Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199885/D050685A1D9811E2AE6B1F8308B02CD2/40D6370E09EA11EA95045455C4F9AE02.roa
File: 40D6370E09EA11EA95045455C4F9AE02.roa (raw, json)
Hash identifier: 5W9R9two9G4Qhi9v6Gqg8gAjO1S7HfBrkZUHkXw1YDc=
Subject key identifier: 8F:B8:F6:8F:CA:8E:10:BE:B6:DC:72:1E:E4:BC:EE:45:54:08:7B:43
Certificate issuer: /CN=A9199885/serialNumber=438D823EC3344B4BF1C99E11DE0F56F842EFD98E
Certificate serial: 2076
Authority key identifier: 43:8D:82:3E:C3:34:4B:4B:F1:C9:9E:11:DE:0F:56:F8:42:EF:D9:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q42CPsM0S0vxyZ4R3g9W-ELv2Y4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199885/D050685A1D9811E2AE6B1F8308B02CD2/40D6370E09EA11EA95045455C4F9AE02.roa
Signing time: Fri 31 Jan 2025 15:20:49 +0000
ROA not before: Fri 31 Jan 2025 15:20:49 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 135358
IP address blocks: 203.34.100.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8310 (0x2076)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199885
Validity
Not Before: Jan 31 15:20:49 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679cea50-6e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d1:5a:4c:28:e2:b1:06:fa:2b:6a:ef:b1:4e:
11:fb:a9:09:cc:04:00:a3:b6:a0:aa:99:7c:f9:5a:
1e:cf:09:1f:32:68:6f:13:ea:c8:53:be:12:47:40:
c2:a5:71:5c:5d:61:05:7d:59:06:f1:c2:34:37:93:
8a:9a:ba:fe:9b:e4:d7:78:fd:63:f7:73:ef:48:ca:
42:e2:1c:d3:31:ca:45:52:dd:c7:e7:9f:49:83:80:
80:28:39:fd:c6:70:64:9e:fb:7d:cd:ee:42:8c:40:
90:64:3f:1c:7a:61:8d:1e:70:4c:77:8d:54:b7:e2:
cb:cb:53:48:fa:ce:e1:21:26:86:bf:24:09:df:50:
cd:57:5f:4a:da:13:a0:0f:01:61:e6:c6:d9:b3:b2:
39:3e:5f:2c:c1:b8:06:9c:30:91:d0:94:36:82:03:
0c:04:e3:30:92:5a:ff:74:c4:05:63:d5:28:ad:43:
d6:cd:de:eb:4b:48:2c:5c:3b:f0:92:a5:f4:37:42:
b8:ca:04:03:84:0f:75:09:5d:3d:2d:69:78:1c:44:
b2:04:22:a7:54:06:c1:75:29:49:ec:84:6b:48:53:
d9:0f:20:45:dc:38:0b:b4:59:5e:55:be:8f:04:88:
58:7e:ab:ba:02:0c:93:1c:f4:2f:ad:d9:e8:3f:36:
13:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B8:F6:8F:CA:8E:10:BE:B6:DC:72:1E:E4:BC:EE:45:54:08:7B:43
X509v3 Authority Key Identifier:
keyid:43:8D:82:3E:C3:34:4B:4B:F1:C9:9E:11:DE:0F:56:F8:42:EF:D9:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199885/D050685A1D9811E2AE6B1F8308B02CD2/Q42CPsM0S0vxyZ4R3g9W-ELv2Y4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q42CPsM0S0vxyZ4R3g9W-ELv2Y4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199885/D050685A1D9811E2AE6B1F8308B02CD2/40D6370E09EA11EA95045455C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.34.100.0/24
