:6e:7a:a2:1c:07:66:ee:be:92:22:4b:5e:
18:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:54:CC:2C:35:3E:7B:88:BE:3B:08:F2:86:64:F2:54:BB:D3:58:0E
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/EE1F1B3AE2DC11EFAEA1F511C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
75:af:98:cc:80:93:02:87:8d:51:f0:9e:0e:4a:94:32:49:45:
5d:7e:44:b6:80:ea:66:32:bc:83:eb:ac:76:2d:59:db:28:bb:
08:47:e4:13:37:05:e7:61:da:82:59:b2:07:48:98:72:a1:f8:
4f:12:4f:90:e3:32:1a:bd:c6:6d:e3:f3:51:e1:cb:ab:60:fc:
50:24:58:ba:7f:76:da:72:57:c2:9b:c2:3e:24:b5:c9:75:dc:
45:8f:08:a8:aa:d9:8c:d2:ea:c1:2d:2b:83:4a:27:bc:fb:ec:
d6:21:57:82:45:45:fd:96:8c:ab:e5:42:cf:4d:06:80:6b:0a:
52:81:bd:79:a0:1a:f1:e5:e7:92:e5:86:7c:cf:4c:77:bb:d5:
a4:9b:ba:2a:a1:c0:00:67:3f:f4:bd:7a:0f:10:ad:d6:94:57:
73:2c:0d:d4:76:b4:d0:d8:40:ab:42:00:91:f9:2f:c3:c8:e1:
73:46:cb:a7:94:14:1b:90:a3:bc:aa:1b:a3:01:82:2b:4f:18:
1a:bd:5a:1b:91:5d:9a:7f:fb:6b:65:dd:4c:72:c5:94:e5:b7:
60:ab:ff:ef:68:e0:ec:7f:08:ed:20:a6:b1:08:e9:34:51:da:
26:01:55:90:5a:2f:0c:1c:22:64:42:ef:55:63:0b:65:e7:19:
db:3a:00:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjUwMjA0MDk0NjM5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExZTFmZS01NzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArESv+nDHH8FL9zFoQg6rBqISQKyJy+ng8rHsgUsURHepSmmGIWpSVU9M8qis
QnDpL8IJ+OYWPApFKRDE76+TStHv3NjEiv5ffo7KmRTfTWHp7uPhyUGb3RHNRC+X
A5bWEI2lU3goCUH84ICwGuQ6x/TDzJcYm3sXSjwhxi8Xbadycr6VJMjq0OUzXiQz
cxec/loN+1VyFGaFIPe0LlPxxxfPk4yvwY+Q/9iV7Xp03MhJUzfy0PO6sASA8At5
k9g/ygOI0IYwRigNu+rw/6Du0Pn1NVM4CXJ8al9VO65UsoBUZmGxMG9IJKD1jkQs
UnTRSl5ueqIcB2buvpIiS14YowIDAQABo4IClTCCApEwHQYDVR0OBBYEFHlUzCw1
PnuIvjsI8oZk8lS701gOMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvRUUxRjFCM0FF
MkRDMTFFRkFFQTFGNTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJxFCgwDQYJKoZIhvcNAQELBQADggEBAHWvmMyAkwKHjVHw
ng5KlDJJRV1+RLaA6mYyvIPrrHYtWdsouwhH5BM3Bedh2oJZsgdImHKh+E8ST5Dj
Mhq9xm3j81Hhy6tg/FAkWLp/dtpyV8Kbwj4ktcl13EWPCKiq2YzS6sEtK4NKJ7z7
7NYhV4JFRf2WjKvlQs9NBoBrClKBvXmgGvHl55LlhnzPTHe71aSbuiqhwABnP/S9
eg8QrdaUV3MsDdR2tNDYQKtCAJH5L8PI4XNGy6eUFBuQo7yqG6MBgitPGBq9WhuR
XZp/+2tl3UxyxZTlt2Cr/+9o4Ox/CO0gprEI6TRR2iYBVZBaLwwcImRC71VjC2Xn
Gds6APA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:23 2025 by rpki-client