Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/6322249E033E11EDA7401850C4F9AE02.roa
File: 6322249E033E11EDA7401850C4F9AE02.roa (raw, json)
Hash identifier: bxum+WOpJCc/rrq4Z1XLEVCWKFHxlT2LUexLiRBlPmM=
Subject key identifier: 28:5C:A7:D5:5C:41:5D:A3:19:F3:E5:E6:9D:0B:1F:26:AD:C7:5E:16
Certificate issuer: /CN=A9195BA9/serialNumber=DA9D1F9C4FD9A27C75DACA7DE2299568380C0859
Certificate serial: 097D
Authority key identifier: DA:9D:1F:9C:4F:D9:A2:7C:75:DA:CA:7D:E2:29:95:68:38:0C:08:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2p0fnE_Zonx12sp94imVaDgMCFk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/6322249E033E11EDA7401850C4F9AE02.roa
Signing time: Fri 20 Dec 2024 20:09:30 +0000
ROA not before: Fri 20 Dec 2024 20:09:30 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 63199
IP address blocks: 202.55.82.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2429 (0x97d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195BA9
Validity
Not Before: Dec 20 20:09:30 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6765cefa-7874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ad:d3:3e:b4:5d:ef:77:36:29:39:b9:01:1f:
f6:08:b2:fe:aa:e1:ae:42:e5:e6:ed:0d:69:92:06:
aa:a3:92:7a:cb:cf:26:7a:32:9d:51:03:1b:f1:97:
0b:aa:29:c0:8f:f0:89:87:6f:f7:7a:d9:21:89:41:
39:dd:5a:82:55:77:1c:7e:dc:10:d9:4e:92:20:8c:
9e:d5:d9:05:50:77:ae:b3:22:9a:0c:27:c2:11:47:
a6:f1:b0:5c:07:a5:8a:09:0c:47:8e:96:d0:de:15:
54:eb:06:fd:ff:32:9c:60:77:e1:41:36:2d:a8:25:
e2:98:b6:e3:df:2d:d7:3c:a6:d5:b5:59:4e:bd:cf:
33:e0:c7:6b:eb:75:3d:08:5c:f8:9d:5d:93:75:44:
fd:d0:76:be:0e:40:75:af:71:40:09:d8:c7:45:0a:
33:bb:e1:4d:d5:eb:b5:cf:74:d1:86:15:ce:8d:83:
7b:8c:39:65:17:ec:98:73:da:5d:0b:ab:5c:2d:9d:
a0:c5:07:4e:46:49:b6:93:c5:c0:f4:a0:a4:6a:93:
73:8d:75:78:ad:90:eb:38:d2:94:84:39:5a:33:74:
7f:6c:f7:49:fb:5a:cd:e7:49:c5:a4:97:e4:bd:a5:
f9:9f:ba:a6:3e:23:fc:59:f7:8a:53:44:0a:10:25:
a5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5C:A7:D5:5C:41:5D:A3:19:F3:E5:E6:9D:0B:1F:26:AD:C7:5E:16
X509v3 Authority Key Identifier:
keyid:DA:9D:1F:9C:4F:D9:A2:7C:75:DA:CA:7D:E2:29:95:68:38:0C:08:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/2p0fnE_Zonx12sp94imVaDgMCFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2p0fnE_Zonx12sp94imVaDgMCFk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/6322249E033E11EDA7401850C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.55.82.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:fd:4c:2b:14:94:cf:fa:b7:b8:9d:45:07:6b:96:29:55:b9:
