Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D47EDF0CB7D11EC86902478C4F9AE02.roa
File: 9D47EDF0CB7D11EC86902478C4F9AE02.roa (raw, json)
Hash identifier: iUStuR1jqCPFhCMSXhON/oM+cpO4ms4WgUQJzd0x1F0=
Subject key identifier: 15:F1:71:A8:B7:25:E4:25:92:3B:81:62:99:35:F7:54:F2:3D:64:54
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5020
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D47EDF0CB7D11EC86902478C4F9AE02.roa
Signing time: Mon 16 May 2022 04:09:32 +0000
ROA not before: Mon 16 May 2022 04:09:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135184
IP address blocks: 45.124.140.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20512 (0x5020)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 16 04:09:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281ce7b-3b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:48:cb:a5:f7:08:ea:ae:10:14:a1:8a:af:
b7:ae:f2:05:a1:13:cd:0b:47:29:46:5b:5b:d5:f0:
65:14:e0:a9:9d:87:01:9f:16:00:37:de:4a:a6:74:
7c:b1:ed:ff:45:c7:23:70:cb:b4:cc:f6:fa:4a:1f:
e5:6b:1a:7c:d6:b0:c2:34:6e:5d:60:b7:ff:36:40:
47:f4:86:44:e5:70:72:25:c1:06:3e:81:43:b0:ca:
40:78:cb:cb:06:bb:cc:76:38:27:7c:31:15:76:d6:
6a:c1:76:c0:f8:95:98:66:96:1c:f9:ed:1d:a5:7c:
7b:e7:f5:25:02:fb:b9:d7:54:46:d7:b0:d6:ba:a5:
ca:ed:dd:bf:2b:42:59:88:11:95:4f:eb:02:4d:36:
da:99:45:b6:e6:e2:8e:48:26:cc:2e:83:b5:7a:ec:
70:2b:5b:2b:17:db:af:86:b1:62:99:9a:c5:38:06:
a9:40:5c:ff:e2:ca:68:d3:a1:5f:db:54:fc:c0:e3:
dc:cf:ec:07:c5:e4:ee:81:12:ab:ec:88:09:02:46:
6b:0e:07:97:08:18:bf:7f:93:77:60:87:fa:6d:a3:
6b:6c:7d:ad:7b:a2:d6:5b:26:59:2b:0f:a8:93:ae:
c7:0f:b0:e4:7c:e8:0d:5c:8e:fd:19:12:92:b2:bb:
87:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F1:71:A8:B7:25:E4:25:92:3B:81:62:99:35:F7:54:F2:3D:64:54
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D47EDF0CB7D11EC86902478C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.140.0/24
Signature Algorithm: sha256WithRSAEncryption
74:1f:f0:8f:14:8b:af:47:e0:79:b5:a6:3a:04:a9:95:30:f3:
8d:93:bf:e7:ce:2c:7b:06:14:4b:8c:97:da:da:2b:d2:c5:a9:
67:56:7e:64:cd:b6:c7:fb:b2:18:a7:68:a9:4c:a0:0d:70:d2:
a4:bb:41:bb:80:ac:c4:39:51:c2:dd:a5:c9:af:cf:67:69:ea:
0a:bd:f5:1e:f9:7d:1c:6b:20:e5:f1:79:c8:42:11:c8:80:63:
74:2f:fb:bb:57:21:a0:89:60:ad:b3:87:cf:3b:65:f8:d8:17:
74:eb:34:a7:97:6d:46:e5:41:cd:99:ff:ac:97:b6:b7:73:90:
fd:db:e6:01:91:56:f4:bc:37:54:d9:09:59:af:c5:f1:5f:ca:
92:1e:70:07:4c:f5:06:db:26:0b:2e:da:fa:49:98:56:d3:c6:
42:e4:bc:47:e8:02:f0:a0:0e:9d:32:93:32:1c:5e:3c:7b:dc:
e5:19:27:c7:37:91:56:eb:36:f0:e8:e6:2f:4f:d4:6c:ca:69:
ce:8f:16:b9:54:79:f6:7c:a4:74:84:8e:dd:79:72:7a:ac:55:
d3:4f:d1:f0:fe:ad:68:85:df:4f:69:68:14:32:43:67:9f:8a:
bd:48:8b:dc:c5:7f:95:7c:77:41:57:93:82:59:7e:00:98:87:
af:68:ce:01
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICUCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwOTMyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2U3Yi0zYjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtPhIy6X3COquEBShiq+3rvIFoRPNC0cpRltb1fBlFOCpnYcBnxYAN95KpnR8
se3/RccjcMu0zPb6Sh/laxp81rDCNG5dYLf/NkBH9IZE5XByJcEGPoFDsMpAeMvL
BrvMdjgnfDEVdtZqwXbA+JWYZpYc+e0dpXx75/UlAvu511RG17DWuqXK7d2/K0JZ
iBGVT+sCTTbamUW25uKOSCbMLoO1euxwK1srF9uvhrFimZrFOAapQFz/4spo06Ff
21T8wOPcz+wHxeTugRKr7IgJAkZrDgeXCBi/f5N3YIf6baNrbH2te6LWWyZZKw+o
k67HD7DkfOgNXI79GRKSsruHTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBXxcai3
JeQlkjuBYpk191TyPWRUMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOUQ0N0VERjBD
QjdEMTFFQzg2OTAyNDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAtfIwwDQYJKoZIhvcNAQELBQADggEBAHQf8I8Ui69H4Hm1
pjoEqZUw842Tv+fOLHsGFEuMl9raK9LFqWdWfmTNtsf7shinaKlMoA1w0qS7QbuA
rMQ5UcLdpcmvz2dp6gq99R75fRxrIOXxechCEciAY3Qv+7tXIaCJYK2zh887ZfjY
F3TrNKeXbUblQc2Z/6yXtrdzkP3b5gGRVvS8N1TZCVmvxfFfypIecAdM9QbbJgsu
2vpJmFbTxkLkvEfoAvCgDp0ykzIcXjx73OUZJ8c3kVbrNvDo5i9P1GzKac6PFrlU
efZ8pHSEjt15cnqsVdNP0fD+rWiF309paBQyQ2efir1Ii9zFf5V8d0FXk4JZfgCY
h69ozgE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:15:10 2025 by rpki-client