Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/93DAAB4612BA11EF901ACD28C4F9AE02.roa
File: 93DAAB4612BA11EF901ACD28C4F9AE02.roa (raw, json)
Hash identifier: P9CZgLXKg4nlDwcCC0YAzgQvS67VqqwFERe7OV2NbwE=
Subject key identifier: 3E:92:F3:EF:A0:5D:23:3D:C4:88:27:07:CA:FD:B9:E2:1E:30:4C:EA
Certificate issuer: /CN=A9148BFA/serialNumber=157B0BDE0E3CADB294839BC9815655644DB26E91
Certificate serial: 0502
Authority key identifier: 15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/93DAAB4612BA11EF901ACD28C4F9AE02.roa
Signing time: Tue 14 Jan 2025 23:42:38 +0000
ROA not before: Tue 14 Jan 2025 23:42:38 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 9009
IP address blocks: 43.226.228.0/24 maxlen: 24
43.226.230.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1282 (0x502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148BFA
Validity
Not Before: Jan 14 23:42:38 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786f66e-8752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a2:bb:2c:e4:d6:c2:2c:1f:ab:e7:db:14:f8:
4a:4c:ea:82:be:e5:29:1f:23:4d:18:9d:ce:d2:ec:
b2:43:b3:ae:02:d4:25:d6:bc:19:61:ff:0f:fd:36:
87:da:a8:12:4a:b1:53:2b:64:be:17:d5:25:2c:a8:
9a:62:8c:d7:31:62:c3:3c:ba:e8:ef:65:9c:ea:68:
7c:eb:02:38:cb:74:67:df:e0:dd:10:53:d1:15:fe:
d1:c9:9f:dd:4e:38:cf:ab:f7:60:35:09:32:f1:d8:
a8:1b:b8:74:65:6f:6f:c8:ea:d5:8f:fa:23:42:d8:
64:f0:c1:d0:7d:7b:1b:73:96:0e:f4:bd:86:d3:f1:
6b:74:25:66:f6:9f:82:fd:47:bb:53:c2:67:dc:ab:
bc:37:d5:27:d3:04:0f:c6:0f:c9:0b:d1:cf:b6:21:
6a:30:76:45:92:e8:f5:ee:1c:82:d6:06:37:5d:23:
4e:bd:ed:e0:a3:80:c7:14:15:96:a8:f9:51:25:33:
3a:86:a1:db:59:be:91:4e:67:4b:3a:23:18:cd:5a:
4e:60:b1:08:f0:12:67:34:f7:b0:72:91:b8:f9:c7:
25:c0:33:70:90:00:41:99:0b:5a:96:e5:09:2b:8c:
65:6b:6a:32:13:f0:11:ec:f5:32:2e:4a:f0:a3:4c:
97:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:92:F3:EF:A0:5D:23:3D:C4:88:27:07:CA:FD:B9:E2:1E:30:4C:EA
X509v3 Authority Key Identifier:
keyid:15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/FXsL3g48rbKUg5vJgVZVZE2ybpE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/93DAAB4612BA11EF901ACD28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.228.0/24
43.226.230.0/24
Signature Algorithm: sha256WithRSAEncryption
14:79:e4:d8:45:b4:31:90:ba:db:a6:76:29:49:b9:a9:06:2b:
5f:8a:5d:cd:44:55:6f:24:d5:37:7e:64:4c:77:5d:ce:68:1a:
5e:b8:23:c2:09:f3:fb:d6:98:b8:7c:b6:19:f5:17:e3:9c:13:
35:b8:f7:d0:d3:fd:98:3f:80:87:94:be:a3:e6:74:55:f8:f0:
07:df:c3:fe:fd:46:63:c4:86:4a:7e:df:6c:ee:0d:63:61:22:
4b:62:d5:a7:2e:26:66:cb:4c:e5:4f:26:b9:52:0e:69:7f:1b:
62:6f:cc:a1:ba:f9:be:5a:81:75:12:1e:5e:7a:05:ca:2e:34:
ad:18:91:47:ac:8d:9f:ca:66:a2:ad:19:2d:77:f5:4f:9c:8d:
96:86:77:bf:31:63:f4:f5:e3:f4:a6:09:d4:bb:14:ce:b5:32:
fb:41:ec:cd:17:92:07:2b:35:b9:d9:47:2c:d5:43:b6:64:94:
83:53:01:a4:27:50:e9:1a:ff:c9:30:53:e6:60:74:71:c9:dc:
be:d1:cb:ca:99:b7:dd:de:42:2d:48:e0:58:42:fe:f4:1e:07:
88:af:42:f8:17:e2:e8:cb:c9:28:25:69:0b:90:c3:44:a4:75:
b0:92:63:3c:8b:84:cb:10:8e:3f:d3:43:71:38:f8:b3:5f:19:
e6:5f:1d:ef
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhCRkExMTAvBgNVBAUTKDE1N0IwQkRFMEUzQ0FEQjI5NDgzOUJDOTgxNTY1NTY0
NERCMjZFOTEwHhcNMjUwMTE0MjM0MjM4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2ZjY2ZS04NzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3KK7LOTWwiwfq+fbFPhKTOqCvuUpHyNNGJ3O0uyyQ7OuAtQl1rwZYf8P/TaH
2qgSSrFTK2S+F9UlLKiaYozXMWLDPLro72Wc6mh86wI4y3Rn3+DdEFPRFf7RyZ/d
TjjPq/dgNQky8dioG7h0ZW9vyOrVj/ojQthk8MHQfXsbc5YO9L2G0/FrdCVm9p+C
/Ue7U8Jn3Ku8N9Un0wQPxg/JC9HPtiFqMHZFkuj17hyC1gY3XSNOve3go4DHFBWW
qPlRJTM6hqHbWb6RTmdLOiMYzVpOYLEI8BJnNPewcpG4+cclwDNwkABBmQtaluUJ
K4xla2oyE/AR7PUyLkrwo0yXnwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFD6S8++g
XSM9xIgnB8r9ueIeMEzqMB8GA1UdIwQYMBaAFBV7C94OPK2ylIObyYFWVWRNsm6R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEJGQS8wNEEyNEMzNDEx
NDMxMUVDOTczNjlGNzNDNEY5QUUwMi9GWHNMM2c0OHJiS1VnNXZKZ1ZaVlpFMnli
cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZYc0wzZzQ4cmJLVWc1dkpnVlpWWkUyeWJwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhCRkEvMDRBMjRDMzQxMTQzMTFFQzk3MzY5RjczQzRGOUFFMDIvOTNEQUFCNDYx
MkJBMTFFRjkwMUFDRDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr4uQDBAAr4uYwDQYJKoZIhvcNAQELBQADggEBABR55NhF
tDGQutumdilJuakGK1+KXc1EVW8k1Td+ZEx3Xc5oGl64I8IJ8/vWmLh8thn1F+Oc
EzW499DT/Zg/gIeUvqPmdFX48Affw/79RmPEhkp+32zuDWNhIkti1acuJmbLTOVP
JrlSDml/G2JvzKG6+b5agXUSHl56BcouNK0YkUesjZ/KZqKtGS139U+cjZaGd78x
Y/T14/SmCdS7FM61MvtB7M0XkgcrNbnZRyzVQ7ZklINTAaQnUOka/8kwU+ZgdHHJ
3L7Ry8qZt93eQi1I4FhC/vQeB4ivQvgX4ujLySglaQuQw0SkdbCSYzyLhMsQjj/T
Q3E4+LNfGeZfHe8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:01 2025 by rpki-client