Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/1E17F340724911E88CAE8E84C4F9AE02.roa
File: 1E17F340724911E88CAE8E84C4F9AE02.roa (raw, json)
Hash identifier: +QlUC0glkpkPjA7w7I6khloOS3EPNSs60LtlxtxV3uU=
Subject key identifier: 2B:E2:40:20:7B:CF:38:55:F1:7A:66:A2:53:91:8B:34:CA:02:8D:20
Certificate issuer: /CN=A919F6A8/serialNumber=F7D74C7FB8B0BAEFC3635CD4E35048AF88E39EEF
Certificate serial: 19C1
Authority key identifier: F7:D7:4C:7F:B8:B0:BA:EF:C3:63:5C:D4:E3:50:48:AF:88:E3:9E:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99dMf7iwuu_DY1zU41BIr4jjnu8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/1E17F340724911E88CAE8E84C4F9AE02.roa
Signing time: Tue 02 Apr 2024 17:24:39 +0000
ROA not before: Tue 02 Apr 2024 17:24:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2401:3740:374::/48 maxlen: 48
2401:3740:375::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6593 (0x19c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F6A8
Validity
Not Before: Apr 2 17:24:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660c3f57-48e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9c:bc:a2:0f:c9:41:67:73:e0:1d:bf:27:24:
22:71:20:b8:88:55:52:2e:e4:86:ea:d4:bd:5c:12:
c1:d0:ca:2c:f7:7c:13:e4:d0:14:74:0b:d2:4f:f9:
dc:04:8c:2b:b8:e5:f4:42:c8:dc:5f:dc:ba:89:70:
0a:01:1e:8d:a7:16:3e:f6:c9:06:18:9d:58:14:fe:
29:ae:29:4d:7c:cb:1e:d5:27:20:0e:9e:37:e9:2d:
9e:30:ab:62:eb:fe:72:b5:15:10:1f:49:62:bf:4f:
2a:34:0e:76:27:38:53:13:b1:42:be:3a:aa:f6:ad:
6b:7a:6d:7e:e1:28:fa:10:24:a9:25:bb:4e:6d:ed:
43:b6:37:1a:43:38:75:36:e9:d1:13:d1:06:1a:2b:
7d:d1:fb:11:b5:e7:ab:47:0c:a4:c7:bd:a2:41:92:
3a:0e:e1:e9:b7:92:04:d3:dc:05:3f:a9:ee:ae:39:
ea:50:6f:73:1e:4a:a2:a1:7c:15:39:cd:b0:eb:16:
03:e8:ba:05:5e:3a:81:4d:35:9b:95:cb:c4:4b:11:
3c:37:0f:92:da:04:93:f9:f1:7b:9e:aa:1d:69:6d:
05:a9:00:7a:f1:93:e2:96:60:36:28:5b:70:40:33:
21:17:18:29:5c:8f:d9:bc:88:0a:df:21:64:65:5f:
2f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E2:40:20:7B:CF:38:55:F1:7A:66:A2:53:91:8B:34:CA:02:8D:20
X509v3 Authority Key Identifier:
keyid:F7:D7:4C:7F:B8:B0:BA:EF:C3:63:5C:D4:E3:50:48:AF:88:E3:9E:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/99dMf7iwuu_DY1zU41BIr4jjnu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99dMf7iwuu_DY1zU41BIr4jjnu8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/1E17F340724911E88CAE8E84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3740:374::/47
Signature Algorithm: sha256WithRSAEncryption
