Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2EBE8D30AC5A11EDA8C03215C4F9AE02.roa
File: 2EBE8D30AC5A11EDA8C03215C4F9AE02.roa (raw, json)
Hash identifier: AcjHctQk6w4IVIT+LgEMj7OQxkpkVplOTySVGaghaEs=
Subject key identifier: 9A:5A:A5:A2:3F:A5:8C:88:5F:1F:1F:F2:4C:7C:18:E9:5F:68:23:66
Certificate issuer: /CN=A91912DD/serialNumber=DAE7508D11E47228DA1FE0032597BBD29F75890C
Certificate serial: 1665
Authority key identifier: DA:E7:50:8D:11:E4:72:28:DA:1F:E0:03:25:97:BB:D2:9F:75:89:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2udQjRHkcijaH-ADJZe70p91iQw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2EBE8D30AC5A11EDA8C03215C4F9AE02.roa
Signing time: Wed 08 Jan 2025 17:04:46 +0000
ROA not before: Wed 08 Jan 2025 17:04:46 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 13214
IP address blocks: 2001:df3:e000::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5733 (0x1665)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91912DD
Validity
Not Before: Jan 8 17:04:46 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677eb02e-417d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:89:e7:3f:61:8c:f6:25:7c:2e:58:b3:80:31:
2b:31:35:e1:ac:82:c6:6f:f5:f5:37:15:94:a1:02:
27:4e:4b:58:92:c5:ca:11:c3:f2:2f:ad:7f:25:ee:
10:84:6e:37:de:32:cc:73:b2:7f:6c:49:4c:55:ad:
36:ce:d1:43:a9:d4:2a:59:93:6d:95:93:ff:28:68:
67:a3:ae:78:a2:1a:79:67:9e:2b:f5:6e:20:41:11:
8a:f3:c8:28:a1:39:94:77:33:22:c5:f6:82:17:8f:
c1:ab:63:e3:39:00:d0:05:51:1e:33:3b:3e:cc:6f:
3a:f1:18:60:3c:07:c0:3c:a5:e8:0b:9d:09:99:11:
d2:f2:4f:db:e3:09:42:2f:25:68:17:66:a5:5f:df:
b0:47:e9:15:c2:c2:9b:31:e8:fd:52:c9:9b:79:35:
c9:c6:8c:e4:cc:f4:6e:fd:9e:05:79:ec:41:ba:c4:
ab:ed:57:f1:92:55:35:52:65:ca:d5:1f:2e:1e:34:
0c:d8:5a:7b:fe:16:f4:1a:76:0f:b4:be:b8:0c:d8:
79:7f:52:80:f1:8d:e7:67:93:7b:5f:bf:d8:d7:f9:
21:94:6d:37:90:2b:34:b9:f4:67:7b:07:05:fc:75:
60:2c:82:60:03:0d:73:be:1c:47:d7:cc:89:fb:59:
a8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:5A:A5:A2:3F:A5:8C:88:5F:1F:1F:F2:4C:7C:18:E9:5F:68:23:66
X509v3 Authority Key Identifier:
keyid:DA:E7:50:8D:11:E4:72:28:DA:1F:E0:03:25:97:BB:D2:9F:75:89:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2udQjRHkcijaH-ADJZe70p91iQw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2udQjRHkcijaH-ADJZe70p91iQw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2EBE8D30AC5A11EDA8C03215C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:e000::/48
Signature Algorithm: sha256WithRSAEncryption
