Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa
File: 76B5C744B45E11EAB71DF94AC4F9AE02.roa (raw, json)
Hash identifier: RzsyMG8grNRl/TU/HKZlXJ7ZiLnl0fu14E8Z0lJpa0Q=
Subject key identifier: 00:CF:1F:10:25:C3:86:43:42:84:44:A7:C5:BA:C0:6E:24:34:32:BD
Certificate issuer: /CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D
Certificate serial: 3456
Authority key identifier: D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa
Signing time: Tue 04 Feb 2025 15:00:53 +0000
ROA not before: Tue 04 Feb 2025 15:00:53 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 45634
IP address blocks: 45.64.128.0/22 maxlen: 22
45.64.128.0/24 maxlen: 24
45.64.129.0/24 maxlen: 24
45.64.130.0/24 maxlen: 24
45.64.131.0/24 maxlen: 24
112.140.184.0/22 maxlen: 22
112.140.184.0/24 maxlen: 24
112.140.185.0/24 maxlen: 24
112.140.186.0/24 maxlen: 24
112.140.187.0/24 maxlen: 24
180.210.200.0/21 maxlen: 21
180.210.200.0/24 maxlen: 24
180.210.201.0/24 maxlen: 24
180.210.202.0/24 maxlen: 24
180.210.203.0/24 maxlen: 24
180.210.204.0/24 maxlen: 24
180.210.205.0/24 maxlen: 24
180.210.206.0/24 maxlen: 24
180.210.207.0/24 maxlen: 24
2401:c100::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13398 (0x3456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AACB2
Validity
Not Before: Feb 4 15:00:53 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a22ba5-14f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:62:52:a1:b0:7f:0d:7d:c2:01:7c:0f:d1:24:
06:92:b0:ab:46:9e:1a:d3:07:ee:12:0b:73:c3:24:
d4:11:73:db:31:f0:f6:02:62:9e:c5:2d:58:68:e1:
ee:3d:e8:23:9b:01:6e:ae:81:90:b8:ef:0a:82:31:
f0:51:60:cb:1b:c7:bd:fb:18:fb:44:c8:1b:e1:5f:
67:dd:09:c8:65:1e:e8:8d:2a:ee:ca:f4:5f:bd:f4:
08:17:73:05:ff:f0:65:42:11:c5:58:61:e5:d8:8c:
8b:75:06:7c:fc:dd:ea:67:3d:00:69:ba:00:c0:cc:
2a:c8:f8:31:7d:f9:ae:bf:50:3c:c9:d4:c2:e1:55:
51:c5:18:e1:ae:3a:ec:57:12:29:b1:07:a9:88:cd:
99:9c:cc:7a:44:aa:13:20:22:87:5e:d2:14:7e:2b:
85:91:dd:f2:7e:f3:dd:02:1c:ac:63:91:ef:78:10:
ad:85:a7:f1:37:97:76:be:77:55:af:7e:7d:42:73:
59:f7:c0:e5:7b:1b:d4:48:d0:08:58:c1:33:4b:b8:
8c:c9:fb:d1:37:a2:9e:c3:bb:6e:13:6e:2d:dd:cb:
1f:17:c8:9f:93:35:cc:51:bc:4a:7a:ff:ae:90:48:
ed:79:f4:20:d3:5a:c0:a8:58:d5:24:91:cc:b6:6c:
71:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CF:1F:10:25:C3:86:43:42:84:44:A7:C5:BA:C0:6E:24:34:32:BD
X509v3 Authority Key Identifier:
keyid:D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.128.0/22
112.140.184.0/22
180.210.200.0/21
IPv6:
2401:c100::/32
Signature Algorithm: sha256WithRSAEncryption
