Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1E13/18F096E0866B11EB9BFD4F32C4F9AE02/3E3F56AE602C11EF82BEF23FC4F9AE02.roa
File: 3E3F56AE602C11EF82BEF23FC4F9AE02.roa (raw, json)
Hash identifier: /pUdlndQ29VgGj6ss3jqZKtTLf7SVeCwADPq+4ZOuqc=
Subject key identifier: 71:6A:B5:5E:B9:EF:34:ED:DD:72:12:94:CE:D4:10:FB:6A:55:95:B1
Certificate issuer: /CN=A91A1E13/serialNumber=C3AEAC96EDB28C288DD7A5500B512985F1DA3714
Certificate serial: 0606
Authority key identifier: C3:AE:AC:96:ED:B2:8C:28:8D:D7:A5:50:0B:51:29:85:F1:DA:37:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w66slu2yjCiN16VQC1EphfHaNxQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1E13/18F096E0866B11EB9BFD4F32C4F9AE02/3E3F56AE602C11EF82BEF23FC4F9AE02.roa
Signing time: Mon 02 Dec 2024 22:32:39 +0000
ROA not before: Mon 02 Dec 2024 22:32:39 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 50605
IP address blocks: 218.251.220.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1542 (0x606)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1E13
Validity
Not Before: Dec 2 22:32:39 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674e3586-1cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:30:d4:00:60:aa:03:01:c3:84:53:cd:4c:74:
e2:83:83:41:62:b8:53:c1:f5:53:e7:7c:62:de:e4:
df:e9:7f:fd:f0:b7:c8:ac:3d:03:ca:96:62:92:86:
66:ca:6f:8e:78:2d:d0:df:e4:46:be:b7:1d:a5:15:
b1:00:d2:65:ac:f0:a3:e0:d6:d7:b6:b7:fc:97:99:
cc:48:71:23:32:76:33:25:69:b5:85:9f:03:d0:6d:
63:64:04:17:ca:d4:f3:ea:d4:cd:96:45:99:a6:5a:
c7:1f:7f:31:df:05:13:5e:17:b7:b3:46:50:ba:c4:
b0:77:66:3d:53:c0:4f:b5:9c:d1:ba:9b:7c:13:82:
54:9c:ca:42:79:b2:a3:ed:82:fb:b9:a4:7b:2a:cd:
bf:29:57:35:0e:fb:4f:d0:ca:f3:f8:d2:39:25:f4:
d2:bd:1b:59:74:17:bf:1d:0c:1f:e1:cd:22:93:25:
6b:bf:f8:49:a1:22:94:87:9e:53:04:53:20:2d:8c:
f7:19:ef:37:48:01:2f:13:59:ba:3e:c2:5f:b3:09:
63:26:96:96:7b:6b:91:55:ca:d3:1b:d9:bb:10:55:
30:2a:b8:41:69:c8:0a:9a:e9:3d:d9:3a:ea:9e:1e:
8a:eb:a0:82:e5:f4:28:4b:2f:5b:65:bd:a8:d2:58:
08:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6A:B5:5E:B9:EF:34:ED:DD:72:12:94:CE:D4:10:FB:6A:55:95:B1
X509v3 Authority Key Identifier:
keyid:C3:AE:AC:96:ED:B2:8C:28:8D:D7:A5:50:0B:51:29:85:F1:DA:37:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1E13/18F096E0866B11EB9BFD4F32C4F9AE02/w66slu2yjCiN16VQC1EphfHaNxQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/w66slu2yjCiN16VQC1EphfHaNxQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1E13/18F096E0866B11EB9BFD4F32C4F9AE02/3E3F56AE602C11EF82BEF23FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.251.220.0/24
