Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/3DAAE73A1A2D11EEBC20C11FC4F9AE02.roa
File: 3DAAE73A1A2D11EEBC20C11FC4F9AE02.roa (raw, json)
Hash identifier: UvtmvVRc2Z0q+CfMe7UUrx6gOQJL+ahTUjM/dtEauJg=
Subject key identifier: 17:81:4D:FE:03:C8:C1:36:49:FA:FC:89:7A:55:24:22:C6:F0:2C:F4
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 35ED
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/3DAAE73A1A2D11EEBC20C11FC4F9AE02.roa
Signing time: Fri 16 Aug 2024 14:40:21 +0000
ROA not before: Fri 16 Aug 2024 14:40:21 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 133448
IP address blocks: 101.55.59.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13805 (0x35ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E
Validity
Not Before: Aug 16 14:40:21 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66bf64d5-0300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a3:1e:f8:34:b0:6b:cd:7c:85:03:af:c8:0d:
bc:b5:48:8f:e2:b5:55:19:4f:df:47:fe:d3:17:98:
6b:54:04:cb:73:83:ff:fd:f5:e9:d6:bd:92:c6:1b:
8b:71:4a:76:d8:fb:24:cc:c0:75:03:44:66:a1:da:
1a:c9:b5:5f:2f:18:f1:bb:04:a7:b0:bb:9f:1e:3e:
51:cc:60:e5:f9:eb:3c:84:a2:e6:3e:50:a4:54:55:
5b:29:0a:04:13:4e:82:ac:f9:0c:d5:85:03:d5:86:
b8:6a:e7:e8:2c:21:ee:6e:6f:5a:33:90:33:fa:07:
e7:30:37:48:54:2a:57:a3:49:f5:00:34:4b:c1:c0:
9e:8a:ca:24:75:39:f0:d7:c9:1d:71:7e:a2:e5:0a:
89:70:ee:c5:4d:94:16:8f:06:8c:bf:31:f4:47:bb:
29:66:79:44:c0:87:b7:84:e7:47:61:5b:c5:70:b4:
6b:0f:55:c2:c7:3c:cd:94:f6:43:67:2b:78:4e:7f:
d9:77:38:17:7d:d0:32:e1:9c:2d:10:6f:46:27:90:
2c:e1:d0:a4:7a:c3:89:2b:84:7e:6e:83:b1:5e:16:
ee:2d:6d:48:c2:c2:37:09:45:cf:d5:43:d1:3e:93:
96:b4:6b:e0:50:a4:13:5f:09:ea:81:c8:94:30:10:
fd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:81:4D:FE:03:C8:C1:36:49:FA:FC:89:7A:55:24:22:C6:F0:2C:F4
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/3DAAE73A1A2D11EEBC20C11FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.55.59.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:24:24:3c:99:77:3e:a1:b5:e2:85:52:ea:e0:18:5a:5d:86:
7f:3f:24:7a:0a:8a:53:35:cc:9f:ba:12:c3:87:f4:fa:dc:f6:
13:69:3d:36:66:dc:68:43:d9:47:10:9a:09:a4:1f:59:21:70:
5d:f5:58:55:6a:cf:da:a2:8d:6e:b9:e4:c6:89:0d:56:59:db:
3e:0d:c0:9f:7e:ad:04:ff:6d:17:c2:01:c9:d1:c6:eb:dd:88:
af:cb:67:af:a4:7a:2e:9e:e6:d8:1b:6d:81:55:1e:63:ed:fa:
0f:83:5c:8e:db:47:c6:cf:84:a5:a4:04:f1:7e:96:16:ee:92:
80:7f:51:80:ba:ea:e8:aa:4e:a7:b1:b0:ec:f8:eb:32:3d:74:
57:51:00:50:7d:e3:97:a8:42:2a:01:58:b8:cc:bc:2b:f5:21:
cc:80:46:a2:36:88:d4:c7:b5:6d:62:50:c5:e9:74:34:b9:85:
1c:dc:40:d1:79:7f:0d:8e:54:e7:8b:5c:53:7c:66:0d:e6:49:
88:bb:83:55:9c:11:07:47:73:56:60:a9:3d:2b:ed:d6:50:8d:
0e:66:9f:60:68:45:3d:96:84:99:c0:84:16:c5:34:1c:6d:9d:
e9:c3:f5:ce:28:31:11:bd:79:c7:42:cd:07:70:b4:75:86:e7:
9c:40:22:8b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjQwODE2MTQ0MDIxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJmNjRkNS0wMzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqqMe+DSwa818hQOvyA28tUiP4rVVGU/fR/7TF5hrVATLc4P//fXp1r2SxhuL
cUp22PskzMB1A0RmodoaybVfLxjxuwSnsLufHj5RzGDl+es8hKLmPlCkVFVbKQoE
E06CrPkM1YUD1Ya4aufoLCHubm9aM5Az+gfnMDdIVCpXo0n1ADRLwcCeisokdTnw
18kdcX6i5QqJcO7FTZQWjwaMvzH0R7spZnlEwIe3hOdHYVvFcLRrD1XCxzzNlPZD
Zyt4Tn/ZdzgXfdAy4ZwtEG9GJ5As4dCkesOJK4R+boOxXhbuLW1IwsI3CUXP1UPR
PpOWtGvgUKQTXwnqgciUMBD9SQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBeBTf4D
yME2Sfr8iXpVJCLG8Cz0MB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvM0RBQUU3M0Ex
QTJEMTFFRUJDMjBDMTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABlNzswDQYJKoZIhvcNAQELBQADggEBAKUkJDyZdz6hteKF
UurgGFpdhn8/JHoKilM1zJ+6EsOH9Prc9hNpPTZm3GhD2UcQmgmkH1khcF31WFVq
z9qijW655MaJDVZZ2z4NwJ9+rQT/bRfCAcnRxuvdiK/LZ6+kei6e5tgbbYFVHmPt
+g+DXI7bR8bPhKWkBPF+lhbukoB/UYC66uiqTqexsOz46zI9dFdRAFB945eoQioB
WLjMvCv1IcyARqI2iNTHtW1iUMXpdDS5hRzcQNF5fw2OVOeLXFN8Zg3mSYi7g1Wc
EQdHc1ZgqT0r7dZQjQ5mn2BoRT2WhJnAhBbFNBxtnenD9c4oMRG9ecdCzQdwtHWG
55xAIos=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:27:05 2025 by rpki-client