7d:91:fc:d1:a1:4a:94:4a:6b:86:9a:28:d8:c6:08:5b:b2:98:
60:4e:82:d8:a3:ad:08:9c:a2:ea:5b:c3:cd:11:e2:a4:f0:2e:
bf:a2:ab:d2:23:83:c4:9f:12:a3:9c:de:5d:af:19:5b:79:95:
b8:ff:7d:1b:db:49:63:40:97:03:bc:97:39:93:2f:a4:48:1b:
ab:eb:12:af:02:fb:40:18:ce:f0:10:62:55:1a:51:fd:ba:76:
26:8f:eb:69:1f:ab:11:63:9e:2e:79:c0:3b:49:e0:86:34:da:
b5:c5:e8:d9:02:f8:be:32:3d:9f:0f:bf:9c:ad:9f:5d:d1:da:
b9:a9:15:89:d8:c0:3b:42:b3:26:b2:78:05:d3:e3:85:3f:fb:
d5:51:a9:08:a0:99:24:9b:9c:ac:8d:b3:d8:8c:c8:f9:f6:07:
4b:1b:e0:4a:8d:e8:52:45:05:05:a3:1f:0c:7a:81:c7:96:f8:
c8:bb:aa:e9:86:ec:be:ce:26:29:81:98:06:f9:85:1d:8a:ea:
ae:0f:85:11:51:fd:53:24:44:bf:4a:db:d8:ea:3c:23:0d:f3:
f2:37:d5:8c:6b:0a:d3:e3:a5:ff:4a:50:a8:fc:34:17:26:39:
3a:be:8a:26:cd:b6:43:95:ed:03:67:9a:c5:1d:18:eb:3a:a6:
30:84:8f:db
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICGcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUY2QTgxMTAvBgNVBAUTKEY3RDc0QzdGQjhCMEJBRUZDMzYzNUNENEUzNTA0OEFG
ODhFMzlFRUYwHhcNMjQwNDAyMTcyNDM5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjM2Y1Ny00OGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlJy8og/JQWdz4B2/JyQicSC4iFVSLuSG6tS9XBLB0Mos93wT5NAUdAvST/nc
BIwruOX0QsjcX9y6iXAKAR6NpxY+9skGGJ1YFP4prilNfMse1ScgDp436S2eMKti
6/5ytRUQH0liv08qNA52JzhTE7FCvjqq9q1rem1+4Sj6ECSpJbtObe1DtjcaQzh1
NunRE9EGGit90fsRteerRwykx72iQZI6DuHpt5IE09wFP6nurjnqUG9zHkqioXwV
Oc2w6xYD6LoFXjqBTTWblcvESxE8Nw+S2gST+fF7nqodaW0FqQB68ZPilmA2KFtw
QDMhFxgpXI/ZvIgK3yFkZV8vYQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFCviQCB7
zzhV8XpmolORizTKAo0gMB8GA1UdIwQYMBaAFPfXTH+4sLrvw2Nc1ONQSK+I457v
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjZBOC9GM0JENEMzNjQ5
Q0IxMUU3QTRBODdDN0JDNEY5QUUwMi85OWRNZjdpd3V1X0RZMXpVNDFCSXI0ampu
dTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzk5ZE1mN2l3dXVfRFkxelU0MUJJcjRqam51OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUY2QTgvRjNCRDRDMzY0OUNCMTFFN0E0QTg3QzdCQzRGOUFFMDIvMUUxN0YzNDA3
MjQ5MTFFODhDQUU4RTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEkATdAA3QwDQYJKoZIhvcNAQELBQADggEBAH2R/NGhSpRK
a4aaKNjGCFuymGBOgtijrQicoupbw80R4qTwLr+iq9Ijg8SfEqOc3l2vGVt5lbj/
fRvbSWNAlwO8lzmTL6RIG6vrEq8C+0AYzvAQYlUaUf26diaP62kfqxFjni55wDtJ
4IY02rXF6NkC+L4yPZ8Pv5ytn13R2rmpFYnYwDtCsyayeAXT44U/+9VRqQigmSSb
nKyNs9iMyPn2B0sb4EqN6FJFBQWjHwx6gceW+Mi7qumG7L7OJimBmAb5hR2K6q4P
hRFR/VMkRL9K29jqPCMN8/I31YxrCtPjpf9KUKj8NBcmOTq+iibNtkOV7QNnmsUd
GOs6pjCEj9s=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:22:53 2025 by rpki-client