Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/53A6072E7AD611EC8A330A0CC4F9AE02.roa
File: 53A6072E7AD611EC8A330A0CC4F9AE02.roa (raw, json)
Hash identifier: c9Z2TSZfqohxCIBb22YrZB4ezrswRH+F9Usd0k39src=
Subject key identifier: F6:FD:64:32:56:89:97:39:4F:F8:7B:08:45:98:D7:DB:E4:4A:70:32
Certificate issuer: /CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77
Certificate serial: 0472
Authority key identifier: 1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/53A6072E7AD611EC8A330A0CC4F9AE02.roa
Signing time: Sat 25 Jan 2025 00:13:31 +0000
ROA not before: Sat 25 Jan 2025 00:13:31 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 149423
IP address blocks: 2407:9240:3100::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1138 (0x472)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91618BC
Validity
Not Before: Jan 25 00:13:31 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67942caa-8472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d6:39:e3:64:f6:41:59:34:29:3b:05:15:c4:
4a:5e:6c:80:04:aa:72:bc:80:20:81:0e:38:6c:af:
1c:a6:40:8c:75:b3:12:2d:be:0d:83:92:fc:24:39:
f6:3d:83:49:dc:13:65:15:8f:b6:a8:94:27:2c:c9:
e2:e8:c7:48:55:b2:64:4f:e1:73:20:4c:97:6f:65:
a2:5b:65:c5:1b:37:b5:35:e2:95:d8:4c:85:05:10:
07:f9:27:1b:bb:5e:47:dd:bc:b0:4e:38:12:04:d1:
63:4c:83:c3:55:bc:57:d1:16:e8:1e:ea:84:3f:d5:
81:7a:36:db:aa:87:51:45:33:6c:c9:a8:c7:01:bc:
1a:50:1b:b3:df:ed:a8:70:47:f9:ce:7a:c5:4b:b9:
52:03:b7:38:f7:df:d5:23:fd:3c:e2:5e:83:1a:6f:
74:e0:df:42:19:6c:a9:0a:e2:9e:17:75:ba:ee:63:
b7:d1:9e:20:86:cb:10:a1:e9:8f:94:d2:56:a6:1f:
f2:83:ba:15:34:49:fe:90:9c:ae:89:33:74:af:dd:
a7:ff:f7:41:c6:59:91:37:10:c0:41:ae:c3:15:ad:
84:75:c6:c3:26:8b:b9:d6:36:d3:4b:24:2e:87:98:
bf:dd:49:6b:e7:b4:2f:01:95:7d:7f:52:0b:6b:1a:
05:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:FD:64:32:56:89:97:39:4F:F8:7B:08:45:98:D7:DB:E4:4A:70:32
X509v3 Authority Key Identifier:
keyid:1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/53A6072E7AD611EC8A330A0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9240:3100::/40
Signature Algorithm: sha256WithRSAEncryption
8e:5c:62:45:f9:74:a3:02:5f:df:e7:b2:cc:fe:3b:03:26:76:
34:a0:dc:5f:42:18:08:3e:6b:47:58:10:4a:1e:f9:44:0b:49:
a7:00:42:fd:b6:7b:db:09:6a:22:ea:42:85:e4:d3:4b:63:30:
85:a6:89:d2:af:9a:a6:7d:44:ae:c6:50:26:d4:62:99:be:28:
cb:e6:bf:bd:65:7f:bb:45:98:4c:7d:8a:9e:66:b6:9e:90:a9:
ad:00:d3:a9:f8:ac:e2:ee:43:db:5b:11:57:e3:8b:c3:0a:66:
0a:a3:0b:77:2f:ed:a7:c5:cb:39:af:66:ee:21:bb:11:03:2e:
20:8b:c4:8f:7b:59:18:6b:4e:f5:bc:d1:6f:ec:0e:4e:b1:20:
b8:8c:61:8d:28:3e:0d:7b:6d:7d:70:ee:cc:28:6d:e1:4e:3c:
0a:97:ae:40:35:ca:33:c6:ab:49:f1:7a:25:dd:26:e3:6d:01:
c4:0e:6f:1c:ee:7f:1c:c4:9d:cf:ac:6f:f8:e7:b5:40:90:ce:
91:15:f3:f9:41:a3:54:43:82:00:10:d3:51:0d:0f:ff:f3:3d:
29:04:10:4f:b3:0c:25:34:58:ec:78:c6:41:3c:e4:c3:8f:42:
af:f3:2d:10:fe:d2:bc:e0:1b:f0:7d:fc:91:c1:96:19:eb:c9:
9f:0b:2f:19
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICBHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE4QkMxMTAvBgNVBAUTKDFBRUJDRDgyRDcwMjgzNDNCNzQ1QUQ0MDY3MzlDREI5
MkQ0REZCNzcwHhcNMjUwMTI1MDAxMzMxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MmNhYS04NDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwdY542T2QVk0KTsFFcRKXmyABKpyvIAggQ44bK8cpkCMdbMSLb4Ng5L8JDn2
PYNJ3BNlFY+2qJQnLMni6MdIVbJkT+FzIEyXb2WiW2XFGze1NeKV2EyFBRAH+Scb
u15H3bywTjgSBNFjTIPDVbxX0RboHuqEP9WBejbbqodRRTNsyajHAbwaUBuz3+2o
cEf5znrFS7lSA7c499/VI/084l6DGm904N9CGWypCuKeF3W67mO30Z4ghssQoemP
lNJWph/yg7oVNEn+kJyuiTN0r92n//dBxlmRNxDAQa7DFa2EdcbDJou51jbTSyQu
h5i/3Ulr57QvAZV9f1ILaxoFWQIDAQABo4IClzCCApMwHQYDVR0OBBYEFPb9ZDJW
iZc5T/h7CEWY19vkSnAyMB8GA1UdIwQYMBaAFBrrzYLXAoNDt0WtQGc5zbktTft3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MThCQy9FRDdCNjJBQzVE
ODcxMUVDOUMxRDcwMkNDNEY5QUUwMi9HdXZOZ3RjQ2cwTzNSYTFBWnpuTnVTMU4t
M2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d1dk5ndGNDZzBPM1JhMUFaem5OdVMxTi0zYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE4QkMvRUQ3QjYyQUM1RDg3MTFFQzlDMUQ3MDJDQzRGOUFFMDIvNTNBNjA3MkU3
QUQ2MTFFQzhBMzMwQTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAkB5JAMTANBgkqhkiG9w0BAQsFAAOCAQEAjlxiRfl0owJf
3+eyzP47AyZ2NKDcX0IYCD5rR1gQSh75RAtJpwBC/bZ72wlqIupCheTTS2MwhaaJ
0q+apn1ErsZQJtRimb4oy+a/vWV/u0WYTH2Knma2npCprQDTqfis4u5D21sRV+OL
wwpmCqMLdy/tp8XLOa9m7iG7EQMuIIvEj3tZGGtO9bzRb+wOTrEguIxhjSg+DXtt
fXDuzCht4U48CpeuQDXKM8arSfF6Jd0m420BxA5vHO5/HMSdz6xv+Oe1QJDOkRXz
+UGjVEOCABDTUQ0P//M9KQQQT7MMJTRY7HjGQTzkw49Cr/MtEP7SvOAb8H38kcGW
GevJnwsvGQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:07:50 2025 by rpki-client