Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9181EAA/8828D0F4BB7711E695636338C4F9AE02/14FFD39467BE11E8910CB13EC4F9AE02.roa
File: 14FFD39467BE11E8910CB13EC4F9AE02.roa (raw, json)
Hash identifier: QR4V+G44HNdHIrjfSi80Dwbdarxdiad903tEFHxOmOc=
Subject key identifier: CD:C9:6E:40:6B:F5:F1:B1:9C:E1:66:7F:BF:F3:42:82:E6:03:AE:04
Certificate issuer: /CN=A9181EAA/serialNumber=673D05549D4134D0AC355DD9B650DF3C1C68AA5D
Certificate serial: 1CCE
Authority key identifier: 67:3D:05:54:9D:41:34:D0:AC:35:5D:D9:B6:50:DF:3C:1C:68:AA:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zz0FVJ1BNNCsNV3ZtlDfPBxoql0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9181EAA/8828D0F4BB7711E695636338C4F9AE02/14FFD39467BE11E8910CB13EC4F9AE02.roa
Signing time: Wed 08 Jan 2025 16:33:44 +0000
ROA not before: Wed 08 Jan 2025 16:33:44 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9988
IP address blocks: 45.112.176.0/22 maxlen: 24
103.52.12.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7374 (0x1cce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9181EAA
Validity
Not Before: Jan 8 16:33:44 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677ea8e8-418b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:04:d8:26:54:b9:d4:38:11:54:ec:ef:2d:8f:
5c:77:4a:b2:3d:e9:e4:93:c5:d2:9d:39:37:20:e2:
c9:32:20:0a:c4:6b:14:78:31:53:3f:93:f3:2f:71:
19:76:09:5e:38:c3:62:ea:4d:af:c0:38:21:29:73:
ff:9f:35:17:33:39:d6:97:da:30:b4:ea:58:69:61:
ff:53:ae:fa:7b:17:3c:97:82:dd:49:ce:14:bd:6e:
79:cc:76:9d:48:e1:c5:a6:18:04:f9:95:35:7d:b6:
ea:d9:2b:cc:ec:b9:51:91:4f:84:25:cf:2a:f2:ee:
d2:2c:f5:85:cc:ce:b7:be:af:91:84:af:ce:77:ba:
dd:74:27:50:1f:f2:05:e7:8f:51:87:a3:d3:db:a6:
37:e0:d1:78:9d:1e:49:a4:57:43:5b:aa:d4:0b:18:
24:4e:52:de:01:25:d6:6e:42:3e:27:47:99:f2:9d:
e9:f3:ce:de:16:65:c9:6a:c0:30:4e:af:2b:c2:80:
01:e5:76:88:30:1c:f5:7a:49:18:8d:c3:a9:c8:ba:
95:07:34:1f:7c:01:ae:0e:5d:ad:40:1c:2f:79:81:
2b:64:2a:8d:7d:de:09:51:07:a1:7b:dd:9b:a2:df:
6c:01:df:d4:83:79:37:c2:c8:0d:c9:93:03:75:f3:
e0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C9:6E:40:6B:F5:F1:B1:9C:E1:66:7F:BF:F3:42:82:E6:03:AE:04
X509v3 Authority Key Identifier:
keyid:67:3D:05:54:9D:41:34:D0:AC:35:5D:D9:B6:50:DF:3C:1C:68:AA:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9181EAA/8828D0F4BB7711E695636338C4F9AE02/Zz0FVJ1BNNCsNV3ZtlDfPBxoql0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zz0FVJ1BNNCsNV3ZtlDfPBxoql0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9181EAA/8828D0F4BB7711E695636338C4F9AE02/14FFD39467BE11E8910CB13EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.176.0/22
