Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/8BA504FCB27911EB978CE10AC4F9AE02.roa
File: 8BA504FCB27911EB978CE10AC4F9AE02.roa (raw, json)
Hash identifier: I8Ss/Oj3Q9umSrFxZnObaXQe/cu017hGcC027pv/vs8=
Subject key identifier: DA:5D:59:35:4E:21:4B:90:9F:23:52:27:F2:98:62:86:9D:BB:22:97
Certificate issuer: /CN=A9186D83/serialNumber=BBE29490446D6870765B4E61D7EB9B22C6004638
Certificate serial: 0BD3
Authority key identifier: BB:E2:94:90:44:6D:68:70:76:5B:4E:61:D7:EB:9B:22:C6:00:46:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-KUkERtaHB2W05h1-ubIsYARjg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/8BA504FCB27911EB978CE10AC4F9AE02.roa
Signing time: Tue 30 Jul 2024 19:16:42 +0000
ROA not before: Tue 30 Jul 2024 19:16:42 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136908
IP address blocks: 45.121.32.0/22 maxlen: 24
103.96.244.0/22 maxlen: 24
2401:7f40::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3027 (0xbd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186D83
Validity
Not Before: Jul 30 19:16:42 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a93c19-b149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8a:b7:c1:f4:ed:17:b5:7d:24:43:22:29:d0:
08:b3:fd:fe:84:69:28:3f:33:22:a1:75:0c:18:74:
1c:ea:6b:11:eb:b8:f9:dd:31:72:81:ef:c5:13:5f:
5b:ac:b8:c7:7f:29:ec:ae:ee:cf:43:58:d5:7a:ff:
3d:7b:9d:b1:be:f7:3c:0a:19:b5:98:39:f7:32:dc:
16:6f:3b:fe:2b:e2:7f:8b:cc:df:b8:b0:d5:d1:5f:
82:ed:94:99:82:ca:18:0c:97:23:6c:47:3f:38:49:
1c:58:15:85:62:25:5e:74:da:87:aa:e9:35:c6:b8:
3f:fb:d7:ff:aa:09:37:62:b5:a9:e7:0c:f2:92:4b:
61:fc:b9:02:d5:8f:38:64:2f:0b:e7:42:9d:5a:28:
ac:4d:7c:b6:a6:a4:13:05:30:06:e0:d7:32:96:72:
37:ab:b5:46:70:6d:36:7d:e2:b7:b4:62:04:48:9a:
78:12:26:6d:e7:02:f4:0b:ef:eb:78:1f:a1:1f:e9:
01:93:a5:b6:4f:4f:23:40:34:ae:eb:20:82:ac:50:
36:8e:87:bc:20:88:f5:4a:5f:50:82:12:f3:4a:ad:
17:4e:b1:04:fe:3f:af:a9:3e:9f:1d:6b:89:11:71:
e0:c0:be:b3:01:cf:c0:b2:29:10:85:f5:45:48:42:
74:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5D:59:35:4E:21:4B:90:9F:23:52:27:F2:98:62:86:9D:BB:22:97
X509v3 Authority Key Identifier:
keyid:BB:E2:94:90:44:6D:68:70:76:5B:4E:61:D7:EB:9B:22:C6:00:46:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/u-KUkERtaHB2W05h1-ubIsYARjg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-KUkERtaHB2W05h1-ubIsYARjg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/8BA504FCB27911EB978CE10AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.32.0/22
103.96.244.0/22
IPv6:
2401:7f40::/32
