Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/CB46AC50509111EF9E40402FC4F9AE02.roa
File: CB46AC50509111EF9E40402FC4F9AE02.roa (raw, json)
Hash identifier: ad0J4ZFgNbW6j5IO3p20cgw4SuRj+wZOS+Yi86cuNgg=
Subject key identifier: 1E:6D:16:90:88:E2:3A:7E:B7:10:20:36:5C:78:25:2C:94:B5:47:4C
Certificate issuer: /CN=A917C71E/serialNumber=B59B0566A82A983BDE6DF1C5DE4C582C9BCA8392
Certificate serial: 0BB0
Authority key identifier: B5:9B:05:66:A8:2A:98:3B:DE:6D:F1:C5:DE:4C:58:2C:9B:CA:83:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tZsFZqgqmDvebfHF3kxYLJvKg5I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/CB46AC50509111EF9E40402FC4F9AE02.roa
Signing time: Fri 24 Jan 2025 19:07:58 +0000
ROA not before: Fri 24 Jan 2025 19:07:58 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 4613
IP address blocks: 27.111.16.0/22 maxlen: 24
27.111.20.0/24 maxlen: 24
27.111.21.0/24 maxlen: 24
27.111.22.0/24 maxlen: 24
27.111.23.0/24 maxlen: 24
27.111.24.0/22 maxlen: 22
27.111.24.0/24 maxlen: 24
27.111.25.0/24 maxlen: 24
27.111.26.0/23 maxlen: 24
27.111.28.0/23 maxlen: 24
27.111.30.0/23 maxlen: 24
117.121.224.0/20 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2992 (0xbb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C71E
Validity
Not Before: Jan 24 19:07:58 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6793e50e-923a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:97:62:a1:4f:28:dd:65:b9:3e:6c:6a:a6:
e2:36:9b:d0:3b:53:e3:0d:01:aa:4b:97:f8:de:dc:
83:6d:d0:6c:0b:df:9b:30:bc:b5:75:ed:45:0e:55:
62:ac:4a:2b:0c:0a:6b:bf:ad:d3:11:4e:25:fd:db:
33:58:1c:f0:ea:26:ca:c2:7d:56:c5:04:f1:4b:1b:
5a:14:7b:7b:64:5f:7f:66:4b:0d:52:2b:86:c0:84:
3e:d9:9c:aa:15:3e:6d:fa:3f:66:d0:7d:db:8c:8b:
19:11:ab:5e:b3:ca:14:15:93:3c:54:51:d4:3f:fa:
17:db:0d:84:cc:23:7d:57:40:ba:3a:e6:c7:d3:44:
1c:d0:5d:10:96:be:ed:94:1c:00:91:9e:f6:0b:7f:
84:76:21:13:75:73:a5:41:1a:12:58:64:f8:1b:28:
8e:23:85:8c:75:8f:a5:01:31:7b:dc:d3:6a:f1:b2:
39:3d:0d:31:b0:54:b9:55:43:36:28:53:de:2a:e7:
86:61:e1:b4:4c:5e:be:12:68:b2:d8:6d:76:dc:04:
9f:6d:58:4e:b6:78:73:f3:72:64:b4:e5:50:d6:de:
f8:a3:57:70:d6:a6:fd:cd:12:f8:ca:06:2e:fb:a2:
08:c2:1a:24:a7:cd:bb:cd:a9:0a:bf:21:64:9c:e6:
3c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6D:16:90:88:E2:3A:7E:B7:10:20:36:5C:78:25:2C:94:B5:47:4C
X509v3 Authority Key Identifier:
keyid:B5:9B:05:66:A8:2A:98:3B:DE:6D:F1:C5:DE:4C:58:2C:9B:CA:83:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/tZsFZqgqmDvebfHF3kxYLJvKg5I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tZsFZqgqmDvebfHF3kxYLJvKg5I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/CB46AC50509111EF9E40402FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.16.0/20