Signature Algorithm: sha256WithRSAEncryption
86:50:26:bb:d9:ec:2d:a1:82:21:92:a2:0e:17:3c:cf:d4:81:
e5:94:60:ca:65:f3:c9:e5:29:54:a7:97:de:93:f8:08:2b:97:
1a:ab:3a:a1:ca:9f:d6:87:4e:fd:28:67:93:39:4f:51:d7:d2:
a0:f2:39:1d:d3:6a:f7:ea:12:cb:f7:43:85:a6:df:92:4a:d1:
f8:e1:ef:17:49:ad:cc:96:bf:a4:63:a1:14:4d:92:66:c2:8e:
45:ca:cf:0e:66:0d:31:68:4e:6e:fb:c4:07:1a:15:00:2b:16:
30:9d:69:fb:11:dd:ef:da:75:d3:11:ee:e5:79:6b:43:8c:6e:
4e:09:f8:88:c1:15:da:df:2a:fc:a8:a7:a2:08:4d:0a:12:c2:
89:57:2d:6c:e7:3c:40:aa:fb:d1:eb:4b:0e:9e:bb:2e:98:91:
9e:92:40:91:6a:02:5f:a9:76:80:93:ec:27:07:24:80:bc:74:
98:8f:64:10:f8:76:0b:36:22:bf:9d:01:31:b5:d2:75:6b:47:
e2:e5:3e:b8:04:5a:de:d5:63:71:f7:b2:44:69:1c:3c:61:e7:
9e:94:16:98:0f:3f:44:05:6a:66:6b:63:01:60:50:9d:f7:5c:
b6:fc:5c:07:3d:5b:b0:78:0b:c7:75:d5:d1:58:e5:81:d2:7d:
77:27:b9:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBgYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFFMTMxMTAvBgNVBAUTKEMzQUVBQzk2RURCMjhDMjg4REQ3QTU1MDBCNTEyOTg1
RjFEQTM3MTQwHhcNMjQxMjAyMjIzMjM5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMzU4Ni0xY2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0zDUAGCqAwHDhFPNTHTig4NBYrhTwfVT53xi3uTf6X/98LfIrD0DypZikoZm
ym+OeC3Q3+RGvrcdpRWxANJlrPCj4NbXtrf8l5nMSHEjMnYzJWm1hZ8D0G1jZAQX
ytTz6tTNlkWZplrHH38x3wUTXhe3s0ZQusSwd2Y9U8BPtZzRupt8E4JUnMpCebKj
7YL7uaR7Ks2/KVc1DvtP0Mrz+NI5JfTSvRtZdBe/HQwf4c0ikyVrv/hJoSKUh55T
BFMgLYz3Ge83SAEvE1m6PsJfswljJpaWe2uRVcrTG9m7EFUwKrhBacgKmuk92Trq
nh6K66CC5fQoSy9bZb2o0lgIBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHFqtV65
7zTt3XISlM7UEPtqVZWxMB8GA1UdIwQYMBaAFMOurJbtsowojdelUAtRKYXx2jcU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUUxMy8xOEYwOTZFMDg2
NkIxMUVCOUJGRDRGMzJDNEY5QUUwMi93NjZzbHUyeWpDaU4xNlZRQzFFcGhmSGFO
eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3c2NnNsdTJ5akNpTjE2VlFDMUVwaGZIYU54US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFFMTMvMThGMDk2RTA4NjZCMTFFQjlCRkQ0RjMyQzRGOUFFMDIvM0UzRjU2QUU2
MDJDMTFFRjgyQkVGMjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADa+9wwDQYJKoZIhvcNAQELBQADggEBAIZQJrvZ7C2hgiGS
og4XPM/UgeWUYMpl88nlKVSnl96T+AgrlxqrOqHKn9aHTv0oZ5M5T1HX0qDyOR3T
avfqEsv3Q4Wm35JK0fjh7xdJrcyWv6RjoRRNkmbCjkXKzw5mDTFoTm77xAcaFQAr
FjCdafsR3e/addMR7uV5a0OMbk4J+IjBFdrfKvyop6IITQoSwolXLWznPECq+9Hr
Sw6euy6YkZ6SQJFqAl+pdoCT7CcHJIC8dJiPZBD4dgs2Ir+dATG10nVrR+LlPrgE
Wt7VY3H3skRpHDxh556UFpgPP0QFamZrYwFgUJ33XLb8XAc9W7B4C8d11dFY5YHS
fXcnuZw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:55:03 2025 by rpki-client