Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B2483AB0DDFF11EF83C37B82C4F9AE02.roa
File: B2483AB0DDFF11EF83C37B82C4F9AE02.roa (raw, json)
Hash identifier: GiG4kJ3TqWGlqgshIWNtUHg/7mQg1ISwmMR14eqBRAE=
Subject key identifier: 64:D6:E7:65:00:B1:FC:0B:B8:11:BE:14:3C:6A:96:16:38:E8:1B:1B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A443
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B2483AB0DDFF11EF83C37B82C4F9AE02.roa
Signing time: Fri 31 Jan 2025 05:13:57 +0000
ROA not before: Fri 31 Jan 2025 05:13:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153276
IP address blocks: 163.61.20.0/23 maxlen: 24
2401:eb20::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42051 (0xa443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 31 05:13:57 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679c5c15-5312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:b5:7e:35:55:fd:de:25:e6:90:f1:8d:8d:
e2:1a:a0:48:33:77:13:5b:59:cd:02:5a:67:4c:4c:
8a:68:3f:05:29:97:27:b0:90:6e:be:3d:76:bb:84:
1d:a7:5c:84:54:15:e8:db:df:ba:6b:2d:17:85:bc:
59:77:c1:41:69:6c:d2:6e:83:94:ad:d7:c1:15:45:
73:b2:ef:92:9c:80:68:bc:94:04:66:23:4c:6a:41:
19:4f:8c:34:cb:69:1c:25:e2:73:02:9b:44:8a:5d:
9d:1d:38:bd:7d:cb:71:e4:c9:a6:2a:65:52:57:8a:
5f:c8:fd:0c:17:1a:42:e4:14:f0:7b:09:6e:d4:33:
bd:15:46:42:87:10:26:2d:a4:ac:46:fb:94:e2:30:
40:8c:c9:ff:5b:19:8c:df:be:50:42:c4:4b:e7:ac:
43:0e:f6:6d:81:58:35:be:92:00:72:c0:00:7a:46:
90:22:c4:e7:84:be:ff:e6:bf:01:36:6f:16:8c:8f:
cf:f5:c6:e1:43:08:4f:0f:36:c0:03:33:78:c0:47:
d9:53:b0:b6:fb:ce:cc:2f:b2:f6:ca:c8:96:56:74:
9c:05:ae:2a:a2:96:78:af:d4:a1:3f:ed:d2:6d:95:
e8:ee:64:0e:06:16:06:8e:b6:7e:34:0e:7b:33:d0:
d9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D6:E7:65:00:B1:FC:0B:B8:11:BE:14:3C:6A:96:16:38:E8:1B:1B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B2483AB0DDFF11EF83C37B82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.20.0/23
IPv6:
2401:eb20::/32
Signature Algorithm: sha256WithRSAEncryption
09:cb:ed:13:a2:2f:20:23:da:3e:8e:a9:c6:73:a6:5d:eb:96:
a7:f9:3d:cf:47:85:c1:bc:fb:e9:19:d4:4d:df:1b:f1:81:9f:
e5:fe:d5:ca:f7:a4:70:5b:02:08:32:08:bb:e2:86:27:23:8e:
47:29:07:ec:48:50:b5:b6:78:32:a9:0a:b4:01:2e:cd:8a:25:
88:36:8f:a7:b5:b1:4e:75:8f:d0:92:00:91:73:58:3b:13:65:
ad:df:4d:ec:ee:15:17:5a:5b:52:ec:0b:ed:85:e3:db:62:78:
59:99:6f:99:51:03:df:70:a7:81:52:89:ce:b6:ec:31:4d:d8:
9b:9c:99:8c:4b:80:54:4d:c0:18:4f:5c:64:1a:a5:0c:4d:2e:
16:d3:fd:5e:09:88:39:99:aa:35:25:46:dd:3f:79:a8:fb:21:
85:cd:d4:a0:ee:a5:ac:94:ca:5d:f3:2f:35:c3:89:d1:ff:a2:
28:e3:c7:82:c3:ef:d3:1a:89:a2:f2:3e:d6:f7:04:1d:9d:0c:
40:ce:c7:55:a8:9f:78:74:c4:1d:66:a3:44:88:7b:a5:f5:33:
2f:25:53:f5:9a:4e:3a:d5:af:ec:e1:f0:7b:89:52:6b:a4:a6:
65:da:65:69:6e:66:4a:fd:f1:f3:d6:d5:14:a3:7a:d3:cd:49:
0a:1a:82:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKRDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEzMTA1MTM1N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc5YzVjMTUtNTMxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa5tX41Vf3eJeaQ8Y2N4hqgSDN3E1tZzQJaZ0xMimg/BSmXJ7CQbr49druE
HadchFQV6NvfumstF4W8WXfBQWls0m6DlK3XwRVFc7LvkpyAaLyUBGYjTGpBGU+M
NMtpHCXicwKbRIpdnR04vX3LceTJpiplUleKX8j9DBcaQuQU8HsJbtQzvRVGQocQ
Ji2krEb7lOIwQIzJ/1sZjN++UELES+esQw72bYFYNb6SAHLAAHpGkCLE54S+/+a/
ATZvFoyPz/XG4UMITw82wAMzeMBH2VOwtvvOzC+y9srIllZ0nAWuKqKWeK/UoT/t
0m2V6O5kDgYWBo62fjQOezPQ2eECAwEAAaOCAqQwggKgMB0GA1UdDgQWBBRk1udl
ALH8C7gRvhQ8apYWOOgbGzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0IyNDgzQUIw
RERGRjExRUY4M0MzN0I4MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMC4GCCsGAQUFBwEHAQH/
BB8wHTAMBAIAATAGAwQBoz0UMA0EAgACMAcDBQAkAesgMA0GCSqGSIb3DQEBCwUA
A4IBAQAJy+0Toi8gI9o+jqnGc6Zd65an+T3PR4XBvPvpGdRN3xvxgZ/l/tXK96Rw
WwIIMgi74oYnI45HKQfsSFC1tngyqQq0AS7NiiWINo+ntbFOdY/QkgCRc1g7E2Wt
303s7hUXWltS7AvthePbYnhZmW+ZUQPfcKeBUonOtuwxTdibnJmMS4BUTcAYT1xk
GqUMTS4W0/1eCYg5mao1JUbdP3mo+yGFzdSg7qWslMpd8y81w4nR/6Io48eCw+/T
Gomi8j7W9wQdnQxAzsdVqJ94dMQdZqNEiHul9TMvJVP1mk461a/s4fB7iVJrpKZl
2mVpbmZK/fHz1tUUo3rTzUkKGoLn
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:23 2025 by rpki-client