Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/55892E84839011EAB5B82263C4F9AE02.roa
File: 55892E84839011EAB5B82263C4F9AE02.roa (raw, json)
Hash identifier: nXu3TrhqWzeQhIAXd22b9k7kj49e1Ni4pYpn1PtXrj4=
Subject key identifier: 1B:60:D5:9E:90:9E:AB:77:EF:36:60:0E:C8:B3:FB:59:D8:E1:30:1A
Certificate issuer: /CN=A9195BA9/serialNumber=DA9D1F9C4FD9A27C75DACA7DE2299568380C0859
Certificate serial: 097B
Authority key identifier: DA:9D:1F:9C:4F:D9:A2:7C:75:DA:CA:7D:E2:29:95:68:38:0C:08:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2p0fnE_Zonx12sp94imVaDgMCFk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/55892E84839011EAB5B82263C4F9AE02.roa
Signing time: Fri 20 Dec 2024 20:09:28 +0000
ROA not before: Fri 20 Dec 2024 20:09:28 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134809
IP address blocks: 2402:7481::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2427 (0x97b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195BA9
Validity
Not Before: Dec 20 20:09:28 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6765cef8-9c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:22:c3:4e:88:c3:57:bd:b7:64:af:97:ec:b0:
2d:81:f0:a8:ca:7b:d4:37:05:10:c5:09:65:9e:a5:
39:3c:15:31:8e:b1:dc:ec:b1:51:9c:bc:ad:6f:f2:
f4:ae:0c:c7:8c:ba:f6:69:52:75:78:db:55:98:5d:
f9:b1:7c:08:6d:b9:9c:4c:9e:ce:75:72:5a:bc:66:
6b:98:42:aa:83:c7:9b:8c:99:be:84:ab:8b:db:ec:
5f:7b:b3:8e:62:78:2c:9f:85:00:0a:58:0b:e8:92:
c5:57:15:f9:92:eb:66:bf:26:b6:ad:d4:71:01:75:
47:7c:83:75:2e:7d:62:97:82:74:e9:42:b1:52:65:
2e:8b:d7:f9:21:42:b5:50:98:46:34:a7:61:12:bc:
3e:cf:52:4d:1d:52:bf:eb:e7:b3:0e:8c:71:4d:b3:
58:9d:11:51:ce:ce:90:e7:01:ab:a7:19:a4:73:d6:
8c:4c:c6:ad:57:13:ad:53:f1:f0:12:d3:5f:d4:53:
81:e5:4d:3a:52:7b:60:96:1b:40:15:2d:a0:1a:ae:
9a:c9:75:f7:86:e1:38:76:ce:84:6d:46:79:79:d3:
aa:c6:79:c9:89:b1:41:2a:49:0a:e7:f7:3d:ae:44:
7e:3a:85:a4:d6:64:68:54:47:52:39:92:5f:83:e8:
91:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:60:D5:9E:90:9E:AB:77:EF:36:60:0E:C8:B3:FB:59:D8:E1:30:1A
X509v3 Authority Key Identifier:
keyid:DA:9D:1F:9C:4F:D9:A2:7C:75:DA:CA:7D:E2:29:95:68:38:0C:08:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/2p0fnE_Zonx12sp94imVaDgMCFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2p0fnE_Zonx12sp94imVaDgMCFk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/55892E84839011EAB5B82263C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:7481::/32
Signature Algorithm: sha256WithRSAEncryption
