Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/46493600A91511ED9E2AC948C4F9AE02.roa
File: 46493600A91511ED9E2AC948C4F9AE02.roa (raw, json)
Hash identifier: Cvm3jGgtG/IO+qWj8hVQiUBhVroPBRD0seW7V/cVRpo=
Subject key identifier: 47:3E:02:AD:85:C9:55:A6:F3:23:70:30:FC:66:82:4C:E3:70:5F:C9
Certificate issuer: /CN=A913C40D/serialNumber=8C3814723FC755E9A9BA1BC335664A519BBC1CEE
Certificate serial: 044D
Authority key identifier: 8C:38:14:72:3F:C7:55:E9:A9:BA:1B:C3:35:66:4A:51:9B:BC:1C:EE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDgUcj_HVempuhvDNWZKUZu8HO4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/46493600A91511ED9E2AC948C4F9AE02.roa
Signing time: Thu 05 Dec 2024 00:03:20 +0000
ROA not before: Thu 05 Dec 2024 00:03:20 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 55020
IP address blocks: 43.251.224.0/22 maxlen: 24
103.43.8.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1101 (0x44d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C40D
Validity
Not Before: Dec 5 00:03:20 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6750edc8-8f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:98:d1:34:e4:d3:8d:8e:24:ea:f2:26:98:d1:
c6:a2:ee:2c:9e:eb:dc:c4:f2:0f:ea:68:46:25:a5:
02:84:12:13:14:19:e1:67:f1:4a:be:2c:4c:e2:53:
62:b7:48:da:75:5b:3c:c8:39:ef:b9:52:f8:58:49:
57:bd:2d:3f:ce:72:63:59:b3:cc:5a:b3:ce:c5:49:
73:76:45:0f:d2:5b:8b:ee:de:1e:27:cc:da:2f:92:
80:d2:ab:88:25:ce:18:10:30:d9:99:eb:86:0e:b4:
68:6b:0e:f7:c3:5e:cf:21:1d:63:a0:30:ad:07:cf:
ce:e2:ff:57:45:6f:0a:41:0a:5a:5f:09:68:f8:09:
1a:2b:23:81:fd:16:cc:ac:5e:b8:d4:a4:8f:38:cf:
80:59:b0:39:c1:82:87:94:cd:f3:82:6e:08:13:53:
25:a3:6d:eb:89:7c:77:e9:2d:53:3e:48:c0:5a:c6:
d5:ac:59:66:9f:8a:fe:bb:74:46:e3:66:90:df:18:
e6:6b:ce:ab:fd:8f:c7:65:24:68:15:f5:a9:f8:c5:
a9:e9:27:d4:1a:8a:6f:36:f4:32:f6:a8:0f:50:05:
c4:a2:fc:5d:e9:a5:c8:17:96:b6:2d:5a:76:c1:5a:
d4:c4:79:b0:ba:bd:42:b9:5f:ea:52:e2:8a:c7:58:
21:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:3E:02:AD:85:C9:55:A6:F3:23:70:30:FC:66:82:4C:E3:70:5F:C9
X509v3 Authority Key Identifier:
keyid:8C:38:14:72:3F:C7:55:E9:A9:BA:1B:C3:35:66:4A:51:9B:BC:1C:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/jDgUcj_HVempuhvDNWZKUZu8HO4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDgUcj_HVempuhvDNWZKUZu8HO4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/46493600A91511ED9E2AC948C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.224.0/22
103.43.8.0/22