103.52.12.0/22
Signature Algorithm: sha256WithRSAEncryption
10:73:2e:63:0c:b3:df:ce:cf:f7:77:6d:71:34:33:3c:16:55:
53:b9:73:c5:60:4e:42:4d:fe:a7:bc:82:50:ae:95:00:d7:89:
31:8c:46:ad:bb:30:71:a0:c9:2c:c8:48:e9:f5:f1:82:b0:51:
f8:f5:37:ab:9f:ca:ec:0d:b7:41:03:21:ac:0b:35:ce:92:03:
fa:96:54:01:81:6d:c2:3d:08:ca:9d:f1:ad:f0:ed:a1:3d:90:
dc:a9:42:46:a1:e7:bb:be:eb:46:4e:e5:66:a1:60:c8:6c:b5:
a0:a9:1f:ad:4c:67:17:77:23:6d:7e:45:9d:c0:4a:61:64:a6:
a1:44:71:8d:ed:87:13:e0:ef:cf:17:51:c4:43:9e:60:7a:02:
46:d5:5c:7f:46:cf:6a:9c:f5:5d:1e:4c:8d:43:8c:98:13:b2:
70:84:f7:87:ed:0c:7b:d4:24:76:58:f2:96:e7:a5:9e:95:87:
e3:18:77:95:5f:0b:fd:a0:f1:db:31:34:80:f9:75:9b:fb:16:
67:60:2b:e0:b1:fe:72:95:25:65:f2:a0:90:4c:90:4e:ca:17:
03:9e:82:66:50:b8:c4:72:dc:d4:ad:3a:3d:86:e5:20:29:47:
a3:33:a1:9b:25:dc:cf:fd:d9:fc:48:26:a0:12:42:ed:1f:82:
27:d4:34:3d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICHM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODFFQUExMTAvBgNVBAUTKDY3M0QwNTU0OUQ0MTM0RDBBQzM1NUREOUI2NTBERjND
MUM2OEFBNUQwHhcNMjUwMTA4MTYzMzQ0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlYThlOC00MThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzATYJlS51DgRVOzvLY9cd0qyPenkk8XSnTk3IOLJMiAKxGsUeDFTP5PzL3EZ
dgleOMNi6k2vwDghKXP/nzUXMznWl9owtOpYaWH/U676exc8l4LdSc4UvW55zHad
SOHFphgE+ZU1fbbq2SvM7LlRkU+EJc8q8u7SLPWFzM63vq+RhK/Od7rddCdQH/IF
549Rh6PT26Y34NF4nR5JpFdDW6rUCxgkTlLeASXWbkI+J0eZ8p3p887eFmXJasAw
Tq8rwoAB5XaIMBz1ekkYjcOpyLqVBzQffAGuDl2tQBwveYErZCqNfd4JUQehe92b
ot9sAd/Ug3k3wsgNyZMDdfPg1QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM3JbkBr
9fGxnOFmf7/zQoLmA64EMB8GA1UdIwQYMBaAFGc9BVSdQTTQrDVd2bZQ3zwcaKpd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MUVBQS84ODI4RDBGNEJC
NzcxMUU2OTU2MzYzMzhDNEY5QUUwMi9aejBGVkoxQk5OQ3NOVjNadGxEZlBCeG9x
bDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p6MEZWSjFCTk5Dc05WM1p0bERmUEJ4b3FsMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODFFQUEvODgyOEQwRjRCQjc3MTFFNjk1NjM2MzM4QzRGOUFFMDIvMTRGRkQzOTQ2
N0JFMTFFODkxMENCMTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItcLADBAJnNAwwDQYJKoZIhvcNAQELBQADggEBABBzLmMM
s9/Oz/d3bXE0MzwWVVO5c8VgTkJN/qe8glCulQDXiTGMRq27MHGgySzISOn18YKw
Ufj1N6ufyuwNt0EDIawLNc6SA/qWVAGBbcI9CMqd8a3w7aE9kNypQkah57u+60ZO
5WahYMhstaCpH61MZxd3I21+RZ3ASmFkpqFEcY3thxPg788XUcRDnmB6AkbVXH9G
z2qc9V0eTI1DjJgTsnCE94ftDHvUJHZY8pbnpZ6Vh+MYd5VfC/2g8dsxNID5dZv7
FmdgK+Cx/nKVJWXyoJBMkE7KFwOegmZQuMRy3NStOj2G5SApR6MzoZsl3M/92fxI
JqASQu0fgifUND0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:21:43 2025 by rpki-client