117.121.224.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:5b:fe:b9:32:89:4c:80:20:b4:8e:2f:a7:aa:73:40:25:02:
16:d4:11:f5:3d:87:f1:0a:89:11:e0:76:e0:9d:15:0a:b8:e3:
16:15:ca:94:03:0a:37:df:b2:a5:ae:50:98:6b:e5:1e:6f:b1:
c8:bc:0d:43:c0:b3:25:0c:52:97:d4:d7:83:84:9e:d2:96:b5:
ce:59:1d:fe:ee:51:ab:74:f4:78:fc:76:c9:6e:8b:4c:1d:84:
0d:30:28:c1:5a:fb:ff:ab:47:fe:7f:d5:76:53:e6:72:2d:c0:
9d:8c:b6:0c:48:b4:f5:b0:26:bb:cc:69:ef:34:a3:b3:f8:4e:
f5:5c:90:13:00:eb:b4:5e:0c:63:26:ff:ee:67:f2:c7:c2:8a:
66:0a:cf:eb:6f:04:85:58:41:ce:c9:59:d1:14:2e:19:b3:b1:
ee:54:a2:bc:17:95:09:9b:32:1b:6f:e2:d6:30:ba:d1:cb:32:
7c:4c:00:4c:6e:8c:94:4e:50:62:7a:92:ea:44:56:63:55:60:
b5:cf:5f:2a:a4:c6:73:a5:95:c9:03:8a:15:9e:64:b2:16:a2:
2a:93:b7:45:9e:89:3d:44:a8:c1:55:14:ea:5d:ba:7e:24:c7:
6a:8f:e4:a5:21:87:da:fc:46:9d:fc:6f:32:2f:3f:51:04:a4:
09:00:8d:7e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0M3MUUxMTAvBgNVBAUTKEI1OUIwNTY2QTgyQTk4M0JERTZERjFDNURFNEM1ODJD
OUJDQTgzOTIwHhcNMjUwMTI0MTkwNzU4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzZTUwZS05MjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuIKXYqFPKN1luT5saqbiNpvQO1PjDQGqS5f43tyDbdBsC9+bMLy1de1FDlVi
rEorDAprv63TEU4l/dszWBzw6ibKwn1WxQTxSxtaFHt7ZF9/ZksNUiuGwIQ+2Zyq
FT5t+j9m0H3bjIsZEates8oUFZM8VFHUP/oX2w2EzCN9V0C6OubH00Qc0F0Qlr7t
lBwAkZ72C3+EdiETdXOlQRoSWGT4GyiOI4WMdY+lATF73NNq8bI5PQ0xsFS5VUM2
KFPeKueGYeG0TF6+Emiy2G123ASfbVhOtnhz83JktOVQ1t74o1dw1qb9zRL4ygYu
+6IIwhokp827zakKvyFknOY8ewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB5tFpCI
4jp+txAgNlx4JSyUtUdMMB8GA1UdIwQYMBaAFLWbBWaoKpg73m3xxd5MWCybyoOS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzcxRS9DNzhFNEE3MjFD
QTgxMUVBOENCQjQ1NDNDNEY5QUUwMi90WnNGWnFncW1EdmViZkhGM2t4WUxKdktn
NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Rac0ZacWdxbUR2ZWJmSEYza3hZTEp2S2c1SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0M3MUUvQzc4RTRBNzIxQ0E4MTFFQThDQkI0NTQzQzRGOUFFMDIvQ0I0NkFDNTA1
MDkxMTFFRjlFNDA0MDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAQbbxADBAR1eeAwDQYJKoZIhvcNAQELBQADggEBAF5b/rky
iUyAILSOL6eqc0AlAhbUEfU9h/EKiRHgduCdFQq44xYVypQDCjffsqWuUJhr5R5v
sci8DUPAsyUMUpfU14OEntKWtc5ZHf7uUat09Hj8dslui0wdhA0wKMFa+/+rR/5/
1XZT5nItwJ2MtgxItPWwJrvMae80o7P4TvVckBMA67ReDGMm/+5n8sfCimYKz+tv
BIVYQc7JWdEULhmzse5UorwXlQmbMhtv4tYwutHLMnxMAExujJROUGJ6kupEVmNV
YLXPXyqkxnOllckDihWeZLIWoiqTt0WeiT1EqMFVFOpdun4kx2qP5KUhh9r8Rp38
bzIvP1EEpAkAjX4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:02 2025 by rpki-client