39:94:d1:27:aa:ce:4f:ca:f5:5a:29:ff:2d:de:34:5d:d2:cf:
5f:f0:18:3e:53:3c:f8:97:46:ce:39:d6:19:b4:a6:a2:27:f8:
6e:37:ba:c2:93:62:99:bc:ad:89:41:29:e1:f3:4f:ba:ae:36:
3a:10:d1:de:d1:ab:10:a3:84:6c:63:d9:28:a4:d9:34:a6:1f:
b0:1c:b4:a9:50:f3:a9:d1:f3:c7:aa:da:aa:c1:db:64:ed:14:
90:0e:0f:71:22:b6:88:e3:7a:14:b7:0c:8e:14:87:58:2b:5f:
0e:7b:41:75:33:cc:55:57:48:fb:4c:22:0d:ec:27:86:4b:de:
6c:4a:5e:38:ea:f9:65:54:58:d6:65:e7:75:a8:16:d1:13:9a:
05:2a:ef:b7:53:59:d4:2f:2e:57:9c:03:a4:c5:07:8b:34:93:
ad:aa:a3:e4:44:fd:c1:ba:e3:92:20:dd:7e:4b:d3:65:9e:7d:
f7:92:5f:19:90:9f:3d:3b:f8:b8:5b:3e:a1:ea:75:6c:a9:2b:
e4:ee:04:11:ce:1c:f1:f6:01:d6:25:83:81:d2:ea:e5:f5:aa:
ed:b6:06:76:83:28:5b:fa:e1:50:13:df:1a:6a:b0:8d:1b:46:
e0:04:14:a3:3b:ba:ca:e5:e8:19:a8:c1:5a:ff:51:66:8f:38:
7d:ec:ec:5a
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICFmUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTEyREQxMTAvBgNVBAUTKERBRTc1MDhEMTFFNDcyMjhEQTFGRTAwMzI1OTdCQkQy
OUY3NTg5MEMwHhcNMjUwMTA4MTcwNDQ2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlYjAyZS00MTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvonnP2GM9iV8LlizgDErMTXhrILGb/X1NxWUoQInTktYksXKEcPyL61/Je4Q
hG433jLMc7J/bElMVa02ztFDqdQqWZNtlZP/KGhno654ohp5Z54r9W4gQRGK88go
oTmUdzMixfaCF4/Bq2PjOQDQBVEeMzs+zG868RhgPAfAPKXoC50JmRHS8k/b4wlC
LyVoF2alX9+wR+kVwsKbMej9UsmbeTXJxozkzPRu/Z4FeexBusSr7VfxklU1UmXK
1R8uHjQM2Fp7/hb0GnYPtL64DNh5f1KA8Y3nZ5N7X7/Y1/khlG03kCs0ufRnewcF
/HVgLIJgAw1zvhxH18yJ+1mofQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJpapaI/
pYyIXx8f8kx8GOlfaCNmMB8GA1UdIwQYMBaAFNrnUI0R5HIo2h/gAyWXu9KfdYkM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTJERC80NjI4QkVDNDAw
RDgxMUU4OTA2MTA2MzdDNEY5QUUwMi8ydWRRalJIa2NpamFILUFESlplNzBwOTFp
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJ1ZFFqUkhrY2lqYUgtQURKWmU3MHA5MWlRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTEyREQvNDYyOEJFQzQwMEQ4MTFFODkwNjEwNjM3QzRGOUFFMDIvMkVCRThEMzBB
QzVBMTFFREE4QzAzMjE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3z4AAwDQYJKoZIhvcNAQELBQADggEBADmU0Seqzk/K
9Vop/y3eNF3Sz1/wGD5TPPiXRs451hm0pqIn+G43usKTYpm8rYlBKeHzT7quNjoQ
0d7RqxCjhGxj2Sik2TSmH7ActKlQ86nR88eq2qrB22TtFJAOD3EitojjehS3DI4U
h1grXw57QXUzzFVXSPtMIg3sJ4ZL3mxKXjjq+WVUWNZl53WoFtETmgUq77dTWdQv
LlecA6TFB4s0k62qo+RE/cG645Ig3X5L02WeffeSXxmQnz07+LhbPqHqdWypK+Tu
BBHOHPH2AdYlg4HS6uX1qu22BnaDKFv64VAT3xpqsI0bRuAEFKM7usrl6BmowVr/
UWaPOH3s7Fo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:12 2025 by rpki-client