Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/440BBCC8D50411EB8AB09711C4F9AE02.roa
File: 440BBCC8D50411EB8AB09711C4F9AE02.roa (raw, json)
Hash identifier: qO/kt1cMyB8zrA4ykFY3E6NDvsrSs/t7vGIuj96fEPU=
Subject key identifier: 33:D4:2B:BA:5E:CE:E3:13:2C:80:89:25:61:87:F3:5F:27:F4:D7:D6
Certificate issuer: /CN=A9142A1D/serialNumber=47CBEF70BD55B9533331B8BCC2E9829563A2CE94
Certificate serial: 05ED
Authority key identifier: 47:CB:EF:70:BD:55:B9:53:33:31:B8:BC:C2:E9:82:95:63:A2:CE:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R8vvcL1VuVMzMbi8wumClWOizpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/440BBCC8D50411EB8AB09711C4F9AE02.roa
Signing time: Thu 02 Jan 2025 22:52:35 +0000
ROA not before: Thu 02 Jan 2025 22:52:35 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 48024
IP address blocks: 2001:df2:5380::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1517 (0x5ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9142A1D
Validity
Not Before: Jan 2 22:52:35 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677718b3-e2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:01:fd:1c:43:6a:88:ee:90:40:2d:77:a0:
f7:96:27:47:5f:78:0b:4f:e9:65:0c:60:f8:39:96:
2f:06:56:4d:06:00:c3:ff:6b:cc:c9:45:55:30:b2:
0b:d8:45:fa:ba:07:c3:c1:93:b7:ab:a0:4b:00:11:
d1:dc:8d:ef:b7:39:ad:8e:72:79:eb:ce:96:6c:ee:
0e:5d:30:37:fc:a0:fc:b2:67:59:ae:d8:97:cc:24:
aa:f4:82:95:8a:9a:40:e7:65:d8:59:6d:01:61:f4:
f9:d7:c2:53:69:6e:b7:72:27:bd:86:0d:50:b8:13:
bd:56:87:9a:47:7d:b5:2f:e7:b7:3b:a4:c9:62:da:
4f:03:0a:c7:38:6c:24:ff:2f:28:61:3a:7e:42:32:
53:5d:b6:1a:58:25:92:64:19:57:1b:e3:d4:a8:a0:
67:d9:15:c8:21:98:18:fb:1c:b3:a6:a9:89:38:c1:
70:66:f4:4e:84:e8:37:d6:50:39:61:92:24:0c:93:
b2:70:5c:83:21:23:2f:ab:e8:7a:62:c2:98:87:90:
5b:d4:f5:68:d8:be:17:f7:a4:83:58:5f:6e:72:53:
4a:6a:eb:d9:ab:b4:2d:32:56:80:8d:da:80:8d:b2:
9c:33:25:3e:7b:03:eb:58:43:55:e3:03:9f:f5:a6:
af:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D4:2B:BA:5E:CE:E3:13:2C:80:89:25:61:87:F3:5F:27:F4:D7:D6
X509v3 Authority Key Identifier:
keyid:47:CB:EF:70:BD:55:B9:53:33:31:B8:BC:C2:E9:82:95:63:A2:CE:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/R8vvcL1VuVMzMbi8wumClWOizpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R8vvcL1VuVMzMbi8wumClWOizpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/440BBCC8D50411EB8AB09711C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df2:5380::/48
