Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/A160BBAEC17711EABFFC9E1FC4F9AE02.roa
File: A160BBAEC17711EABFFC9E1FC4F9AE02.roa (raw, json)
Hash identifier: CbTGgfEWFtslvO2wALZJ+DSTt60SxWMiq0xTARE85r4=
Subject key identifier: 72:52:51:69:B7:EF:13:1D:4D:29:35:C1:B3:9C:4A:A6:66:30:45:AE
Certificate issuer: /CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Certificate serial: 7CEA
Authority key identifier: C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/A160BBAEC17711EABFFC9E1FC4F9AE02.roa
Signing time: Mon 16 Sep 2024 17:25:05 +0000
ROA not before: Mon 16 Sep 2024 17:25:05 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38561
IP address blocks: 202.9.112.0/22 maxlen: 24
2402:f00::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31978 (0x7cea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913900D
Validity
Not Before: Sep 16 17:25:05 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66e869f1-14ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:df:19:d8:87:cc:08:aa:de:9b:47:6f:c9:53:
ee:81:df:f5:fc:84:fb:bc:d7:45:ac:26:2f:f8:4c:
72:e5:e6:3f:55:6e:3a:d4:97:97:90:68:a0:b4:ff:
d7:6b:d6:9d:64:35:3c:23:03:f9:09:2a:33:b5:ac:
5f:76:c8:78:5d:a8:1c:92:93:df:7d:6b:4e:38:c2:
e6:47:8e:49:e3:28:36:99:a5:99:db:89:ae:16:75:
cb:b8:a9:ec:f6:60:56:06:75:2a:07:05:08:ad:3e:
c7:4c:ed:5a:1b:04:37:41:a3:f5:9a:f3:26:67:db:
2e:c3:09:a8:3f:b1:d1:3b:e8:44:d9:67:b7:b7:7f:
b0:02:60:bb:fc:50:00:e2:21:d0:71:f0:08:a3:13:
11:56:af:48:3e:0d:82:9e:54:c4:70:e8:d1:6f:ac:
8a:d0:63:d2:c9:e1:2f:d8:40:e7:bc:f1:93:43:70:
94:d0:b3:96:14:30:12:aa:58:13:63:3f:53:a5:ee:
28:00:64:38:f0:63:03:53:39:06:4a:d1:9f:d1:58:
6d:7b:01:26:24:a3:e0:0a:95:3a:28:46:d2:28:f7:
b2:44:88:18:16:d1:11:d1:30:eb:65:16:2d:6e:a6:
f2:ad:bb:51:10:54:d2:8e:6d:1b:e3:28:9c:6f:d3:
16:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:52:51:69:B7:EF:13:1D:4D:29:35:C1:B3:9C:4A:A6:66:30:45:AE
X509v3 Authority Key Identifier:
keyid:C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/A160BBAEC17711EABFFC9E1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.9.112.0/22
IPv6:
2402:f00::/32
Signature Algorithm: sha256WithRSAEncryption
23:16:5c:09:71:fd:8d:37:8c:d4:a3:85:2f:36:16:e6:ed:9b:
44:f9:bc:d2:15:a2:89:ff:b1:a1:01:c0:c8:81:30:4f:a1:5b:
13:d3:b2:5c:97:73:2e:72:55:e2:39:ea:f1:88:5a:83:c1:34:
0d:a2:59:ef:a0:c6:ef:0c:60:2f:4a:5b:26:60:06:0c:11:87:
c8:65:bc:86:b1:34:10:d4:55:49:78:b8:0f:90:68:21:47:ba:
f0:37:69:7b:b9:46:d4:e9:86:ea:a8:d6:e6:10:f2:13:e7:57:
67:55:a6:2f:45:9d:e7:f3:ec:e1:a6:90:38:d9:58:48:b1:25:
a6:cb:2e:7a:ec:2a:fa:44:a5:79:66:c4:b1:f5:da:af:b6:fc:
09:d5:42:a8:de:a0:57:69:2c:1a:0a:ea:fa:a7:53:29:76:76:
ac:9e:32:6e:8f:75:a9:ad:c3:69:c4:3e:f3:4a:a0:44:43:06:
8e:40:c4:33:3a:47:9b:9b:6f:68:62:a0:d3:6b:c5:e2:4e:d5:
e4:a7:24:18:54:b8:76:3a:25:93:cf:dd:c1:71:29:94:c8:55:
dd:e2:e4:63:0f:6a:32:a6:7a:b5:0e:18:ad:86:60:92:73:ef:
4e:96:2a:4f:7b:73:15:b4:1b:e1:3c:4a:2f:78:cd:fb:4d:cb:
9a:3e:1b:32
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICfOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkwMEQxMTAvBgNVBAUTKEM2MDM3ODZENTVBOTA0MTI0RTc1OTJFRUQyODk5RUY1
Nzg5MjExMDAwHhcNMjQwOTE2MTcyNTA1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU4NjlmMS0xNGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8d8Z2IfMCKrem0dvyVPugd/1/IT7vNdFrCYv+Exy5eY/VW461JeXkGigtP/X
a9adZDU8IwP5CSoztaxfdsh4XagckpPffWtOOMLmR45J4yg2maWZ24muFnXLuKns
9mBWBnUqBwUIrT7HTO1aGwQ3QaP1mvMmZ9suwwmoP7HRO+hE2We3t3+wAmC7/FAA
4iHQcfAIoxMRVq9IPg2CnlTEcOjRb6yK0GPSyeEv2EDnvPGTQ3CU0LOWFDASqlgT
Yz9Tpe4oAGQ48GMDUzkGStGf0VhtewEmJKPgCpU6KEbSKPeyRIgYFtER0TDrZRYt
bqbyrbtREFTSjm0b4yicb9MWmQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHJSUWm3
7xMdTSk1wbOcSqZmMEWuMB8GA1UdIwQYMBaAFMYDeG1VqQQSTnWS7tKJnvV4khEA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTAwRC9GQ0RDRDNBMEFD
OUQxMUU4OTJDREFEMERDNEY5QUUwMi94Z040YlZXcEJCSk9kWkx1MG9tZTlYaVNF
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hnTjRiVldwQkJKT2RaTHUwb21lOVhpU0VRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkwMEQvRkNEQ0QzQTBBQzlEMTFFODkyQ0RBRDBEQzRGOUFFMDIvQTE2MEJCQUVD
MTc3MTFFQUJGRkM5RTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBALKCXAwDQQCAAIwBwMFACQCDwAwDQYJKoZIhvcNAQELBQAD
ggEBACMWXAlx/Y03jNSjhS82Fubtm0T5vNIVoon/saEBwMiBME+hWxPTslyXcy5y
VeI56vGIWoPBNA2iWe+gxu8MYC9KWyZgBgwRh8hlvIaxNBDUVUl4uA+QaCFHuvA3
aXu5RtTphuqo1uYQ8hPnV2dVpi9Fnefz7OGmkDjZWEixJabLLnrsKvpEpXlmxLH1
2q+2/AnVQqjeoFdpLBoK6vqnUyl2dqyeMm6Pdamtw2nEPvNKoERDBo5AxDM6R5ub
b2hioNNrxeJO1eSnJBhUuHY6JZPP3cFxKZTIVd3i5GMPajKmerUOGK2GYJJz706W
Kk97cxW0G+E8Si94zftNy5o+GzI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:53:28 2025 by rpki-client