Signature Algorithm: sha256WithRSAEncryption
22:7a:b5:77:1a:ad:5c:79:04:9a:2a:5d:50:d9:59:b0:69:27:
b9:96:32:08:a0:ac:1c:80:d9:9b:a2:c2:f7:e2:2f:23:f1:0b:
ce:21:2b:5a:5a:39:f8:77:cd:73:80:59:38:8c:8d:ea:d2:b0:
28:53:cd:dc:42:ef:86:cb:ac:37:d1:dd:ac:3e:b7:ee:cd:56:
7f:9a:20:b4:57:45:a6:44:c0:26:e3:6a:11:a0:61:5d:0f:ab:
0b:c4:0f:70:75:b1:f4:36:73:32:bc:ff:1c:0f:e2:c6:4b:1e:
58:9c:1d:ff:5a:3b:ea:96:ca:25:99:0e:77:2c:60:24:75:9f:
0c:84:d5:1b:c0:c0:0c:46:0d:d7:18:c8:b7:da:1f:00:13:50:
1d:a1:5c:29:58:ab:aa:1c:cd:12:54:b0:b4:93:63:10:78:73:
2b:33:31:d6:a7:27:ce:8f:ef:d3:db:ad:dd:1a:c3:3c:e2:fd:
7d:49:53:79:03:ba:60:5a:f6:c8:ca:02:88:70:0a:72:27:5a:
e2:14:82:4a:81:86:48:41:36:b5:1b:ec:97:ab:f5:40:ca:38:
1a:5e:77:b4:ae:c3:43:69:bd:5e:d3:65:fc:6e:4d:92:9c:ca:
05:a3:0f:71:b8:65:7e:f8:12:2f:60:a7:26:20:fb:23:5c:d4:
07:14:00:3f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M0MEQxMTAvBgNVBAUTKDhDMzgxNDcyM0ZDNzU1RTlBOUJBMUJDMzM1NjY0QTUx
OUJCQzFDRUUwHhcNMjQxMjA1MDAwMzIwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwZWRjOC04ZjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ZjRNOTTjY4k6vImmNHGou4snuvcxPIP6mhGJaUChBITFBnhZ/FKvixM4lNi
t0jadVs8yDnvuVL4WElXvS0/znJjWbPMWrPOxUlzdkUP0luL7t4eJ8zaL5KA0quI
Jc4YEDDZmeuGDrRoaw73w17PIR1joDCtB8/O4v9XRW8KQQpaXwlo+AkaKyOB/RbM
rF641KSPOM+AWbA5wYKHlM3zgm4IE1Mlo23riXx36S1TPkjAWsbVrFlmn4r+u3RG
42aQ3xjma86r/Y/HZSRoFfWp+MWp6SfUGopvNvQy9qgPUAXEovxd6aXIF5a2LVp2
wVrUxHmwur1CuV/qUuKKx1ghrwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEc+Aq2F
yVWm8yNwMPxmgkzjcF/JMB8GA1UdIwQYMBaAFIw4FHI/x1XpqbobwzVmSlGbvBzu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzQwRC81MEY3NzVBNjNC
Q0MxMUVDQTc5MUYyNURDNEY5QUUwMi9qRGdVY2pfSFZlbXB1aHZETldaS1VadThI
TzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pEZ1Vjal9IVmVtcHVodkROV1pLVVp1OEhPNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M0MEQvNTBGNzc1QTYzQkNDMTFFQ0E3OTFGMjVEQzRGOUFFMDIvNDY0OTM2MDBB
OTE1MTFFRDlFMkFDOTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr++ADBAJnKwgwDQYJKoZIhvcNAQELBQADggEBACJ6tXca
rVx5BJoqXVDZWbBpJ7mWMgigrByA2ZuiwvfiLyPxC84hK1paOfh3zXOAWTiMjerS
sChTzdxC74bLrDfR3aw+t+7NVn+aILRXRaZEwCbjahGgYV0PqwvED3B1sfQ2czK8
/xwP4sZLHlicHf9aO+qWyiWZDncsYCR1nwyE1RvAwAxGDdcYyLfaHwATUB2hXClY
q6oczRJUsLSTYxB4cyszMdanJ86P79Pbrd0awzzi/X1JU3kDumBa9sjKAohwCnIn
WuIUgkqBhkhBNrUb7Jer9UDKOBped7Suw0NpvV7TZfxuTZKcygWjD3G4ZX74Ei9g
pyYg+yNc1AcUAD8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:17:57 2025 by rpki-client