4c:4a:a3:d0:70:1f:7c:1a:2e:b5:d0:f3:12:5c:88:db:c8:21:
00:9b:60:7a:29:d6:cf:d2:67:61:4e:7a:21:87:c5:5e:9e:26:
70:59:8a:46:ae:fb:7f:eb:b0:52:3d:68:8d:40:cd:45:c5:c9:
42:90:28:78:d5:7f:05:85:82:62:27:4e:d9:39:15:59:cd:5a:
66:06:b1:f1:2a:47:6f:c5:68:f2:81:28:d1:50:95:d8:71:4c:
60:0d:04:06:4f:f7:79:bb:d8:5c:6e:02:40:67:b6:7b:61:8e:
c5:6e:ce:5c:da:6d:f6:cb:03:dc:55:60:4e:7d:55:e4:31:8d:
0d:a9:8e:8e:b7:4d:c5:0b:63:77:c0:14:6a:93:10:48:43:0f:
6c:60:bf:c1:15:0a:1f:ea:18:ce:fc:c9:70:47:36:a3:ed:f1:
58:c7:62:71:61:53:f2:38:5a:7c:ac:03:29:ee:be:0b:b8:b4:
5b:91:1e:e0:5d:ba:e5:5e:be:e9:f7:54:43:f7:1b:76:3d:44:
f1:6f:7c:9c:2c:4d:ae:3a:ef:e6:aa:47:0c:89:64:8c:5a:e8:
ce:eb:cd:7f:14:b4:83:f7:90:d5:ce:8e:ef:95:0f:b4:50:63:
43:be:17:77:8f:6f:dc:65:c9:fb:a4:64:db:87:00:76:41:d1:
dc:eb:b5:e4
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICNFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFDQjIxMTAvBgNVBAUTKEQ5RTlGOUY3M0VFNEY1QjFDREYxNzYyQzJERjM4MzI5
NTBBMzZCN0QwHhcNMjUwMjA0MTUwMDUzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyMmJhNS0xNGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3WJSobB/DX3CAXwP0SQGkrCrRp4a0wfuEgtzwyTUEXPbMfD2AmKexS1YaOHu
PegjmwFuroGQuO8KgjHwUWDLG8e9+xj7RMgb4V9n3QnIZR7ojSruyvRfvfQIF3MF
//BlQhHFWGHl2IyLdQZ8/N3qZz0AaboAwMwqyPgxffmuv1A8ydTC4VVRxRjhrjrs
VxIpsQepiM2ZnMx6RKoTICKHXtIUfiuFkd3yfvPdAhysY5HveBCthafxN5d2vndV
r359QnNZ98DlexvUSNAIWMEzS7iMyfvRN6Kew7tuE24t3csfF8ifkzXMUbxKev+u
kEjtefQg01rAqFjVJJHMtmxxVwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFADPHxAl
w4ZDQoREp8W6wG4kNDK9MB8GA1UdIwQYMBaAFNnp+fc+5PWxzfF2LC3zgylQo2t9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUNCMi8zN0Q1QTNERTFE
OUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azliSE44WFlzTGZPREtWQ2ph
MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJlbjU5ejdrOWJITjhYWXNMZk9ES1ZDamEzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFDQjIvMzdENUEzREUxRDlDMTFFMjg5MkU4QjhBMDhCMDJDRDIvNzZCNUM3NDRC
NDVFMTFFQUI3MURGOTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAItQIADBAJwjLgDBAO00sgwDQQCAAIwBwMFACQBwQAwDQYJ
KoZIhvcNAQELBQADggEBAExKo9BwH3waLrXQ8xJciNvIIQCbYHop1s/SZ2FOeiGH
xV6eJnBZikau+3/rsFI9aI1AzUXFyUKQKHjVfwWFgmInTtk5FVnNWmYGsfEqR2/F
aPKBKNFQldhxTGANBAZP93m72FxuAkBntnthjsVuzlzabfbLA9xVYE59VeQxjQ2p
jo63TcULY3fAFGqTEEhDD2xgv8EVCh/qGM78yXBHNqPt8VjHYnFhU/I4WnysAynu
vgu4tFuRHuBduuVevun3VEP3G3Y9RPFvfJwsTa467+aqRwyJZIxa6M7rzX8UtIP3
kNXOju+VD7RQY0O+F3ePb9xlyfukZNuHAHZB0dzrteQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:02:46 2025 by rpki-client