Signature Algorithm: sha256WithRSAEncryption
da:ac:0c:1a:cf:d9:cc:30:cf:59:3d:40:93:b7:ff:15:41:bf:
48:c8:03:93:1c:e6:6b:62:3c:01:83:ab:1b:b8:3f:e2:f3:e1:
7b:f8:4d:b5:e9:49:17:fe:26:83:ec:80:72:ae:32:4c:11:76:
54:c1:17:60:34:e1:49:8a:d3:f5:79:3d:43:23:00:1f:83:97:
8b:e2:53:35:9a:16:cd:4d:cf:b9:e8:cd:69:06:96:e5:6f:06:
6c:5b:8c:99:eb:42:e1:ec:af:ee:87:ba:a4:3d:ae:de:46:a0:
d0:d2:a6:44:e3:4c:4e:ff:03:16:b9:59:7b:29:25:8c:dd:1b:
f4:84:31:3e:77:17:0d:b6:a4:66:87:31:e6:5d:23:20:9d:49:
f8:27:36:3e:61:80:89:40:be:88:9f:32:cf:b5:7c:1c:aa:ea:
4d:c9:f1:ef:af:c3:39:5e:67:8b:8a:11:90:73:67:6b:ba:1d:
1b:c2:80:53:3c:a4:39:b9:45:19:74:08:6e:69:10:80:21:52:
43:5e:02:86:9b:35:fb:f9:3b:68:bd:f7:62:31:8b:ed:13:4b:
ec:48:cb:9f:1e:b9:9d:1b:ce:91:33:d6:83:1a:69:8a:3a:a3:
f6:8b:6b:f3:e9:fe:48:d1:55:ef:f5:42:28:aa:d5:6b:7f:8b:
32:a3:d1:39
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC9MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZEODMxMTAvBgNVBAUTKEJCRTI5NDkwNDQ2RDY4NzA3NjVCNEU2MUQ3RUI5QjIy
QzYwMDQ2MzgwHhcNMjQwNzMwMTkxNjQyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5M2MxOS1iMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzYq3wfTtF7V9JEMiKdAIs/3+hGkoPzMioXUMGHQc6msR67j53TFyge/FE19b
rLjHfynsru7PQ1jVev89e52xvvc8Chm1mDn3MtwWbzv+K+J/i8zfuLDV0V+C7ZSZ
gsoYDJcjbEc/OEkcWBWFYiVedNqHquk1xrg/+9f/qgk3YrWp5wzykkth/LkC1Y84
ZC8L50KdWiisTXy2pqQTBTAG4NcylnI3q7VGcG02feK3tGIESJp4EiZt5wL0C+/r
eB+hH+kBk6W2T08jQDSu6yCCrFA2joe8IIj1Sl9QghLzSq0XTrEE/j+vqT6fHWuJ
EXHgwL6zAc/AsikQhfVFSEJ00wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNpdWTVO
IUuQnyNSJ/KYYoaduyKXMB8GA1UdIwQYMBaAFLvilJBEbWhwdltOYdfrmyLGAEY4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkQ4My8xNDk3NDdCRTA2
MkExMUVBOEM5QTc0NDRDNEY5QUUwMi91LUtVa0VSdGFIQjJXMDVoMS11YklzWUFS
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UtS1VrRVJ0YUhCMlcwNWgxLXViSXNZQVJqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZEODMvMTQ5NzQ3QkUwNjJBMTFFQThDOUE3NDQ0QzRGOUFFMDIvOEJBNTA0RkNC
Mjc5MTFFQjk3OENFMTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIteSADBAJnYPQwDQQCAAIwBwMFACQBf0AwDQYJKoZIhvcN
AQELBQADggEBANqsDBrP2cwwz1k9QJO3/xVBv0jIA5Mc5mtiPAGDqxu4P+Lz4Xv4
TbXpSRf+JoPsgHKuMkwRdlTBF2A04UmK0/V5PUMjAB+Dl4viUzWaFs1Nz7nozWkG
luVvBmxbjJnrQuHsr+6HuqQ9rt5GoNDSpkTjTE7/Axa5WXspJYzdG/SEMT53Fw22
pGaHMeZdIyCdSfgnNj5hgIlAvoifMs+1fByq6k3J8e+vwzleZ4uKEZBzZ2u6HRvC
gFM8pDm5RRl0CG5pEIAhUkNeAoabNfv5O2i992Ixi+0TS+xIy58euZ0bzpEz1oMa
aYo6o/aLa/Pp/kjRVe/1Qiiq1Wt/izKj0Tk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:03 2025 by rpki-client