Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/09E2DC32B12B11E59337F35AC4F9AE02.roa
File: 09E2DC32B12B11E59337F35AC4F9AE02.roa (raw, json)
Hash identifier: cZP7pPe4Y/msfUjF/3Xl+aRlpqp1LPFsqoN3iYA504I=
Subject key identifier: 18:AE:B1:D1:BB:68:BD:44:04:04:F0:47:22:E8:28:E6:BC:FF:89:57
Certificate issuer: /CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490
Certificate serial: 34A0
Authority key identifier: 70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/09E2DC32B12B11E59337F35AC4F9AE02.roa
Signing time: Tue 14 Jan 2025 14:30:09 +0000
ROA not before: Tue 14 Jan 2025 14:30:09 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 23905
IP address blocks: 202.36.141.0/24 maxlen: 24
2404:2000::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13472 (0x34a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE85E
Validity
Not Before: Jan 14 14:30:09 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678674f1-85da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6c:b0:79:6f:da:db:80:50:01:3a:fd:60:16:
a4:42:01:28:60:1a:c0:bc:e6:60:ab:51:39:0b:1a:
de:b7:cd:58:d1:d4:04:99:69:0c:b9:87:92:af:a6:
46:53:9d:51:c6:6d:06:84:55:cc:7c:57:a6:23:b6:
84:5f:b3:84:0a:59:e4:f7:67:0d:43:66:4c:84:1c:
bd:98:b4:1c:84:18:8b:38:f4:07:e4:69:88:db:66:
86:fa:d1:9c:7a:f4:96:5d:84:1d:a2:1b:32:65:a6:
ed:3a:98:5a:3a:aa:a9:ee:f8:04:9b:f2:53:29:ac:
cd:d5:4d:14:f9:d5:ce:ed:2a:db:33:3b:90:34:aa:
36:a1:5d:59:a1:db:d8:ca:30:38:91:b7:e0:83:d5:
1f:bb:cb:ce:36:c8:08:bb:eb:43:7d:c3:ea:03:44:
97:e7:0b:33:8f:aa:cd:de:18:ba:dc:ef:d2:74:fa:
16:5f:3d:ec:4e:95:c8:9b:7c:8e:db:08:83:cf:f9:
0d:ea:73:ac:cf:ff:23:e8:cb:e3:01:c8:94:16:60:
6b:14:df:d1:6d:21:4a:ef:5a:72:ff:3e:a8:75:6f:
06:19:f5:cb:ce:d3:bf:4a:97:a4:1b:5c:ae:3b:f2:
af:8a:fa:54:56:4c:e3:ff:c9:b7:e2:6a:26:82:c9:
70:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:AE:B1:D1:BB:68:BD:44:04:04:F0:47:22:E8:28:E6:BC:FF:89:57
X509v3 Authority Key Identifier:
keyid:70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/09E2DC32B12B11E59337F35AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.36.141.0/24
IPv6:
2404:2000::/32
Signature Algorithm: sha256WithRSAEncryption
73:1d:41:b3:10:c7:bc:db:a8:2f:5d:44:7e:69:91:e4:f1:17:
d2:c9:07:81:86:5e:6c:a7:a9:b4:49:5e:1a:af:3f:fb:7c:35:
03:24:0d:cc:6c:15:06:e6:7a:31:d1:20:98:b0:bd:1b:4b:63:
39:eb:36:00:f3:a6:9e:1f:ac:6c:f2:00:d1:b8:88:7f:42:7c:
1b:3d:cf:cd:99:26:1c:83:a4:1e:dc:a8:64:00:b9:ab:f8:cc:
9e:21:3a:b3:38:e8:bd:c7:5e:23:41:96:bc:93:46:a8:65:b6:
ae:83:ce:63:13:cf:d2:1b:79:66:f4:c5:c2:75:34:19:c3:a5:
17:3b:e3:f1:51:40:fe:38:a9:5a:2d:b8:5c:9e:fe:7b:a8:7c:
10:c1:54:40:4e:60:5a:5e:b8:85:70:8b:49:b0:dc:64:18:78:
71:04:c8:58:58:18:cf:64:1b:8b:df:df:a0:4f:1e:64:9c:bc:
9e:db:32:dc:5d:7f:24:b7:ec:05:ee:77:e6:75:2e:f3:f1:0c:
64:a7:1a:33:ef:8f:4d:22:79:c8:69:0b:b5:96:27:89:0a:2d:
95:56:c1:70:8c:57:e7:2d:e0:f4:79:bb:ff:08:77:ad:30:2f:
0c:1d:f2:87:1d:87:33:e4:ec:5b:09:b1:79:e7:5d:7f:80:2c:
32:87:8b:06
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICNKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU4NUUxMTAvBgNVBAUTKDcwOTc2NUM3RDREMzMxRjRDMzZBQzZCRTM0N0ZBNjZB
MUYwMjM0OTAwHhcNMjUwMTE0MTQzMDA5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2NzRmMS04NWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3GyweW/a24BQATr9YBakQgEoYBrAvOZgq1E5Cxret81Y0dQEmWkMuYeSr6ZG
U51Rxm0GhFXMfFemI7aEX7OEClnk92cNQ2ZMhBy9mLQchBiLOPQH5GmI22aG+tGc
evSWXYQdohsyZabtOphaOqqp7vgEm/JTKazN1U0U+dXO7SrbMzuQNKo2oV1ZodvY
yjA4kbfgg9Ufu8vONsgIu+tDfcPqA0SX5wszj6rN3hi63O/SdPoWXz3sTpXIm3yO
2wiDz/kN6nOsz/8j6MvjAciUFmBrFN/RbSFK71py/z6odW8GGfXLztO/SpekG1yu
O/KvivpUVkzj/8m34momgslwKQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBiusdG7
aL1EBATwRyLoKOa8/4lXMB8GA1UdIwQYMBaAFHCXZcfU0zH0w2rGvjR/pmofAjSQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8wQkVEMzUyNjFE
NkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1mVERhc2EtTkgtbWFoOENO
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NKZGx4OVRUTWZURGFzYS1OSC1tYWg4Q05KQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU4NUUvMEJFRDM1MjYxRDZFMTFFMkIwNEE2MUFGMDhCMDJDRDIvMDlFMkRDMzJC
MTJCMTFFNTkzMzdGMzVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBADKJI0wDQQCAAIwBwMFACQEIAAwDQYJKoZIhvcNAQELBQAD
ggEBAHMdQbMQx7zbqC9dRH5pkeTxF9LJB4GGXmynqbRJXhqvP/t8NQMkDcxsFQbm
ejHRIJiwvRtLYznrNgDzpp4frGzyANG4iH9CfBs9z82ZJhyDpB7cqGQAuav4zJ4h
OrM46L3HXiNBlryTRqhltq6DzmMTz9IbeWb0xcJ1NBnDpRc74/FRQP44qVotuFye
/nuofBDBVEBOYFpeuIVwi0mw3GQYeHEEyFhYGM9kG4vf36BPHmScvJ7bMtxdfyS3
7AXud+Z1LvPxDGSnGjPvj00iechpC7WWJ4kKLZVWwXCMV+ct4PR5u/8Id60wLwwd
8ocdhzPk7FsJsXnnXX+ALDKHiwY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:58:00 2025 by rpki-client