c9:78:61:a8:74:e2:55:4b:77:03:3a:c3:40:30:eb:0c:bf:9c:
9e:31:da:a1:66:e1:8a:28:24:ca:a6:5d:f1:7b:21:ed:05:d4:
be:c1:fd:0e:0f:13:6e:2f:a5:db:f8:50:ad:c2:14:56:4b:f0:
bf:83:45:80:d1:3e:21:92:2b:8c:e9:08:b4:f4:1e:d5:0e:48:
a5:84:a8:dc:9f:ad:02:f0:83:f9:bc:ef:20:8c:53:5a:6c:b0:
04:f3:be:d3:29:1f:c2:e8:c6:bf:0d:0a:f3:d0:8d:db:8e:bc:
0c:11:be:ef:9b:90:53:1a:e7:4c:de:06:71:f3:d7:5e:32:45:
67:71:c0:8b:62:f2:bf:20:93:cb:6a:2a:da:55:ff:e5:de:fb:
7c:8f:b2:92:a9:39:56:2b:33:a3:92:0e:3e:e6:9f:7f:05:18:
e8:52:58:e7:40:98:81:26:f5:45:6c:2f:4d:9e:87:84:31:0a:
e3:47:3c:39:f6:54:13:b1:50:98:1a:1c:09:86:6a:3c:a4:3c:
db:f4:b8:d4:59:bf:da:9b:e9:f1:83:10:2f:76:54:1b:1d:55:
9b:80:be:48:26:0a:b2:21:07:90:86:72:92:de:17:1d:c4:a9:
44:47:bf:3c:6a:5d:88:7e:e1:b8:ca:34:e2:81:e2:d9:53:50:
53:55:12:de
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCXswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVCQTkxMTAvBgNVBAUTKERBOUQxRjlDNEZEOUEyN0M3NURBQ0E3REUyMjk5NTY4
MzgwQzA4NTkwHhcNMjQxMjIwMjAwOTI4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1Y2VmOC05YzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtyLDTojDV723ZK+X7LAtgfCoynvUNwUQxQllnqU5PBUxjrHc7LFRnLytb/L0
rgzHjLr2aVJ1eNtVmF35sXwIbbmcTJ7OdXJavGZrmEKqg8ebjJm+hKuL2+xfe7OO
Yngsn4UAClgL6JLFVxX5kutmvya2rdRxAXVHfIN1Ln1il4J06UKxUmUui9f5IUK1
UJhGNKdhErw+z1JNHVK/6+ezDoxxTbNYnRFRzs6Q5wGrpxmkc9aMTMatVxOtU/Hw
EtNf1FOB5U06UntglhtAFS2gGq6ayXX3huE4ds6EbUZ5edOqxnnJibFBKkkK5/c9
rkR+OoWk1mRoVEdSOZJfg+iRgQIDAQABo4ICljCCApIwHQYDVR0OBBYEFBtg1Z6Q
nqt37zZgDsiz+1nY4TAaMB8GA1UdIwQYMBaAFNqdH5xP2aJ8ddrKfeIplWg4DAhZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUJBOS9ERjdBN0YxNDgz
OEUxMUVBOENFQTA5NjBDNEY5QUUwMi8ycDBmbkVfWm9ueDEyc3A5NGltVmFEZ01D
RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJwMGZuRV9ab254MTJzcDk0aW1WYURnTUNGay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTVCQTkvREY3QTdGMTQ4MzhFMTFFQThDRUEwOTYwQzRGOUFFMDIvNTU4OTJFODQ4
MzkwMTFFQUI1QjgyMjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAnSBMA0GCSqGSIb3DQEBCwUAA4IBAQDJeGGodOJVS3cD
OsNAMOsMv5yeMdqhZuGKKCTKpl3xeyHtBdS+wf0ODxNuL6Xb+FCtwhRWS/C/g0WA
0T4hkiuM6Qi09B7VDkilhKjcn60C8IP5vO8gjFNabLAE877TKR/C6Ma/DQrz0I3b
jrwMEb7vm5BTGudM3gZx89deMkVnccCLYvK/IJPLairaVf/l3vt8j7KSqTlWKzOj
kg4+5p9/BRjoUljnQJiBJvVFbC9NnoeEMQrjRzw59lQTsVCYGhwJhmo8pDzb9LjU
Wb/am+nxgxAvdlQbHVWbgL5IJgqyIQeQhnKS3hcdxKlER788al2IfuG4yjTigeLZ
U1BTVRLe
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:17:53 2025 by rpki-client