Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/C07738FE9F4511EB88EBCA76C4F9AE02.roa
File: C07738FE9F4511EB88EBCA76C4F9AE02.roa (raw, json)
Hash identifier: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=
Subject key identifier: D3:7F:6A:5D:31:13:3C:7A:C9:8E:44:AF:37:DE:6B:94:58:27:94:2B
Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA
Certificate serial: 093F
Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/C07738FE9F4511EB88EBCA76C4F9AE02.roa
Signing time: Thu 26 Dec 2024 20:18:50 +0000
ROA not before: Thu 26 Dec 2024 20:18:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134798
IP address blocks: 49.0.4.0/24 maxlen: 24
49.0.5.0/24 maxlen: 24
49.0.6.0/24 maxlen: 24
49.0.7.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2367 (0x93f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143DE2
Validity
Not Before: Dec 26 20:18:50 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676dba2a-f992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:04:28:41:d6:77:3f:4b:f1:bd:88:75:8a:e3:
cc:dc:af:76:5d:3b:c9:1f:8f:67:bb:ff:8b:17:94:
00:e6:33:55:ca:2e:a2:2d:6e:ce:9f:2f:9c:02:b2:
9b:4c:cd:6e:c4:66:50:e1:62:bb:1c:a2:e8:a8:fe:
93:a4:a3:03:4b:bd:5b:1a:34:ea:90:a0:f0:ce:e9:
43:bf:84:9e:96:6f:13:ad:f1:c3:28:bd:ba:7b:f2:
39:45:56:14:c8:64:ec:7f:e8:e8:b3:27:fb:45:ee:
87:19:7e:4d:f9:14:74:62:63:9c:a8:b4:5e:ed:5b:
94:d5:87:50:14:36:96:2a:d3:43:78:0a:ae:27:57:
27:39:04:c1:df:b0:51:0f:63:ed:73:c1:f8:57:65:
71:c6:25:c2:33:a6:45:f9:43:c7:f1:49:4c:3c:4e:
e9:47:4d:d3:92:3a:c0:6f:03:91:46:7f:43:aa:bf:
dc:f2:26:3e:00:58:94:71:ea:b9:05:cd:97:b3:cc:
4b:8f:26:51:b2:0e:dc:16:4b:21:36:8b:9b:f5:97:
42:1d:9f:02:1a:0a:ae:34:62:e7:31:c6:4b:c4:ae:
46:9b:49:7c:29:e3:48:7e:22:8b:49:11:0f:71:7c:
19:9c:db:67:b2:fe:b5:e6:97:dd:32:48:2e:67:b5:
af:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7F:6A:5D:31:13:3C:7A:C9:8E:44:AF:37:DE:6B:94:58:27:94:2B
X509v3 Authority Key Identifier:
keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/C07738FE9F4511EB88EBCA76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.0.4.0/22
Signature Algorithm: sha256WithRSAEncryption
89:1a:22:28:27:19:58:4f:2b:ae:d2:41:e3:59:69:88:23:31:
53:63:61:c2:dd:8c:06:c5:5b:26:62:75:05:a0:ad:7c:e4:ca:
53:54:16:1c:a8:c2:fb:63:55:85:d5:49:81:50:d6:b2:cb:ce:
45:07:13:14:86:61:4c:26:e8:0a:bf:16:30:e3:c5:45:d7:df:
13:ae:a5:ed:a8:07:5d:59:7b:2d:bd:f6:ec:46:cf:65:37:ec:
71:48:25:ee:0b:72:b6:ac:83:e9:1a:73:8c:dc:cc:86:e6:d8:
b4:e3:bd:ab:6f:bf:4f:ed:ed:c3:3e:60:66:7b:37:0c:ad:4b:
fd:40:d2:60:c3:3e:96:01:5d:8e:aa:f8:09:98:1e:2d:e7:fe:
97:6d:58:26:da:ca:37:49:9e:15:cf:74:cb:fb:cf:1f:93:71:
d9:07:7d:48:2e:d1:d8:81:94:8d:c3:71:f7:db:5c:ae:7c:a8:
35:74:0a:4e:07:5c:55:56:5a:cb:96:1a:d2:59:d9:fe:5d:76:
26:26:a2:8e:8d:8b:d6:6a:c6:75:60:dc:6e:a7:fe:0c:9d:3e:
bd:75:4b:2f:05:bd:88:ea:5a:ec:f2:b9:1c:7b:29:ad:b4:93:
08:1d:59:1a:32:70:3d:b4:b6:5b:6e:3d:1b:d7:0b:a4:0e:be:
6d:9b:bd:c8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE
NjdEMkM3RUEwHhcNMjQxMjI2MjAxODUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZkYmEyYS1mOTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3gQoQdZ3P0vxvYh1iuPM3K92XTvJH49nu/+LF5QA5jNVyi6iLW7Ony+cArKb
TM1uxGZQ4WK7HKLoqP6TpKMDS71bGjTqkKDwzulDv4Selm8TrfHDKL26e/I5RVYU
yGTsf+josyf7Re6HGX5N+RR0YmOcqLRe7VuU1YdQFDaWKtNDeAquJ1cnOQTB37BR
D2Ptc8H4V2VxxiXCM6ZF+UPH8UlMPE7pR03TkjrAbwORRn9Dqr/c8iY+AFiUceq5
Bc2Xs8xLjyZRsg7cFkshNoub9ZdCHZ8CGgquNGLnMcZLxK5Gm0l8KeNIfiKLSREP
cXwZnNtnsv615pfdMkguZ7WvVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNN/al0x
Ezx6yY5Erzfea5RYJ5QrMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF
OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4
LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNERTIvRDIxOERENTI4RTk3MTFFQThDMkRFNTM3QzRGOUFFMDIvQzA3NzM4RkU5
RjQ1MTFFQjg4RUJDQTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIxAAQwDQYJKoZIhvcNAQELBQADggEBAIkaIignGVhPK67S
QeNZaYgjMVNjYcLdjAbFWyZidQWgrXzkylNUFhyowvtjVYXVSYFQ1rLLzkUHExSG
YUwm6Aq/FjDjxUXX3xOupe2oB11Zey299uxGz2U37HFIJe4Lcrasg+kac4zczIbm
2LTjvatvv0/t7cM+YGZ7NwytS/1A0mDDPpYBXY6q+AmYHi3n/pdtWCbayjdJnhXP
dMv7zx+TcdkHfUgu0diBlI3DcffbXK58qDV0Ck4HXFVWWsuWGtJZ2f5ddiYmoo6N
i9ZqxnVg3G6n/gydPr11Sy8FvYjqWuzyuRx7Ka20kwgdWRoycD20tltuPRvXC6QO
vm2bvcg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:57:22 2025 by rpki-client