Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/BBE075C6906911EF97FA0D58C4F9AE02.roa
File: BBE075C6906911EF97FA0D58C4F9AE02.roa (raw, json)
Hash identifier: JffyrCPpCuKQ4JV9hKAHpBOYaMhGWQal4zN+8n2snKI=
Subject key identifier: E2:D0:8A:2B:24:37:C9:16:36:E1:1F:7E:37:4C:BB:B3:50:AE:BA:31
Certificate issuer: /CN=A9169ADA/serialNumber=C41715FEF200133D9123250FBB6531E88A4A99DA
Certificate serial: 0DF0
Authority key identifier: C4:17:15:FE:F2:00:13:3D:91:23:25:0F:BB:65:31:E8:8A:4A:99:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xBcV_vIAEz2RIyUPu2Ux6IpKmdo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/BBE075C6906911EF97FA0D58C4F9AE02.roa
Signing time: Wed 04 Dec 2024 17:55:57 +0000
ROA not before: Wed 04 Dec 2024 17:55:57 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150342
IP address blocks: 203.90.253.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3568 (0xdf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9169ADA
Validity
Not Before: Dec 4 17:55:57 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675097ad-ea9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:6b:42:5d:17:68:0c:3e:e8:ca:d8:e9:d5:
41:15:c0:b0:a7:ed:74:2a:55:34:75:01:6e:7f:b5:
b4:8c:03:fe:bb:a5:1f:1f:27:6d:ef:e0:81:30:23:
f0:67:03:52:3e:f5:cc:19:d7:33:44:a4:b9:80:f0:
cb:4d:07:3e:09:9b:d9:04:25:07:74:e4:60:a7:71:
b4:44:62:ee:23:d6:63:64:56:88:c5:3f:8c:18:94:
c9:9a:a9:bc:e3:b8:c4:29:31:7c:8e:1f:77:e4:7f:
93:97:91:e3:c9:7c:ba:54:a1:8e:9e:c7:b3:bf:1c:
a5:cc:59:ee:96:90:29:be:59:88:da:e0:73:a8:38:
d5:f5:32:e5:0f:7a:22:42:16:b5:28:41:5d:94:5c:
5d:dc:0b:19:10:8f:1f:aa:b6:bc:4d:ac:e9:41:1d:
cb:ae:5b:82:3e:23:27:5e:99:7e:52:eb:0b:92:5b:
5f:d0:76:44:b5:5f:c0:5d:f0:0d:43:cb:29:67:77:
ce:72:12:2e:db:55:50:6e:a1:56:8f:04:56:c7:de:
a1:32:36:0f:33:f1:ab:1e:97:91:52:73:5c:50:88:
8c:78:cb:52:25:ac:f4:03:e7:cd:37:a2:55:17:84:
1a:63:e8:76:bd:b1:c4:04:53:3a:c4:b1:21:cb:5b:
30:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D0:8A:2B:24:37:C9:16:36:E1:1F:7E:37:4C:BB:B3:50:AE:BA:31
X509v3 Authority Key Identifier:
keyid:C4:17:15:FE:F2:00:13:3D:91:23:25:0F:BB:65:31:E8:8A:4A:99:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/xBcV_vIAEz2RIyUPu2Ux6IpKmdo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xBcV_vIAEz2RIyUPu2Ux6IpKmdo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169ADA/FF3201CEA6B211E98D2B1860C4F9AE02/BBE075C6906911EF97FA0D58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.90.253.0/24