Signature Algorithm: sha256WithRSAEncryption
37:7b:af:6c:08:d8:7a:17:03:61:e3:38:06:cd:67:f8:5c:30:
a4:e8:1b:23:ff:8d:7e:f7:77:fe:07:33:ac:df:ac:a9:2b:9e:
04:6d:97:a7:d4:d5:89:e4:0d:dd:9d:f0:46:a1:be:5b:c1:7f:
b3:5a:e3:ca:3b:0d:b7:18:fd:6b:46:ac:80:0a:b2:a2:69:06:
49:88:bc:c4:bb:55:ca:53:3c:61:e7:96:43:22:65:7f:8d:ee:
eb:de:21:6e:70:2e:49:c1:6d:bc:66:43:f6:48:d0:b9:f1:d9:
0f:ba:8d:24:4b:f0:66:ba:f6:f3:64:07:81:a0:1a:32:f9:91:
2c:b0:70:0d:0c:9f:21:fe:c4:2c:a4:7e:c8:e7:b9:a5:8a:06:
de:80:98:52:cc:d6:16:a6:5b:18:35:b7:80:92:e3:a1:15:fc:
8a:06:03:a5:50:65:38:6f:f5:85:a3:8f:ad:7c:ce:87:33:dc:
a3:78:8f:57:0c:c0:a1:e5:70:b1:7a:48:bd:94:a7:d2:96:94:
a0:fe:5e:4f:bb:5f:c4:70:ce:d2:29:d7:39:98:54:c7:6a:94:
3f:d0:72:2e:a1:8b:d0:60:ae:28:c2:8e:4c:a3:5e:60:f5:2e:
03:5e:aa:85:d0:9e:3d:11:85:72:27:50:6a:47:ea:94:be:87:
5b:4f:fc:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk4ODUxMTAvBgNVBAUTKDQzOEQ4MjNFQzMzNDRCNEJGMUM5OUUxMURFMEY1NkY4
NDJFRkQ5OEUwHhcNMjUwMTMxMTUyMDQ5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljZWE1MC02ZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAodFaTCjisQb6K2rvsU4R+6kJzAQAo7agqpl8+VoezwkfMmhvE+rIU74SR0DC
pXFcXWEFfVkG8cI0N5OKmrr+m+TXeP1j93PvSMpC4hzTMcpFUt3H559Jg4CAKDn9
xnBknvt9ze5CjECQZD8cemGNHnBMd41Ut+LLy1NI+s7hISaGvyQJ31DNV19K2hOg
DwFh5sbZs7I5Pl8swbgGnDCR0JQ2ggMMBOMwklr/dMQFY9UorUPWzd7rS0gsXDvw
kqX0N0K4ygQDhA91CV09LWl4HESyBCKnVAbBdSlJ7IRrSFPZDyBF3DgLtFleVb6P
BIhYfqu6AgyTHPQvrdnoPzYT+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFI+49o/K
jhC+ttxyHuS87kVUCHtDMB8GA1UdIwQYMBaAFEONgj7DNEtL8cmeEd4PVvhC79mO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTg4NS9EMDUwNjg1QTFE
OTgxMUUyQUU2QjFGODMwOEIwMkNEMi9RNDJDUHNNMFMwdnh5WjRSM2c5Vy1FTHYy
WTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1E0MkNQc00wUzB2eHlaNFIzZzlXLUVMdjJZNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTk4ODUvRDA1MDY4NUExRDk4MTFFMkFFNkIxRjgzMDhCMDJDRDIvNDBENjM3MEUw
OUVBMTFFQTk1MDQ1NDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLImQwDQYJKoZIhvcNAQELBQADggEBADd7r2wI2HoXA2Hj
OAbNZ/hcMKToGyP/jX73d/4HM6zfrKkrngRtl6fU1YnkDd2d8EahvlvBf7Na48o7
DbcY/WtGrIAKsqJpBkmIvMS7VcpTPGHnlkMiZX+N7uveIW5wLknBbbxmQ/ZI0Lnx
2Q+6jSRL8Ga69vNkB4GgGjL5kSywcA0MnyH+xCykfsjnuaWKBt6AmFLM1hamWxg1
t4CS46EV/IoGA6VQZThv9YWjj618zocz3KN4j1cMwKHlcLF6SL2Up9KWlKD+Xk+7
X8RwztIp1zmYVMdqlD/Qci6hi9BgrijCjkyjXmD1LgNeqoXQnj0RhXInUGpH6pS+
h1tP/L8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:14:05 2025 by rpki-client