Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/E652AA52C40911EBA930053BC4F9AE02.roa
File: E652AA52C40911EBA930053BC4F9AE02.roa (raw, json)
Hash identifier: ++KskV0PPNEiZEaTeUOZbL0iJBq0mAX/g0VHSQfJFGU=
Subject key identifier: 3D:D4:D0:3F:D0:03:AF:2C:41:4F:2F:5C:76:84:14:BB:11:94:35:1A
Certificate issuer: /CN=A913ED35/serialNumber=7EE945E9E5E51C4B41D99C4332952F9C95876608
Certificate serial: 3442
Authority key identifier: 7E:E9:45:E9:E5:E5:1C:4B:41:D9:9C:43:32:95:2F:9C:95:87:66:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/E652AA52C40911EBA930053BC4F9AE02.roa
Signing time: Mon 08 Jul 2024 15:01:17 +0000
ROA not before: Mon 08 Jul 2024 15:01:17 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 141047
IP address blocks: 111.119.40.0/21 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13378 (0x3442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913ED35
Validity
Not Before: Jul 8 15:01:17 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=668bff3c-5b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:46:0f:4d:5d:c5:87:69:5c:b8:45:91:24:d7:
61:0a:2a:fe:64:13:b5:80:0b:9a:fa:1d:6c:ef:45:
2f:e5:e0:b8:7a:b1:64:db:12:e7:1a:83:83:32:ff:
56:45:19:3e:04:52:9e:dc:63:d6:8e:fa:1f:b1:3b:
42:97:f4:fc:a1:f1:c5:75:97:a2:ea:cf:55:ff:41:
34:d9:02:c6:e8:aa:d3:9f:eb:29:49:3b:53:b9:20:
89:11:b7:18:3c:a4:11:6f:ab:6d:a5:7a:2c:ab:70:
57:c7:2c:90:ca:f0:e0:05:8f:28:99:f5:34:a1:80:
c2:be:0b:c0:fc:26:f3:6c:9d:ce:c7:aa:9b:63:a8:
5a:56:f2:83:6e:2c:11:0b:ba:e8:d3:d6:50:b6:c8:
fd:16:82:a2:0d:b5:55:ff:3a:c0:67:37:5a:30:d7:
0d:ab:fe:40:98:c9:a1:37:c7:30:fd:08:8c:36:0d:
09:63:a6:e8:16:10:8c:5b:49:7e:71:5d:e9:01:03:
0b:1d:79:23:87:ce:64:2a:73:e3:54:01:1b:85:23:
58:8f:72:7a:98:c9:31:5d:e1:c9:f7:e7:76:e6:49:
f0:3b:5d:9b:b6:75:c0:3c:0d:ca:9e:39:01:63:ea:
bd:4b:33:d8:90:f1:00:04:55:67:77:6e:14:e6:33:
0f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D4:D0:3F:D0:03:AF:2C:41:4F:2F:5C:76:84:14:BB:11:94:35:1A
X509v3 Authority Key Identifier:
keyid:7E:E9:45:E9:E5:E5:1C:4B:41:D9:9C:43:32:95:2F:9C:95:87:66:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/E652AA52C40911EBA930053BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.119.40.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:5e:89:a5:13:46:1a:50:f5:06:27:8c:3f:be:6c:eb:12:46:
f6:61:be:ef:ef:2b:30:db:99:38:0c:52:e8:9d:f3:21:4a:a6:
5b:94:89:87:02:c8:9a:53:36:bd:5a:0d:92:08:b8:b2:09:b8:
52:b8:39:d0:5c:30:93:0d:9b:ab:46:17:78:85:c2:0f:c8:41:
0e:68:e9:29:e8:22:71:b7:48:c3:70:65:4b:3d:0b:c8:7a:a9:
15:74:cc:17:f4:94:62:26:eb:13:73:60:c9:1c:d5:5f:47:52:
36:93:7d:86:a0:84:a7:1f:e0:81:74:37:85:cd:79:f0:90:e0:
b6:91:7d:51:cd:ec:3a:af:e5:5d:ee:32:70:9a:1d:86:0d:45:
8e:2b:e1:51:b2:5d:63:df:63:20:5f:d1:62:b6:c9:9c:2c:67:
78:0b:ec:e4:8a:7b:e1:03:42:c1:a8:f7:e9:ca:8f:ad:41:7c:
94:53:72:63:c6:81:bf:e5:a6:29:7f:51:e4:fe:7e:75:05:da:
a0:6a:2e:0d:9e:85:4d:a2:cb:c5:59:40:8b:d9:8d:23:f9:c5:
15:d6:15:ef:ba:8c:48:3a:34:71:7e:0c:42:20:60:64:9f:b9:
8d:29:e6:35:74:cc:bc:e5:41:e5:1d:a0:26:f0:ec:68:20:54:
ce:25:e6:ab
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0VEMzUxMTAvBgNVBAUTKDdFRTk0NUU5RTVFNTFDNEI0MUQ5OUM0MzMyOTUyRjlD
OTU4NzY2MDgwHhcNMjQwNzA4MTUwMTE3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhiZmYzYy01YjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2UYPTV3Fh2lcuEWRJNdhCir+ZBO1gAua+h1s70Uv5eC4erFk2xLnGoODMv9W
RRk+BFKe3GPWjvofsTtCl/T8ofHFdZei6s9V/0E02QLG6KrTn+spSTtTuSCJEbcY
PKQRb6ttpXosq3BXxyyQyvDgBY8omfU0oYDCvgvA/CbzbJ3Ox6qbY6haVvKDbiwR
C7ro09ZQtsj9FoKiDbVV/zrAZzdaMNcNq/5AmMmhN8cw/QiMNg0JY6boFhCMW0l+
cV3pAQMLHXkjh85kKnPjVAEbhSNYj3J6mMkxXeHJ9+d25knwO12btnXAPA3KnjkB
Y+q9SzPYkPEABFVnd24U5jMPqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD3U0D/Q
A68sQU8vXHaEFLsRlDUaMB8GA1UdIwQYMBaAFH7pRenl5RxLQdmcQzKVL5yVh2YI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRUQzNS9CNjNCQTdFRTFE
OTQxMUUyOUQxQTJFRjkwOEIwMkNEMi9mdWxGNmVYbEhFdEIyWnhETXBVdm5KV0ha
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Z1bEY2ZVhsSEV0QjJaeERNcFV2bkpXSFpnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0VEMzUvQjYzQkE3RUUxRDk0MTFFMjlEMUEyRUY5MDhCMDJDRDIvRTY1MkFBNTJD
NDA5MTFFQkE5MzAwNTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBANvdygwDQYJKoZIhvcNAQELBQADggEBAC1eiaUTRhpQ9QYn
jD++bOsSRvZhvu/vKzDbmTgMUuid8yFKpluUiYcCyJpTNr1aDZIIuLIJuFK4OdBc
MJMNm6tGF3iFwg/IQQ5o6SnoInG3SMNwZUs9C8h6qRV0zBf0lGIm6xNzYMkc1V9H
UjaTfYaghKcf4IF0N4XNefCQ4LaRfVHN7Dqv5V3uMnCaHYYNRY4r4VGyXWPfYyBf
0WK2yZwsZ3gL7OSKe+EDQsGo9+nKj61BfJRTcmPGgb/lpil/UeT+fnUF2qBqLg2e
hU2iy8VZQIvZjSP5xRXWFe+6jEg6NHF+DEIgYGSfuY0p5jV0zLzlQeUdoCbw7Ggg
VM4l5qs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:58:10 2025 by rpki-client