Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/D56D9FD87E8711EC9A928B6AC4F9AE02.roa
File: D56D9FD87E8711EC9A928B6AC4F9AE02.roa (raw, json)
Hash identifier: MzFm0njK9GauK3PVGzL0I/Klqbd6ft5wJ9/podujw/8=
Subject key identifier: AB:91:4A:B6:9F:FC:4E:E8:F5:77:C3:C1:A6:CE:75:22:B4:C6:63:1B
Certificate issuer: /CN=A91A395C/serialNumber=0D8B71D86B5E202933BCB02A5B6D74092A52A17C
Certificate serial: 347F
Authority key identifier: 0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/D56D9FD87E8711EC9A928B6AC4F9AE02.roa
Signing time: Sun 22 Dec 2024 14:50:50 +0000
ROA not before: Sun 22 Dec 2024 14:50:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133160
IP address blocks: 112.137.24.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13439 (0x347f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A395C
Validity
Not Before: Dec 22 14:50:50 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6768274a-e63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:73:6e:b9:dc:52:cc:99:a3:d9:79:6b:d8:10:
4c:9a:41:32:0c:6c:34:f3:e3:4a:85:12:70:c5:c1:
4e:8d:47:15:e9:00:fe:ea:66:dc:fb:c9:ee:a4:40:
98:30:0c:53:c9:cf:62:cb:92:46:3e:ea:7d:4e:26:
4e:70:9c:5b:3e:07:01:12:9d:5b:66:7e:1f:1f:b1:
e9:27:d1:e5:56:36:5c:ec:54:66:6a:b7:4a:9c:27:
08:2a:bc:60:b8:6d:92:d0:78:3f:27:e3:37:71:67:
4e:21:fb:27:05:05:fa:df:49:59:5b:34:af:18:d6:
54:7b:16:c9:d0:cc:a0:dd:0f:8c:fa:8f:85:54:80:
a7:84:9c:fd:17:44:b0:17:7f:90:2f:5d:8d:e5:3f:
c2:35:05:05:c2:e1:0f:6f:a4:05:d5:fb:05:71:37:
88:50:d8:27:70:e8:2a:fb:cb:b2:f2:4e:4c:f8:50:
19:56:c5:6c:20:8b:bb:ab:1b:21:18:e0:a0:22:49:
15:86:fd:9f:10:a9:9e:1f:7e:e8:74:76:1b:2a:0e:
89:0c:bb:1c:ca:45:2b:86:67:63:e0:23:34:dc:ab:
69:da:2c:17:43:fd:86:f5:aa:9f:e9:37:35:99:93:
28:d3:00:49:4a:cf:ce:05:f5:0c:97:82:49:9d:9c:
af:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:91:4A:B6:9F:FC:4E:E8:F5:77:C3:C1:A6:CE:75:22:B4:C6:63:1B
X509v3 Authority Key Identifier:
keyid:0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/D56D9FD87E8711EC9A928B6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.137.24.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:e8:8a:7e:cf:d9:75:26:ad:0e:a0:e0:14:9b:13:35:0b:9a:
58:8d:1c:39:ba:ca:61:19:23:c5:df:41:a5:b7:ea:e8:20:e6:
87:5c:04:6b:49:10:81:33:59:ae:7b:1e:83:2e:72:63:50:56:
c8:56:e1:47:b2:23:87:8a:be:3c:5f:7e:58:83:56:68:d1:47:
f0:82:82:4b:b3:a7:44:cc:08:f1:37:50:d5:40:08:f0:96:fa:
ff:9d:55:29:ba:65:f7:7e:e1:4b:17:1f:9d:61:a7:50:b4:5c:
fe:e1:63:5c:09:bb:76:3c:df:b0:88:3c:37:1c:64:71:8d:b7:
28:e9:07:03:2c:0f:c4:6a:be:f0:26:ac:8c:b1:86:2c:70:36:
cf:56:38:a1:2c:d8:16:d4:8b:fd:0a:7c:c9:ec:b1:b6:8f:b7:
ff:c5:8c:7d:77:bf:77:9c:1f:b0:cc:f5:e8:ca:c1:d2:8e:3c:
55:ff:e3:51:72:33:4d:6e:57:fa:43:e6:ca:db:1a:fe:a4:3b:
b8:fd:1e:9c:91:14:98:bc:92:8b:36:53:38:c6:5d:2e:35:8c:
53:d3:ad:4f:2d:6b:b3:85:c2:7b:be:52:79:00:06:e2:02:36:
46:e0:b9:12:b9:eb:e6:ed:ae:4e:7e:99:46:73:5a:fc:ce:c4:
08:f2:ad:49
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTM5NUMxMTAvBgNVBAUTKDBEOEI3MUQ4NkI1RTIwMjkzM0JDQjAyQTVCNkQ3NDA5
MkE1MkExN0MwHhcNMjQxMjIyMTQ1MDUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4Mjc0YS1lNjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsHNuudxSzJmj2Xlr2BBMmkEyDGw08+NKhRJwxcFOjUcV6QD+6mbc+8nupECY
MAxTyc9iy5JGPup9TiZOcJxbPgcBEp1bZn4fH7HpJ9HlVjZc7FRmardKnCcIKrxg
uG2S0Hg/J+M3cWdOIfsnBQX630lZWzSvGNZUexbJ0Myg3Q+M+o+FVICnhJz9F0Sw
F3+QL12N5T/CNQUFwuEPb6QF1fsFcTeIUNgncOgq+8uy8k5M+FAZVsVsIIu7qxsh
GOCgIkkVhv2fEKmeH37odHYbKg6JDLscykUrhmdj4CM03Ktp2iwXQ/2G9aqf6Tc1
mZMo0wBJSs/OBfUMl4JJnZyvmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKuRSraf
/E7o9XfDwabOdSK0xmMbMB8GA1UdIwQYMBaAFA2LcdhrXiApM7ywKlttdAkqUqF8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzk1Qy9CQjM0MTdDMDFE
OTYxMUUyQjhCQjgyN0YwOEIwMkNEMi9EWXR4Mkd0ZUlDa3p2TEFxVzIxMENTcFNv
WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RZdHgyR3RlSUNrenZMQXFXMjEwQ1NwU29Ydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTM5NUMvQkIzNDE3QzAxRDk2MTFFMkI4QkI4MjdGMDhCMDJDRDIvRDU2RDlGRDg3
RTg3MTFFQzlBOTI4QjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABwiRgwDQYJKoZIhvcNAQELBQADggEBAMboin7P2XUmrQ6g
4BSbEzULmliNHDm6ymEZI8XfQaW36ugg5odcBGtJEIEzWa57HoMucmNQVshW4Uey
I4eKvjxffliDVmjRR/CCgkuzp0TMCPE3UNVACPCW+v+dVSm6Zfd+4UsXH51hp1C0
XP7hY1wJu3Y837CIPDccZHGNtyjpBwMsD8RqvvAmrIyxhixwNs9WOKEs2BbUi/0K
fMnssbaPt//FjH13v3ecH7DM9ejKwdKOPFX/41FyM01uV/pD5srbGv6kO7j9HpyR
FJi8kos2UzjGXS41jFPTrU8ta7OFwnu+UnkABuICNkbguRK56+btrk5+mUZzWvzO
xAjyrUk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:34:55 2025 by rpki-client