Signature Algorithm: sha256WithRSAEncryption
28:61:99:53:a8:7c:a0:10:b0:15:1e:7e:86:b9:a0:bc:08:8c:
66:f6:c8:94:73:9b:9b:b0:35:14:58:11:57:42:b2:4b:e5:f5:
ce:7a:72:b9:d6:99:2f:4d:62:ea:eb:b0:75:d8:3d:6d:9f:1e:
f4:69:96:e5:8c:68:3a:6e:02:fa:fa:28:4b:ce:c7:b8:3f:18:
41:8e:ed:27:37:ef:96:b7:16:db:94:20:5f:ce:13:b1:63:fa:
0a:56:d9:81:fc:48:a8:db:35:4c:db:3f:85:96:5b:21:4f:e4:
ad:c3:c5:88:3c:67:52:62:82:9c:b5:a5:7a:ac:62:a7:98:9e:
5b:a7:b8:ea:f0:cc:55:20:b7:42:cd:07:29:92:1b:8d:5d:5c:
5b:20:a9:40:dd:ff:38:c4:77:55:b6:8b:26:a2:04:71:31:14:
48:8d:d9:66:f6:c1:94:ce:13:6b:93:6a:44:b8:92:94:bc:e6:
52:d2:60:36:78:92:f2:53:ac:31:ad:32:1a:7c:61:19:21:3b:
a0:39:fa:c3:d4:c6:9f:01:7e:57:2b:58:b8:fa:42:8b:2c:08:
9e:d9:0a:c8:38:7d:ce:55:32:c9:32:4b:eb:10:ab:48:05:80:
09:b9:82:77:ce:7a:59:05:01:32:50:34:4b:be:6a:cd:2a:ef:
09:07:dc:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjlBREExMTAvBgNVBAUTKEM0MTcxNUZFRjIwMDEzM0Q5MTIzMjUwRkJCNjUzMUU4
OEE0QTk5REEwHhcNMjQxMjA0MTc1NTU3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwOTdhZC1lYTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmpdrQl0XaAw+6MrY6dVBFcCwp+10KlU0dQFuf7W0jAP+u6UfHydt7+CBMCPw
ZwNSPvXMGdczRKS5gPDLTQc+CZvZBCUHdORgp3G0RGLuI9ZjZFaIxT+MGJTJmqm8
47jEKTF8jh935H+Tl5HjyXy6VKGOnsezvxylzFnulpApvlmI2uBzqDjV9TLlD3oi
Qha1KEFdlFxd3AsZEI8fqra8TazpQR3LrluCPiMnXpl+UusLkltf0HZEtV/AXfAN
Q8spZ3fOchIu21VQbqFWjwRWx96hMjYPM/GrHpeRUnNcUIiMeMtSJaz0A+fNN6JV
F4QaY+h2vbHEBFM6xLEhy1sw5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFOLQiisk
N8kWNuEffjdMu7NQrroxMB8GA1UdIwQYMBaAFMQXFf7yABM9kSMlD7tlMeiKSpna
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OUFEQS9GRjMyMDFDRUE2
QjIxMUU5OEQyQjE4NjBDNEY5QUUwMi94QmNWX3ZJQUV6MlJJeVVQdTJVeDZJcEtt
ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hCY1ZfdklBRXoyUkl5VVB1MlV4NklwS21kby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjlBREEvRkYzMjAxQ0VBNkIyMTFFOThEMkIxODYwQzRGOUFFMDIvQkJFMDc1QzY5
MDY5MTFFRjk3RkEwRDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLWv0wDQYJKoZIhvcNAQELBQADggEBAChhmVOofKAQsBUe
foa5oLwIjGb2yJRzm5uwNRRYEVdCskvl9c56crnWmS9NYurrsHXYPW2fHvRpluWM
aDpuAvr6KEvOx7g/GEGO7Sc375a3FtuUIF/OE7Fj+gpW2YH8SKjbNUzbP4WWWyFP
5K3DxYg8Z1Jigpy1pXqsYqeYnlunuOrwzFUgt0LNBymSG41dXFsgqUDd/zjEd1W2
iyaiBHExFEiN2Wb2wZTOE2uTakS4kpS85lLSYDZ4kvJTrDGtMhp8YRkhO6A5+sPU
xp8BflcrWLj6QossCJ7ZCsg4fc5VMskyS+sQq0gFgAm5gnfOelkFATJQNEu+as0q
7wkH3Gw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:58:06 2025 by rpki-client