Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0BA1/8CCE3EDA174311EE89A8FD2FC4F9AE02/8839CA50174911EEB005A134C4F9AE02.roa
File: 8839CA50174911EEB005A134C4F9AE02.roa (raw, json)
Hash identifier: Y/z+QgJxgPtT6JyUNYql0fBvgzOIBrxa3aegmRUI5GU=
Subject key identifier: C6:9C:9C:44:3F:57:C6:AC:A0:FD:D6:D7:29:A5:0D:75:E8:65:A5:9D
Certificate issuer: /CN=A91B0BA1/serialNumber=C1CB08AD3EB866D3CD647C135D0F52FAED2546C4
Certificate serial: 0135
Authority key identifier: C1:CB:08:AD:3E:B8:66:D3:CD:64:7C:13:5D:0F:52:FA:ED:25:46:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wcsIrT64ZtPNZHwTXQ9S-u0lRsQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0BA1/8CCE3EDA174311EE89A8FD2FC4F9AE02/8839CA50174911EEB005A134C4F9AE02.roa
Signing time: Thu 13 Feb 2025 05:36:48 +0000
ROA not before: Thu 13 Feb 2025 05:36:48 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 23732
IP address blocks: 202.162.160.0/24 maxlen: 24
202.162.163.0/24 maxlen: 24
202.162.164.0/24 maxlen: 24
202.162.168.0/24 maxlen: 24
202.162.172.0/24 maxlen: 24
202.162.174.0/24 maxlen: 24
202.162.175.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309 (0x135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0BA1
Validity
Not Before: Feb 13 05:36:48 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ad84f0-0186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3e:62:f0:a9:53:3e:ea:3d:15:83:b5:34:a3:
a9:66:b4:8a:28:86:f2:85:87:bc:cd:66:dd:de:96:
49:86:dc:2d:5b:32:4b:38:31:57:6d:73:6c:27:17:
ad:49:23:be:dd:33:03:13:94:3b:2d:5f:1e:1f:fa:
5f:7c:f8:43:b3:e4:8c:79:be:80:39:f9:15:f5:e8:
82:6d:21:0c:47:b6:44:b0:51:4b:5f:2f:84:0d:5d:
ff:ac:f9:b0:be:00:00:3e:46:0c:5e:79:70:cf:49:
ce:cf:d5:dc:b2:22:8c:0c:57:d6:2c:af:96:2c:1b:
b1:c1:48:4a:79:e3:de:f5:fc:17:05:d1:6a:ee:60:
e9:95:d0:ab:bd:44:d7:8b:59:44:60:ba:45:ae:3a:
c2:d2:6a:21:49:fa:16:25:54:5b:30:e7:2a:92:69:
52:a7:ea:cc:69:d3:6a:35:66:11:aa:5c:7b:c7:ee:
67:e4:cc:1c:88:9b:fe:3d:85:7c:81:37:e7:02:bd:
7c:15:bc:bc:67:27:17:28:6e:d5:d7:71:49:de:1d:
e8:b3:40:07:be:c6:10:35:9a:f2:9d:af:a4:05:3b:
7b:e2:a6:61:e2:93:12:08:b2:8f:4a:eb:d5:ef:02:
c3:13:1f:d3:f4:60:ba:32:b9:65:f6:e5:c7:5f:49:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9C:9C:44:3F:57:C6:AC:A0:FD:D6:D7:29:A5:0D:75:E8:65:A5:9D
X509v3 Authority Key Identifier:
keyid:C1:CB:08:AD:3E:B8:66:D3:CD:64:7C:13:5D:0F:52:FA:ED:25:46:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0BA1/8CCE3EDA174311EE89A8FD2FC4F9AE02/wcsIrT64ZtPNZHwTXQ9S-u0lRsQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wcsIrT64ZtPNZHwTXQ9S-u0lRsQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0BA1/8CCE3EDA174311EE89A8FD2FC4F9AE02/8839CA50174911EEB005A134C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.162.160.0/24
