Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/0198539E94F311EA9429BF86C4F9AE02.roa
File: 0198539E94F311EA9429BF86C4F9AE02.roa (raw, json)
Hash identifier: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=
Subject key identifier: 7A:F4:A4:88:32:F0:B5:4A:6A:C2:A0:C6:13:E1:6F:39:36:B6:5E:95
Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17
Certificate serial: 0CF6
Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/0198539E94F311EA9429BF86C4F9AE02.roa
Signing time: Fri 28 Feb 2025 18:58:27 +0000
ROA not before: Fri 28 Feb 2025 18:58:27 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133111
IP address blocks: 2400:a980::/29 maxlen: 29
2400:a980:a000::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3318 (0xcf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D52
Validity
Not Before: Feb 28 18:58:27 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c20753-adfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6f:05:2a:ea:92:36:cc:d5:fe:e7:c7:1e:ab:
44:27:b0:8a:a9:8e:ad:2a:72:55:ca:f4:cd:93:b6:
be:ea:9b:ab:dd:00:c0:22:70:00:e7:2e:30:82:4c:
c2:4c:79:9a:69:3d:80:32:ff:16:a4:8b:6a:3b:52:
61:7d:35:db:b4:d9:e7:ed:7a:54:d8:b3:8d:a7:08:
5c:27:66:3c:75:ba:0d:23:85:54:be:78:8b:98:1d:
70:ab:4d:c0:60:28:36:63:bd:1e:64:8c:70:b1:fa:
c7:f8:99:b4:00:60:32:65:c9:11:5e:f7:c4:d4:cf:
ac:bc:2e:2e:13:81:c8:45:ae:0d:63:36:00:ca:ee:
7d:00:c5:ce:7d:55:cb:95:e1:f3:9b:fe:73:ea:a3:
ca:37:c8:ee:ae:91:75:40:ee:9d:c8:39:2f:4d:7e:
4b:71:af:1f:a4:d1:a7:38:43:66:9e:d8:e3:51:40:
74:d8:f4:2f:19:21:ed:05:91:fc:3e:9c:cb:de:d7:
63:44:e0:74:e0:1d:0a:95:53:aa:7d:58:84:36:2f:
51:71:ec:96:27:d8:70:7c:60:11:3e:c4:bb:be:51:
96:6d:1e:25:11:06:d5:ee:d0:20:22:a2:ae:46:4c:
42:9a:90:95:2d:d1:2b:9e:98:f3:2e:80:22:e1:f6:
42:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F4:A4:88:32:F0:B5:4A:6A:C2:A0:C6:13:E1:6F:39:36:B6:5E:95
X509v3 Authority Key Identifier:
keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/0198539E94F311EA9429BF86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:a980::/29
Signature Algorithm: sha256WithRSAEncryption
c6:fc:c7:a2:1c:25:d9:da:85:73:62:45:fb:17:26:d7:a3:26:
fa:e0:25:70:de:49:79:f4:db:a5:3c:d7:73:99:86:a3:2d:78:
4a:e5:93:a8:19:6d:ae:23:d8:23:61:64:f9:34:ae:bf:36:c1:
d9:94:27:7e:41:e8:63:c7:5d:db:42:b4:c4:06:06:56:d3:66:
14:47:1f:99:4c:64:4e:c3:fb:d5:18:d3:3f:e7:d9:34:97:f6:
58:a8:39:c3:01:75:b2:a3:75:96:d2:c0:85:04:22:49:f8:a1:
4e:8e:4a:70:5c:35:11:a7:2a:54:c7:66:8d:f4:ac:49:ba:b8:
15:cf:83:69:1b:67:12:4a:f0:e3:ed:13:ca:88:ad:47:c8:17:
d6:d9:75:f6:13:2e:ca:10:71:93:1f:7c:3c:93:e6:96:67:c8:
0b:ac:9b:6a:3e:d5:29:70:c5:21:8a:3e:4d:f4:7b:b9:6f:a5:
11:b5:fa:14:f9:19:47:82:6c:e1:64:b8:07:e1:2c:d3:db:bf:
d0:cf:84:2b:f0:cb:58:7c:69:91:0f:3f:6c:ad:7c:d8:12:ca:
d7:06:af:82:28:98:9f:47:0c:85:dc:8f:77:2f:d4:10:9b:9a:
7f:21:14:4d:f7:b9:a4:b1:7b:55:04:6e:1c:d4:3a:32:75:3d:
19:73:47:6a
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICDPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy
M0Y1N0FFMTcwHhcNMjUwMjI4MTg1ODI3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyMDc1My1hZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvm8FKuqSNszV/ufHHqtEJ7CKqY6tKnJVyvTNk7a+6pur3QDAInAA5y4wgkzC
THmaaT2AMv8WpItqO1JhfTXbtNnn7XpU2LONpwhcJ2Y8dboNI4VUvniLmB1wq03A
YCg2Y70eZIxwsfrH+Jm0AGAyZckRXvfE1M+svC4uE4HIRa4NYzYAyu59AMXOfVXL
leHzm/5z6qPKN8jurpF1QO6dyDkvTX5Lca8fpNGnOENmntjjUUB02PQvGSHtBZH8
PpzL3tdjROB04B0KlVOqfViENi9RceyWJ9hwfGARPsS7vlGWbR4lEQbV7tAgIqKu
RkxCmpCVLdErnpjzLoAi4fZCHwIDAQABo4ICljCCApIwHQYDVR0OBBYEFHr0pIgy
8LVKasKgxhPhbzk2tl6VMB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC
NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy
aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhENTIvMUQ0QjQ0RUVEQjZCMTFFOTkyOTg3RjQxQzRGOUFFMDIvMDE5ODUzOUU5
NEYzMTFFQTk0MjlCRjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMkAKmAMA0GCSqGSIb3DQEBCwUAA4IBAQDG/MeiHCXZ2oVz
YkX7FybXoyb64CVw3kl59NulPNdzmYajLXhK5ZOoGW2uI9gjYWT5NK6/NsHZlCd+
Qehjx13bQrTEBgZW02YURx+ZTGROw/vVGNM/59k0l/ZYqDnDAXWyo3WW0sCFBCJJ
+KFOjkpwXDURpypUx2aN9KxJurgVz4NpG2cSSvDj7RPKiK1HyBfW2XX2Ey7KEHGT
H3w8k+aWZ8gLrJtqPtUpcMUhij5N9Hu5b6URtfoU+RlHgmzhZLgH4SzT27/Qz4Qr
8MtYfGmRDz9srXzYEsrXBq+CKJifRwyF3I93L9QQm5p/IRRN97mksXtVBG4c1Doy
dT0Zc0dq
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:23:04 2025 by rpki-client