Signature Algorithm: sha256WithRSAEncryption
27:ca:ec:16:79:b6:82:f0:f5:d4:34:1d:2b:b1:39:8f:52:11:
03:3e:b7:16:74:98:df:8f:1f:96:df:33:77:26:1f:3e:f1:1d:
45:70:f2:ef:a1:82:a8:f0:26:f9:d8:09:6b:c7:65:2d:d9:de:
de:38:82:70:81:3a:a5:6e:d7:12:33:14:15:7e:a3:25:64:80:
c6:04:60:c0:91:19:9e:4c:67:7f:d6:28:05:28:ef:08:90:35:
08:92:1b:b6:b0:c9:c9:4b:0f:d1:4d:45:6a:8e:7b:1c:07:41:
cd:3a:a3:5c:30:b8:00:6c:5f:32:4c:ad:d2:b1:a0:d8:8a:f8:
1a:bb:75:97:65:89:0c:6b:1f:30:61:be:c7:cb:e7:90:3b:33:
f8:2a:0f:51:2f:7c:ac:77:1d:9a:b4:bf:23:0a:00:5a:1d:e6:
67:93:6f:38:a0:2f:85:96:54:3f:73:73:4e:90:9e:45:15:98:
f7:55:17:49:3f:5f:88:37:2f:9e:53:07:2d:e2:41:36:75:56:
c6:34:d7:3d:f3:a5:07:8b:25:fc:91:84:8c:97:af:69:47:f4:
af:4c:a5:b8:29:52:a2:a4:4b:8a:04:a8:25:c4:a6:b9:5f:1e:
0a:cb:f0:a7:fd:f5:db:93:ee:fc:39:f0:f4:b1:0e:02:83:ef:
c1:f3:89:d8
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDJBMUQxMTAvBgNVBAUTKDQ3Q0JFRjcwQkQ1NUI5NTMzMzMxQjhCQ0MyRTk4Mjk1
NjNBMkNFOTQwHhcNMjUwMTAyMjI1MjM1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3MThiMy1lMmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArOUB/RxDaojukEAtd6D3lidHX3gLT+llDGD4OZYvBlZNBgDD/2vMyUVVMLIL
2EX6ugfDwZO3q6BLABHR3I3vtzmtjnJ5686WbO4OXTA3/KD8smdZrtiXzCSq9IKV
ippA52XYWW0BYfT518JTaW63cie9hg1QuBO9VoeaR321L+e3O6TJYtpPAwrHOGwk
/y8oYTp+QjJTXbYaWCWSZBlXG+PUqKBn2RXIIZgY+xyzpqmJOMFwZvROhOg31lA5
YZIkDJOycFyDISMvq+h6YsKYh5Bb1PVo2L4X96SDWF9uclNKauvZq7QtMlaAjdqA
jbKcMyU+ewPrWENV4wOf9aavrwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDPUK7pe
zuMTLICJJWGH818n9NfWMB8GA1UdIwQYMBaAFEfL73C9VblTMzG4vMLpgpVjos6U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkExRC80NTRCQ0RBNDlF
OTQxMUVCQkM4MERGMjBDNEY5QUUwMi9SOHZ2Y0wxVnVWTXpNYmk4d3VtQ2xXT2l6
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1I4dnZjTDFWdVZNek1iaTh3dW1DbFdPaXpwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDJBMUQvNDU0QkNEQTQ5RTk0MTFFQkJDODBERjIwQzRGOUFFMDIvNDQwQkJDQzhE
NTA0MTFFQjhBQjA5NzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3yU4AwDQYJKoZIhvcNAQELBQADggEBACfK7BZ5toLw
9dQ0HSuxOY9SEQM+txZ0mN+PH5bfM3cmHz7xHUVw8u+hgqjwJvnYCWvHZS3Z3t44
gnCBOqVu1xIzFBV+oyVkgMYEYMCRGZ5MZ3/WKAUo7wiQNQiSG7awyclLD9FNRWqO
exwHQc06o1wwuABsXzJMrdKxoNiK+Bq7dZdliQxrHzBhvsfL55A7M/gqD1EvfKx3
HZq0vyMKAFod5meTbzigL4WWVD9zc06QnkUVmPdVF0k/X4g3L55TBy3iQTZ1VsY0
1z3zpQeLJfyRhIyXr2lH9K9MpbgpUqKkS4oEqCXEprlfHgrL8Kf99duT7vw58PSx
DgKD78Hzidg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:01 2025 by rpki-client