Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0E08394FF0511EF8DA37A2DC4F9AE02.roa
File: C0E08394FF0511EF8DA37A2DC4F9AE02.roa (raw, json)
Hash identifier: rmvDJ+3ohCmTeWzr4Tb5NG0PAx1YB5ujzAZ40vZEX1s=
Subject key identifier: 92:78:55:94:9C:14:EF:75:D7:80:41:25:6F:B8:72:26:15:AB:56:2E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AA5D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0E08394FF0511EF8DA37A2DC4F9AE02.roa
Signing time: Wed 12 Mar 2025 05:49:25 +0000
ROA not before: Wed 12 Mar 2025 05:49:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138260
IP address blocks: 2401:2a20::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43613 (0xaa5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 12 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d12065-10eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d6:a1:e4:ec:21:f4:b6:93:54:da:ce:72:26:
61:7c:7c:53:4a:23:49:28:72:79:e8:5f:5f:4f:85:
8f:87:80:55:f4:67:e1:6b:d2:62:1a:42:a2:1e:23:
11:27:e3:04:dd:6d:b7:75:0f:c0:59:ab:f9:be:7a:
8f:0d:99:33:25:c1:cb:dc:79:b9:bf:32:f8:5f:b8:
52:c2:82:6f:8c:00:51:50:cd:a0:9b:b3:85:10:1c:
4b:a9:23:eb:51:8f:0c:5a:e5:8c:ce:8d:93:28:ad:
63:3f:2d:7d:74:c5:75:7e:a4:df:6b:fd:4d:e8:65:
5c:0b:10:84:39:0e:fd:96:e8:11:0a:44:bd:c7:a9:
08:54:86:a8:ae:e9:a8:97:11:57:fd:b8:a3:71:aa:
00:d0:85:92:13:1c:c5:27:37:b3:d7:a7:72:99:47:
b8:71:4b:31:b8:87:ea:ed:de:b6:12:82:6b:71:cf:
a6:8b:1f:cd:08:8a:1e:c0:0e:db:31:d9:3a:bc:6d:
c7:d6:35:30:61:dd:92:6b:2d:97:6e:39:f4:77:bb:
a1:b5:15:2c:e7:92:af:e8:79:92:c4:6b:ff:ec:fd:
6a:d0:5d:43:1e:a0:ad:cc:99:f3:1a:00:b5:9e:6a:
fe:4a:21:f9:e1:90:76:74:e9:f8:52:a3:7f:2d:0c:
70:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:78:55:94:9C:14:EF:75:D7:80:41:25:6F:B8:72:26:15:AB:56:2E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C0E08394FF0511EF8DA37A2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:2a20::/32
Signature Algorithm: sha256WithRSAEncryption
3d:e8:89:26:47:09:ad:74:75:5c:17:f6:d6:29:cc:a4:90:f9:
55:6f:a1:ba:64:1c:ac:fb:fe:27:98:b8:74:e8:50:1f:7b:9b:
eb:a4:65:fd:66:6a:5b:94:ae:19:4b:a1:fb:f1:db:81:bd:fc:
22:c2:95:0c:42:fc:75:45:03:98:2c:7e:04:7f:0a:71:85:1b:
dd:42:7d:79:d9:c1:5e:e6:7e:68:64:ca:f2:5f:23:ae:d2:05:
89:74:60:6a:34:13:f2:f2:fa:c0:63:93:5f:99:71:9b:e6:26:
2a:1e:d5:83:36:22:8d:52:44:36:d0:c2:e4:89:70:e3:56:74:
9b:3c:67:bb:47:68:09:d0:f5:1d:81:09:6f:5a:f0:f9:74:1f:
98:29:cb:b2:f6:4e:2a:87:04:da:3d:c5:11:7c:d2:5b:48:88:
a8:d2:16:e2:b5:8e:ba:ee:37:e9:92:2e:fc:0a:22:77:44:3e:
5d:8b:e8:ef:a1:25:dd:01:b5:de:9c:bc:1a:dc:7d:9c:9f:46:
41:42:79:d3:2c:52:a5:a8:98:4d:02:36:7a:36:04:e2:d9:9f:
8d:2a:74:50:5e:ce:6e:2f:13:38:5a:c1:82:be:36:04:b3:fb:
b7:70:49:4f:5c:3c:ac:86:57:09:b0:c2:14:ed:be:91:a4:77:
61:ca:26:a8
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIDAKpdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMxMjA1NDkyNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkMTIwNjUtMTBlYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjWoeTsIfS2k1TaznImYXx8U0ojSShyeehfX0+Fj4eAVfRn4WvSYhpCoh4j
ESfjBN1tt3UPwFmr+b56jw2ZMyXBy9x5ub8y+F+4UsKCb4wAUVDNoJuzhRAcS6kj
61GPDFrljM6NkyitYz8tfXTFdX6k32v9TehlXAsQhDkO/ZboEQpEvcepCFSGqK7p
qJcRV/24o3GqANCFkhMcxSc3s9encplHuHFLMbiH6u3ethKCa3HPposfzQiKHsAO
2zHZOrxtx9Y1MGHdkmstl2459He7obUVLOeSr+h5ksRr/+z9atBdQx6grcyZ8xoA
tZ5q/koh+eGQdnTp+FKjfy0McMMCAwEAAaOCApYwggKSMB0GA1UdDgQWBBSSeFWU
nBTvddeAQSVvuHImFatWLjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0MwRTA4Mzk0
RkYwNTExRUY4REEzN0EyREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCAGCCsGAQUFBwEHAQH/
BBEwDzANBAIAAjAHAwUAJAEqIDANBgkqhkiG9w0BAQsFAAOCAQEAPeiJJkcJrXR1
XBf21inMpJD5VW+humQcrPv+J5i4dOhQH3ub66Rl/WZqW5SuGUuh+/Hbgb38IsKV
DEL8dUUDmCx+BH8KcYUb3UJ9ednBXuZ+aGTK8l8jrtIFiXRgajQT8vL6wGOTX5lx
m+YmKh7VgzYijVJENtDC5Ilw41Z0mzxnu0doCdD1HYEJb1rw+XQfmCnLsvZOKocE
2j3FEXzSW0iIqNIW4rWOuu436ZIu/Aoid0Q+XYvo76El3QG13py8Gtx9nJ9GQUJ5
0yxSpaiYTQI2ejYE4tmfjSp0UF7Obi8TOFrBgr42BLP7t3BJT1w8rIZXCbDCFO2+
kaR3YcomqA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:58 2025 by rpki-client