Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa
File: AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa (raw, json)
Hash identifier: LFZEMiEZWVGVhw073oJZ6a3acteubVePOhbEcX4Y/2o=
Subject key identifier: BB:79:C7:30:B0:4B:F1:7F:16:77:01:0F:63:6F:CC:E8:B2:68:A0:7D
Certificate issuer: /CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
Certificate serial: 3447
Authority key identifier: 3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa
Signing time: Thu 22 Aug 2024 10:17:08 +0000
ROA not before: Thu 22 Aug 2024 10:17:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153305
IP address blocks: 203.123.53.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13383 (0x3447)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171634
Validity
Not Before: Aug 22 10:17:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66c71023-9071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:db:32:a7:a0:6f:67:4e:a1:2b:b0:c2:eb:87:
3b:6d:03:b1:c0:fe:16:e2:ac:f3:87:69:99:ac:85:
37:fb:57:b9:70:35:ae:f5:31:98:e0:53:e8:e9:6c:
a7:ba:85:8b:4d:c2:fd:ec:06:c3:f5:ff:69:f8:bc:
19:f1:35:28:64:c0:f2:95:2a:5d:6d:b0:c6:73:e0:
13:63:aa:ff:26:e4:07:d1:8b:66:0d:3e:44:34:49:
ce:ff:75:91:ab:5d:5c:b7:3a:39:96:e5:12:ba:70:
5a:f8:f0:e8:b6:ab:18:94:4e:b7:7f:3c:ea:81:af:
54:9d:19:02:34:c0:ca:03:c8:7c:6d:9c:0a:b0:24:
50:d8:78:66:11:00:31:5e:bd:7b:30:96:ff:73:37:
a5:9a:58:ac:99:b2:64:c7:d1:69:96:5f:47:98:5f:
3a:90:ce:a7:79:e5:5e:42:bf:a5:95:53:e9:b3:f4:
db:57:3f:3c:df:39:76:72:04:b8:63:08:7e:45:62:
be:9e:d2:3a:51:34:15:2a:fd:ef:1b:93:74:d0:27:
27:b7:03:7d:a6:54:53:19:07:39:49:b0:03:56:f1:
f3:56:4c:39:86:fe:7b:09:93:2f:47:d9:35:e6:fe:
ba:b5:c6:a5:a4:a1:a4:78:0d:64:d3:e6:01:80:51:
9f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:79:C7:30:B0:4B:F1:7F:16:77:01:0F:63:6F:CC:E8:B2:68:A0:7D
X509v3 Authority Key Identifier:
keyid:3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.123.53.0/24
Signature Algorithm: sha256WithRSAEncryption
61:8a:0e:92:af:0f:ef:3b:c2:d9:69:e5:4e:67:92:24:0b:07:
3f:a3:09:9d:98:99:f2:1b:52:16:35:cd:b3:e0:a3:07:45:f6:
f2:74:d3:f8:d7:8c:8f:ef:68:0b:18:15:0f:4e:c5:71:12:1d:
73:be:6e:f8:ee:63:27:52:6a:fd:c8:8f:6d:21:3f:b0:54:d6:
96:0a:78:eb:e7:cb:e5:c2:31:b1:84:36:ce:41:70:85:9f:43:
d0:96:de:7c:a0:73:f0:a5:14:17:80:87:3e:c5:9d:62:25:a8:
67:ab:8a:df:09:87:bd:ac:5d:8b:56:eb:7c:bd:4f:09:e4:9b:
5c:14:1f:4d:8c:a6:a7:1d:82:cf:58:d2:4a:f0:46:48:c5:93:
d3:fd:98:2c:9c:0d:ab:32:38:3c:1c:6c:d2:d9:75:11:63:4b:
56:01:ea:e4:59:7e:47:53:b4:80:69:f8:56:f4:5d:67:9e:f3:
9c:b0:b8:84:41:73:f7:22:0e:2f:c3:e1:e8:59:b5:89:8b:44:
dc:9f:5b:d4:3b:db:9b:93:ac:0f:20:ff:b8:db:90:b4:10:90:
18:e7:fe:46:2f:fd:6f:2a:0e:f5:49:03:cd:23:11:8c:48:4d:
7e:eb:3e:95:12:0e:46:d2:a7:4e:4f:bd:78:8c:e2:a4:7b:05:
f3:5c:57:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNEcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE2MzQxMTAvBgNVBAUTKDNGQzk3MTI5MkNFOTFBNTkxQThDREZBN0QxQUUwOUNB
NDZFMDNFODcwHhcNMjQwODIyMTAxNzA4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM3MTAyMy05MDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAptsyp6BvZ06hK7DC64c7bQOxwP4W4qzzh2mZrIU3+1e5cDWu9TGY4FPo6Wyn
uoWLTcL97AbD9f9p+LwZ8TUoZMDylSpdbbDGc+ATY6r/JuQH0YtmDT5ENEnO/3WR
q11ctzo5luUSunBa+PDotqsYlE63fzzqga9UnRkCNMDKA8h8bZwKsCRQ2HhmEQAx
Xr17MJb/czelmlismbJkx9Fpll9HmF86kM6neeVeQr+llVPps/TbVz883zl2cgS4
Ywh+RWK+ntI6UTQVKv3vG5N00CcntwN9plRTGQc5SbADVvHzVkw5hv57CZMvR9k1
5v66tcalpKGkeA1k0+YBgFGfBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLt5xzCw
S/F/FncBD2NvzOiyaKB9MB8GA1UdIwQYMBaAFD/JcSks6RpZGozfp9GuCcpG4D6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTYzNC85NDJCODNCQzFE
OTAxMUUyQTM2MTY2RjAwOEIwMkNEMi9QOGx4S1N6cEdsa2FqTi1uMGE0SnlrYmdQ
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A4bHhLU3pwR2xrYWpOLW4wYTRKeWtiZ1BvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE2MzQvOTQyQjgzQkMxRDkwMTFFMkEzNjE2NkYwMDhCMDJDRDIvQUZBNENGM0U2
MDZGMTFFRkI5RkNDQzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLezUwDQYJKoZIhvcNAQELBQADggEBAGGKDpKvD+87wtlp
5U5nkiQLBz+jCZ2YmfIbUhY1zbPgowdF9vJ00/jXjI/vaAsYFQ9OxXESHXO+bvju
YydSav3Ij20hP7BU1pYKeOvny+XCMbGENs5BcIWfQ9CW3nygc/ClFBeAhz7FnWIl
qGerit8Jh72sXYtW63y9Twnkm1wUH02Mpqcdgs9Y0krwRkjFk9P9mCycDasyODwc
bNLZdRFjS1YB6uRZfkdTtIBp+Fb0XWee85ywuIRBc/ciDi/D4ehZtYmLRNyfW9Q7
25uTrA8g/7jbkLQQkBjn/kYv/W8qDvVJA80jEYxITX7rPpUSDkbSp05PvXiM4qR7
BfNcV4c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:17:38 2025 by rpki-client