Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/5997A6A624E011EDAEC0E529C4F9AE02.roa
File: 5997A6A624E011EDAEC0E529C4F9AE02.roa (raw, json)
Hash identifier: 264WZ0f5FSYRLcE55bzQKj/lfReOWZZQL9W6/+XrL50=
Subject key identifier: 0F:B7:F4:A8:DE:AC:F1:29:FE:D7:43:FA:1A:0B:F9:71:F1:80:36:15
Certificate issuer: /CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7
Certificate serial: 042D
Authority key identifier: 3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/5997A6A624E011EDAEC0E529C4F9AE02.roa
Signing time: Wed 15 Jan 2025 00:03:26 +0000
ROA not before: Wed 15 Jan 2025 00:03:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 210542
IP address blocks: 2400:3e20:2000::/36 maxlen: 36
2400:3e20:3000::/36 maxlen: 36
2400:3e20:e000::/36 maxlen: 36
2400:3e20:f000::/36 maxlen: 36
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1069 (0x42d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170E11
Validity
Not Before: Jan 15 00:03:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786fb4e-9658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:00:19:da:08:85:0a:20:d0:fe:1c:cd:44:
5a:5e:f8:fc:dd:64:0e:95:b3:7a:2e:a0:5f:90:e5:
c8:23:b2:ef:5c:ba:30:5a:32:4d:cf:eb:70:5e:88:
16:e2:4d:00:df:f1:22:65:f6:fd:e5:b2:09:0d:0f:
8d:4f:1f:72:02:a1:04:b8:6c:d5:f1:a9:3d:d0:27:
92:c0:df:27:ab:87:ef:81:da:57:ba:07:82:c7:6f:
20:81:40:14:0b:64:0f:4f:83:5c:0e:37:fe:c0:1e:
9b:13:f9:0d:bf:b4:25:9f:25:3e:3c:a7:8e:8c:3a:
01:53:28:ee:dc:df:47:ae:21:a3:30:da:52:ab:db:
15:ae:96:a0:c7:44:b8:37:94:48:bb:0e:bc:5f:c9:
f2:04:c5:2b:e6:fa:e4:0c:90:f8:f0:fa:9d:59:06:
d1:b4:62:b5:12:4c:e8:a4:a1:db:d2:50:59:ea:09:
00:3f:c3:23:1d:89:f4:9b:4c:3f:3f:1c:94:d1:61:
f9:c4:f4:15:89:e9:f3:b6:0b:f4:63:8d:8d:79:6c:
e6:9f:51:ab:ea:df:30:4c:6f:06:ea:61:38:a9:2c:
ce:b2:82:26:b8:fa:76:cc:84:63:79:c0:e8:80:87:
b0:80:2b:a1:99:68:f7:9f:fb:9c:e3:5c:88:3c:e9:
3d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B7:F4:A8:DE:AC:F1:29:FE:D7:43:FA:1A:0B:F9:71:F1:80:36:15
X509v3 Authority Key Identifier:
keyid:3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/5997A6A624E011EDAEC0E529C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:3e20:2000::/35
2400:3e20:e000::/35
Signature Algorithm: sha256WithRSAEncryption
a4:af:32:69:aa:49:b9:7c:c5:b4:3a:7c:e6:9d:97:40:55:3a:
e7:10:d8:05:39:f0:f6:7b:f3:ab:c7:da:bd:88:e7:89:06:81:
b2:45:36:fa:bc:2a:ec:30:13:32:49:ca:c5:58:92:59:74:49:
1f:3c:be:d0:72:ee:09:69:db:70:6e:2a:c0:a8:9a:74:89:25:
14:22:d7:f8:19:e7:bf:1d:33:6d:56:84:4d:a4:2a:09:6b:2a:
52:32:f4:f1:f7:ff:1e:0f:95:01:36:1c:6e:70:e6:f3:40:f8:
ed:16:e9:99:b7:02:da:49:94:52:ed:fd:54:42:a5:2a:44:39:
0c:0b:e7:1b:a1:b0:d6:f9:a9:96:8a:20:03:2c:db:c6:8e:df:
e2:fa:f8:e9:da:9e:b5:be:66:93:39:85:0d:27:8d:20:b8:a0:
1e:65:d0:72:b3:15:0c:21:b5:66:db:b7:c5:52:fa:27:37:92:
da:14:f5:57:b2:4c:e6:ec:35:a6:9a:3c:8f:63:40:6a:8d:12:
be:85:ed:89:23:85:42:06:53:6c:5d:31:91:0b:40:9f:67:90:
29:b2:81:1d:0d:94:b6:f8:1e:76:bb:fe:ae:d0:a3:77:a4:f9:
a0:c1:6a:70:00:aa:d5:eb:47:a0:a1:8e:3f:a0:ad:1a:19:86:
e2:27:84:94
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICBC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBFMTExMTAvBgNVBAUTKDNENjQ0N0Q3Mjk3NDgzMjk0RUNFQ0I4NTNBNUU1MDA5
MzVEMUI4RDcwHhcNMjUwMTE1MDAwMzI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2ZmI0ZS05NjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4sAGdoIhQog0P4czURaXvj83WQOlbN6LqBfkOXII7LvXLowWjJNz+twXogW
4k0A3/EiZfb95bIJDQ+NTx9yAqEEuGzV8ak90CeSwN8nq4fvgdpXugeCx28ggUAU
C2QPT4NcDjf+wB6bE/kNv7QlnyU+PKeOjDoBUyju3N9HriGjMNpSq9sVrpagx0S4
N5RIuw68X8nyBMUr5vrkDJD48PqdWQbRtGK1EkzopKHb0lBZ6gkAP8MjHYn0m0w/
PxyU0WH5xPQVienztgv0Y42NeWzmn1Gr6t8wTG8G6mE4qSzOsoImuPp2zIRjecDo
gIewgCuhmWj3n/uc41yIPOk9pwIDAQABo4ICnzCCApswHQYDVR0OBBYEFA+39Kje
rPEp/tdD+hoL+XHxgDYVMB8GA1UdIwQYMBaAFD1kR9cpdIMpTs7LhTpeUAk10bjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEUxMS9EMDYwQzlCMjVC
RDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi9QV1JIMXlsMGd5bE96c3VGT2w1UUNUWFJ1
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BXUkgxeWwwZ3lsT3pzdUZPbDVRQ1RYUnVOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzBFMTEvRDA2MEM5QjI1QkQ2MTFFQ0FEODMzNjUxQzRGOUFFMDIvNTk5N0E2QTYy
NEUwMTFFREFFQzBFNTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E
GjAYMBYEAgACMBADBgUkAD4gIAMGBSQAPiDgMA0GCSqGSIb3DQEBCwUAA4IBAQCk
rzJpqkm5fMW0OnzmnZdAVTrnENgFOfD2e/Orx9q9iOeJBoGyRTb6vCrsMBMyScrF
WJJZdEkfPL7Qcu4JadtwbirAqJp0iSUUItf4Gee/HTNtVoRNpCoJaypSMvTx9/8e
D5UBNhxucObzQPjtFumZtwLaSZRS7f1UQqUqRDkMC+cbobDW+amWiiADLNvGjt/i
+vjp2p61vmaTOYUNJ40guKAeZdBysxUMIbVm27fFUvonN5LaFPVXskzm7DWmmjyP
Y0BqjRK+he2JI4VCBlNsXTGRC0CfZ5ApsoEdDZS2+B52u/6u0KN3pPmgwWpwAKrV
60egoY4/oK0aGYbiJ4SU
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:16:10 2025 by rpki-client