78:94:e4:d7:88:1d:21:28:e0:bd:7f:16:38:8f:bf:1c:e4:5e:
7c:44:36:8c:c9:29:24:79:10:7e:52:d7:24:40:94:e3:5d:c8:
53:f1:7a:77:e1:7c:ef:29:b2:53:2e:fc:18:73:77:2f:d3:0c:
e5:d6:a8:86:4f:e1:e3:d5:f6:a1:31:61:7e:c1:22:27:da:8d:
a5:67:2f:69:d4:80:63:64:e9:b8:01:02:fa:00:ce:c4:e0:cb:
52:86:6b:c0:a6:9a:66:8f:ed:ed:04:e1:77:07:23:00:93:1e:
1d:a7:fb:56:e5:53:cd:dd:f4:2f:b6:3f:5b:27:3c:88:52:c9:
67:7e:42:76:f4:bd:a9:bc:5e:67:c6:2d:e5:75:5f:11:8d:f7:
9c:2e:42:f0:7f:98:26:28:a3:3b:a2:6d:38:29:27:c5:f2:03:
c7:47:6e:45:c7:51:9d:4b:38:27:40:5d:1f:4d:03:83:d4:4d:
7e:e4:bc:cd:2e:06:33:7b:a2:d3:d5:0f:b5:97:8c:6e:25:3b:
ac:c3:da:47:eb:fa:cc:b4:dc:b2:fd:99:2b:8b:5d:da:12:13:
84:41:f4:90:08:1a:98:25:c2:64:5b:ec:07:1f:83:56:9f:fd:
fd:bc:46:df
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVCQTkxMTAvBgNVBAUTKERBOUQxRjlDNEZEOUEyN0M3NURBQ0E3REUyMjk5NTY4
MzgwQzA4NTkwHhcNMjQxMjIwMjAwOTMwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1Y2VmYS03ODc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA163TPrRd73c2KTm5AR/2CLL+quGuQuXm7Q1pkgaqo5J6y88mejKdUQMb8ZcL
qinAj/CJh2/3etkhiUE53VqCVXccftwQ2U6SIIye1dkFUHeusyKaDCfCEUem8bBc
B6WKCQxHjpbQ3hVU6wb9/zKcYHfhQTYtqCXimLbj3y3XPKbVtVlOvc8z4Mdr63U9
CFz4nV2TdUT90Ha+DkB1r3FACdjHRQozu+FN1eu1z3TRhhXOjYN7jDllF+yYc9pd
C6tcLZ2gxQdORkm2k8XA9KCkapNzjXV4rZDrONKUhDlaM3R/bPdJ+1rN50nFpJfk
vaX5n7qmPiP8WfeKU0QKECWlQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFChcp9Vc
QV2jGfPl5p0LHyatx14WMB8GA1UdIwQYMBaAFNqdH5xP2aJ8ddrKfeIplWg4DAhZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUJBOS9ERjdBN0YxNDgz
OEUxMUVBOENFQTA5NjBDNEY5QUUwMi8ycDBmbkVfWm9ueDEyc3A5NGltVmFEZ01D
RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJwMGZuRV9ab254MTJzcDk0aW1WYURnTUNGay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTVCQTkvREY3QTdGMTQ4MzhFMTFFQThDRUEwOTYwQzRGOUFFMDIvNjMyMjI0OUUw
MzNFMTFFREE3NDAxODUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKN1IwDQYJKoZIhvcNAQELBQADggEBAFr9TCsUlM/6t7id
RQdrlilVuXiU5NeIHSEo4L1/FjiPvxzkXnxENozJKSR5EH5S1yRAlONdyFPxenfh
fO8pslMu/Bhzdy/TDOXWqIZP4ePV9qExYX7BIifajaVnL2nUgGNk6bgBAvoAzsTg
y1KGa8CmmmaP7e0E4XcHIwCTHh2n+1blU83d9C+2P1snPIhSyWd+Qnb0vam8XmfG
LeV1XxGN95wuQvB/mCYoozuibTgpJ8XyA8dHbkXHUZ1LOCdAXR9NA4PUTX7kvM0u
BjN7otPVD7WXjG4lO6zD2kfr+sy03LL9mSuLXdoSE4RB9JAIGpglwmRb7Acfg1af
/f28Rt8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:43 2025 by rpki-client