202.162.163.0-202.162.164.255
202.162.168.0/24
202.162.172.0/24
202.162.174.0/23
Signature Algorithm: sha256WithRSAEncryption
cf:6b:aa:86:83:ae:67:8b:23:7d:ca:c9:2c:fb:02:9f:18:16:
d1:15:28:3f:84:57:b3:19:6d:33:1c:f2:46:1b:91:6c:33:84:
b7:52:d9:b0:e8:e8:d4:c9:e4:83:bc:fc:23:20:fc:1f:89:29:
87:96:b4:0a:3e:16:f0:5d:d8:37:3a:62:97:b1:16:cf:42:36:
44:70:b7:b9:87:55:8d:fc:7d:20:41:6d:fd:2d:a4:bd:ae:ac:
d0:db:a5:ba:27:f2:8e:e7:ed:f1:55:0e:16:ac:f0:99:56:6f:
d8:a5:43:a5:f5:82:f8:5d:ac:e4:a8:bd:04:fa:5d:39:b7:24:
c9:78:e8:0f:0b:08:e4:fe:7e:ea:0b:84:d5:75:21:a5:e8:c8:
d5:32:1a:a1:01:38:b8:df:b1:cb:7d:75:e5:3c:eb:ec:ed:ba:
a1:a9:ae:84:40:fc:39:10:ed:28:ef:4f:33:e4:51:16:87:a2:
87:9d:b9:f9:56:d4:dc:52:85:24:73:e3:33:3d:26:b5:53:ec:
a0:c8:69:4e:a7:11:9f:b7:59:00:31:b0:32:0c:ea:8e:65:f2:
d6:8d:f2:13:a5:3d:78:08:aa:21:2c:e8:95:fe:ab:de:66:23:
6f:f7:4b:c2:77:27:40:b5:a9:70:96:8e:f2:fd:c6:1d:a1:f4:
4a:dd:40:09
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICATUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjBCQTExMTAvBgNVBAUTKEMxQ0IwOEFEM0VCODY2RDNDRDY0N0MxMzVEMEY1MkZB
RUQyNTQ2QzQwHhcNMjUwMjEzMDUzNjQ4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkODRmMC0wMTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1j5i8KlTPuo9FYO1NKOpZrSKKIbyhYe8zWbd3pZJhtwtWzJLODFXbXNsJxet
SSO+3TMDE5Q7LV8eH/pffPhDs+SMeb6AOfkV9eiCbSEMR7ZEsFFLXy+EDV3/rPmw
vgAAPkYMXnlwz0nOz9XcsiKMDFfWLK+WLBuxwUhKeePe9fwXBdFq7mDpldCrvUTX
i1lEYLpFrjrC0mohSfoWJVRbMOcqkmlSp+rMadNqNWYRqlx7x+5n5MwciJv+PYV8
gTfnAr18Fby8ZycXKG7V13FJ3h3os0AHvsYQNZryna+kBTt74qZh4pMSCLKPSuvV
7wLDEx/T9GC6Mrll9uXHX0nKDwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFMacnEQ/
V8asoP3W1ymlDXXoZaWdMB8GA1UdIwQYMBaAFMHLCK0+uGbTzWR8E10PUvrtJUbE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEJBMS84Q0NFM0VEQTE3
NDMxMUVFODlBOEZEMkZDNEY5QUUwMi93Y3NJclQ2NFp0UE5aSHdUWFE5Uy11MGxS
c1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3djc0lyVDY0WnRQTlpId1RYUTlTLXUwbFJzUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjBCQTEvOENDRTNFREExNzQzMTFFRTg5QThGRDJGQzRGOUFFMDIvODgzOUNBNTAx
NzQ5MTFFRUIwMDVBMTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBADKoqAwDAMEAMqiowMEAMqipAMEAMqiqAMEAMqirAMEAcqi
rjANBgkqhkiG9w0BAQsFAAOCAQEAz2uqhoOuZ4sjfcrJLPsCnxgW0RUoP4RXsxlt
MxzyRhuRbDOEt1LZsOjo1Mnkg7z8IyD8H4kph5a0Cj4W8F3YNzpil7EWz0I2RHC3
uYdVjfx9IEFt/S2kva6s0Nuluifyjuft8VUOFqzwmVZv2KVDpfWC+F2s5Ki9BPpd
ObckyXjoDwsI5P5+6guE1XUhpejI1TIaoQE4uN+xy3115Tzr7O26oamuhED8ORDt
KO9PM+RRFoeih525+VbU3FKFJHPjMz0mtVPsoMhpTqcRn7dZADGwMgzqjmXy1o3y
E6U9eAiqISzolf6r3mYjb/dLwncnQLWpcJaO8v3GHaH0St1ACQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:00 2025 by rpki-client