Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/64B971E05F1511ECBED92D34C4F9AE02.roa
File: 64B971E05F1511ECBED92D34C4F9AE02.roa (raw, json)
Hash identifier: aJ7FSrQJbLnYWUhXmRxpHCTv/Yq+upCjLRh7PdkZWMM=
Subject key identifier: 12:2F:A6:BD:3E:36:9F:91:DB:69:58:14:33:ED:08:19:6A:71:B8:A2
Certificate issuer: /CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77
Certificate serial: 0474
Authority key identifier: 1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/64B971E05F1511ECBED92D34C4F9AE02.roa
Signing time: Sat 25 Jan 2025 00:13:32 +0000
ROA not before: Sat 25 Jan 2025 00:13:32 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 210528
IP address blocks: 2407:9240:2201::/48 maxlen: 48
2407:9240:2800::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1140 (0x474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91618BC
Validity
Not Before: Jan 25 00:13:32 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67942cac-1cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:81:da:68:a8:60:0e:7a:ca:68:1f:4b:7e:41:
a4:6d:29:ff:af:8f:b9:03:b5:3b:fb:68:93:5c:d2:
8e:ac:76:8a:f0:10:90:e6:ca:85:5d:b6:60:ff:71:
87:e4:6c:0f:50:29:b2:89:30:3f:19:bc:bd:bb:8b:
4a:c8:71:63:f3:ea:3d:af:6e:42:97:1b:21:e1:4e:
6d:66:91:07:2b:5d:40:16:b9:81:bb:e2:b4:b3:d5:
19:38:1d:f0:a5:f6:6c:9b:c7:93:70:5a:60:24:2b:
f1:15:cf:3d:31:0e:39:cc:68:5e:e1:d9:64:d9:ff:
61:72:37:94:d1:a4:70:95:d7:ae:ed:cd:aa:62:95:
a3:f8:8d:2e:b9:59:33:ec:da:63:7e:41:05:2d:35:
04:f5:44:76:bd:c8:2e:ab:37:59:07:b9:22:7b:16:
91:3e:1a:03:f0:46:db:98:ea:d7:e8:71:7e:07:85:
ea:eb:05:26:ae:c4:04:e5:ce:ca:28:98:d3:16:ea:
17:87:4f:a1:a3:86:d7:59:a8:f2:f5:e8:26:9b:96:
ac:26:87:b6:b7:ce:b0:a2:12:36:16:63:a5:31:56:
9f:04:49:14:94:66:3c:50:ed:8a:bf:8f:4e:12:e0:
dd:5f:15:fe:0f:ff:15:e3:f8:f8:63:63:92:d4:7c:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:2F:A6:BD:3E:36:9F:91:DB:69:58:14:33:ED:08:19:6A:71:B8:A2
X509v3 Authority Key Identifier:
keyid:1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/64B971E05F1511ECBED92D34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9240:2201::/48
2407:9240:2800::/40
Signature Algorithm: sha256WithRSAEncryption
61:75:e9:db:6a:49:4e:0e:08:17:1b:1b:d9:19:17:79:2e:db:
96:40:d3:00:3e:53:a7:78:37:06:a3:68:fe:ef:ab:8b:01:68:
80:0c:c7:54:7f:ad:bd:0f:a9:40:34:5f:ef:a8:eb:eb:fb:92:
c5:89:0d:05:ba:67:c8:6e:80:49:17:6f:90:15:81:c0:1c:23:
2f:ea:18:32:52:1e:68:4c:07:8f:7c:21:c2:86:3e:d8:1f:80:
43:98:56:ca:fc:10:58:9d:86:c4:9f:98:3f:a4:68:fd:91:05:
6c:a6:a9:79:e9:a6:7c:99:e9:70:70:28:c8:59:bf:36:68:c9:
34:10:03:ca:46:44:39:41:12:0c:fb:03:78:5a:a9:6b:09:9f:
37:61:c4:12:da:28:de:27:04:3e:f7:8c:74:7f:b2:db:2c:7f:
ac:79:b3:e5:eb:fd:82:3d:67:d0:f5:2b:1d:ff:a3:20:fc:0f:
c9:9d:77:43:d7:e6:79:90:f7:4d:01:4f:38:23:a0:25:95:91:
09:46:2e:e2:65:71:61:50:f1:51:07:fc:b1:ab:b1:50:6c:e3:
b2:a1:4f:51:2c:5e:13:a1:27:06:ff:5f:95:a8:5d:c3:dd:43:
3b:6c:cc:0f:b1:2c:ad:6f:71:d8:b9:bd:ec:e0:dc:1c:4d:e6:
26:c2:fd:52
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICBHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE4QkMxMTAvBgNVBAUTKDFBRUJDRDgyRDcwMjgzNDNCNzQ1QUQ0MDY3MzlDREI5
MkQ0REZCNzcwHhcNMjUwMTI1MDAxMzMyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MmNhYy0xY2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyoHaaKhgDnrKaB9LfkGkbSn/r4+5A7U7+2iTXNKOrHaK8BCQ5sqFXbZg/3GH
5GwPUCmyiTA/Gby9u4tKyHFj8+o9r25Clxsh4U5tZpEHK11AFrmBu+K0s9UZOB3w
pfZsm8eTcFpgJCvxFc89MQ45zGhe4dlk2f9hcjeU0aRwldeu7c2qYpWj+I0uuVkz
7NpjfkEFLTUE9UR2vcguqzdZB7kiexaRPhoD8EbbmOrX6HF+B4Xq6wUmrsQE5c7K
KJjTFuoXh0+ho4bXWajy9egmm5asJoe2t86wohI2FmOlMVafBEkUlGY8UO2Kv49O
EuDdXxX+D/8V4/j4Y2OS1HwAoQIDAQABo4ICoDCCApwwHQYDVR0OBBYEFBIvpr0+
Np+R22lYFDPtCBlqcbiiMB8GA1UdIwQYMBaAFBrrzYLXAoNDt0WtQGc5zbktTft3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MThCQy9FRDdCNjJBQzVE
ODcxMUVDOUMxRDcwMkNDNEY5QUUwMi9HdXZOZ3RjQ2cwTzNSYTFBWnpuTnVTMU4t
M2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d1dk5ndGNDZzBPM1JhMUFaem5OdVMxTi0zYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE4QkMvRUQ3QjYyQUM1RDg3MTFFQzlDMUQ3MDJDQzRGOUFFMDIvNjRCOTcxRTA1
RjE1MTFFQ0JFRDkyRDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgACMBEDBwAkB5JAIgEDBgAkB5JAKDANBgkqhkiG9w0BAQsFAAOCAQEA
YXXp22pJTg4IFxsb2RkXeS7blkDTAD5Tp3g3BqNo/u+riwFogAzHVH+tvQ+pQDRf
76jr6/uSxYkNBbpnyG6ASRdvkBWBwBwjL+oYMlIeaEwHj3whwoY+2B+AQ5hWyvwQ
WJ2GxJ+YP6Ro/ZEFbKapeemmfJnpcHAoyFm/NmjJNBADykZEOUESDPsDeFqpawmf
N2HEEtoo3icEPveMdH+y2yx/rHmz5ev9gj1n0PUrHf+jIPwPyZ13Q9fmeZD3TQFP
OCOgJZWRCUYu4mVxYVDxUQf8sauxUGzjsqFPUSxeE6EnBv9flahdw91DO2zMD7Es
rW9x2Lm97ODcHE3mJsL9Ug==
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:57:59 2025 by rpki-client