Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/874FF53EFD3011EDA352373FC4F9AE02.roa
File: 874FF53EFD3011EDA352373FC4F9AE02.roa (raw, json)
Hash identifier: 4xPAkE7ERWvqZ7T4X6P3V9Bro/QZjRWWI/d0W3NRhUo=
Subject key identifier: 80:59:05:40:59:6C:CC:04:86:92:CD:FF:C2:05:D7:5F:39:D5:34:96
Certificate issuer: /CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
Certificate serial: 3350
Authority key identifier: 3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/874FF53EFD3011EDA352373FC4F9AE02.roa
Signing time: Sun 28 May 2023 08:20:39 +0000
ROA not before: Sun 28 May 2023 08:20:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 37989
IP address blocks: 203.123.48.0/21 maxlen: 22
203.123.48.0/23 maxlen: 24
203.123.50.0/24 maxlen: 24
203.123.51.0/24 maxlen: 24
203.123.52.0/22 maxlen: 24
2405:fc00::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13136 (0x3350)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171634
Validity
Not Before: May 28 08:20:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64730ed7-a457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a3:3c:2a:44:ab:3b:c9:63:2e:ec:b2:b3:de:
04:48:ae:aa:22:b2:36:e6:42:42:38:ec:50:f1:2c:
10:53:53:f7:40:3d:4d:cc:f4:af:d7:a5:23:6f:58:
55:27:f3:c9:39:60:e2:0c:ac:dc:78:79:cf:22:f1:
e9:50:e0:bc:4f:3d:85:4d:b1:7b:6d:d0:af:91:d0:
14:fa:ee:7c:b2:b0:8f:07:f8:00:76:c9:83:b9:47:
7e:cc:1c:4a:4d:67:86:08:ee:c1:de:f2:79:01:38:
e5:28:40:7b:35:b1:3e:87:9f:c5:b2:e6:45:de:e1:
8c:1e:f0:72:a0:79:18:89:31:d3:bd:03:bc:cd:5b:
88:e2:51:e7:6a:a1:18:1d:df:96:37:92:57:e2:65:
fa:77:86:ff:0e:c3:0c:80:61:07:77:8e:35:3a:dd:
3c:70:22:41:fa:cd:f6:dd:24:fc:0b:c6:a5:06:11:
be:85:4b:0d:51:57:2e:25:4a:0e:e8:b6:21:6b:94:
24:38:73:e4:85:06:c0:7f:29:37:ca:a7:bf:b2:29:
65:05:7a:33:a2:8b:e6:35:00:d7:30:10:9b:d0:96:
20:49:56:09:40:03:bf:e2:33:4f:32:0b:d5:89:cf:
a7:95:f1:a0:3b:09:c3:eb:9d:92:11:ef:89:92:3d:
a7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:59:05:40:59:6C:CC:04:86:92:CD:FF:C2:05:D7:5F:39:D5:34:96
X509v3 Authority Key Identifier:
keyid:3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/874FF53EFD3011EDA352373FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.123.48.0/21
IPv6:
2405:fc00::/32
Signature Algorithm: sha256WithRSAEncryption
0b:ff:d3:6f:c2:44:3b:9d:35:e7:be:69:98:b7:3e:45:ad:ef:
2e:35:a1:7a:bf:a3:95:63:1e:3d:ee:1e:a2:91:09:73:ae:62:
72:76:aa:9a:f6:53:fc:8a:6c:72:68:9c:92:a3:5e:ef:6d:c2:
a9:1b:5f:ff:a3:73:16:8b:46:ef:1d:99:ea:5b:2a:8b:d8:7e:
88:25:79:9b:cc:50:c3:e3:d7:69:66:f2:76:47:ef:27:f5:ac:
ef:5c:3e:a8:6b:34:cb:65:2e:06:42:ce:f6:b3:d4:53:14:7b:
d6:83:5b:5b:b6:e9:f1:ef:cc:d9:5c:d8:c2:5d:14:ce:a6:36:
45:57:92:b7:fe:5e:56:2c:1b:6e:ec:17:8b:4a:6b:f1:5a:9e:
41:30:d3:80:c0:4b:42:3a:ce:ab:09:0d:0a:f8:42:41:39:2c:
8c:2e:b0:a0:bb:b6:db:fe:f1:24:c9:ce:92:f4:7c:54:b8:43:
d6:19:9e:49:79:8a:90:e7:e8:96:a2:16:a9:b9:1a:f3:89:99:
dd:01:3f:89:7e:36:13:2c:c2:f2:1d:a2:5a:fa:77:fa:82:42:
8f:95:e0:f9:c0:28:0b:41:4f:72:03:1f:1f:f6:94:44:ba:78:
a4:ea:65:f0:29:90:10:28:8d:93:1c:dc:06:97:9f:dd:cf:94:
1a:5a:2f:49
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICM1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE2MzQxMTAvBgNVBAUTKDNGQzk3MTI5MkNFOTFBNTkxQThDREZBN0QxQUUwOUNB
NDZFMDNFODcwHhcNMjMwNTI4MDgyMDM5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDczMGVkNy1hNDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4qM8KkSrO8ljLuyys94ESK6qIrI25kJCOOxQ8SwQU1P3QD1NzPSv16Ujb1hV
J/PJOWDiDKzceHnPIvHpUOC8Tz2FTbF7bdCvkdAU+u58srCPB/gAdsmDuUd+zBxK
TWeGCO7B3vJ5ATjlKEB7NbE+h5/FsuZF3uGMHvByoHkYiTHTvQO8zVuI4lHnaqEY
Hd+WN5JX4mX6d4b/DsMMgGEHd441Ot08cCJB+s323ST8C8alBhG+hUsNUVcuJUoO
6LYha5QkOHPkhQbAfyk3yqe/sillBXozoovmNQDXMBCb0JYgSVYJQAO/4jNPMgvV
ic+nlfGgOwnD652SEe+Jkj2nfwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIBZBUBZ
bMwEhpLN/8IF11851TSWMB8GA1UdIwQYMBaAFD/JcSks6RpZGozfp9GuCcpG4D6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTYzNC85NDJCODNCQzFE
OTAxMUUyQTM2MTY2RjAwOEIwMkNEMi9QOGx4S1N6cEdsa2FqTi1uMGE0SnlrYmdQ
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A4bHhLU3pwR2xrYWpOLW4wYTRKeWtiZ1BvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE2MzQvOTQyQjgzQkMxRDkwMTFFMkEzNjE2NkYwMDhCMDJDRDIvODc0RkY1M0VG
RDMwMTFFREEzNTIzNzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAPLezAwDQQCAAIwBwMFACQF/AAwDQYJKoZIhvcNAQELBQAD
ggEBAAv/02/CRDudNee+aZi3PkWt7y41oXq/o5VjHj3uHqKRCXOuYnJ2qpr2U/yK
bHJonJKjXu9twqkbX/+jcxaLRu8dmepbKovYfogleZvMUMPj12lm8nZH7yf1rO9c
PqhrNMtlLgZCzvaz1FMUe9aDW1u26fHvzNlc2MJdFM6mNkVXkrf+XlYsG27sF4tK
a/FankEw04DAS0I6zqsJDQr4QkE5LIwusKC7ttv+8STJzpL0fFS4Q9YZnkl5ipDn
6JaiFqm5GvOJmd0BP4l+NhMswvIdolr6d/qCQo+V4PnAKAtBT3IDHx/2lES6eKTq
ZfApkBAojZMc3AaXn93PlBpaL0k=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:13 2025 by rpki-client