Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/4F6721CEB84B11EAB6247B7AC4F9AE02.roa
File: 4F6721CEB84B11EAB6247B7AC4F9AE02.roa (raw, json)
Hash identifier: coEgjngsR/Ce6vFWSBZaZ5rCfdvEVYlwbgZyFrxHv0s=
Subject key identifier: 88:8D:10:5E:4A:CB:F4:A6:9B:5C:D7:87:DE:62:71:FF:0B:31:9C:FE
Certificate issuer: /CN=A91B37E3/serialNumber=A7570DCF3720A8D5A8856A4BB6583F1BAEAE0093
Certificate serial: 0C57
Authority key identifier: A7:57:0D:CF:37:20:A8:D5:A8:85:6A:4B:B6:58:3F:1B:AE:AE:00:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p1cNzzcgqNWohWpLtlg_G66uAJM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/4F6721CEB84B11EAB6247B7AC4F9AE02.roa
Signing time: Fri 14 Feb 2025 19:09:47 +0000
ROA not before: Fri 14 Feb 2025 19:09:47 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 139856
IP address blocks: 115.127.38.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3159 (0xc57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B37E3
Validity
Not Before: Feb 14 19:09:47 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67af94fb-d97d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:cd:2c:7a:e1:e8:4f:74:3c:a2:f8:48:8d:88:
65:cd:1d:dd:ba:d1:51:fe:ea:b0:54:7d:56:bc:90:
d0:a6:92:8f:a1:d2:d3:fa:d9:10:35:9d:a3:44:83:
71:77:7f:b7:82:ba:a7:d4:f5:dd:97:be:41:cf:f9:
cd:f9:c6:61:b1:bc:47:05:f6:dd:cf:fd:39:45:11:
d2:bf:a6:18:18:73:c0:d0:a8:0c:46:98:89:c7:b0:
48:c0:ad:76:67:c3:4f:8a:df:22:cd:49:58:e7:4b:
5f:eb:d5:9a:7e:63:01:ee:d0:aa:f2:e6:34:1d:74:
37:81:0a:27:69:e7:fa:27:ad:b7:02:d3:40:8c:e2:
98:7c:cb:a9:f9:ff:68:4d:25:8d:5b:76:4a:f1:85:
4c:65:61:a1:e9:2c:e2:7c:cd:f1:fe:7e:53:3d:f7:
cf:ef:5f:44:47:aa:76:36:5f:1c:16:1c:09:b2:f6:
2d:8d:98:8c:25:53:61:59:cb:16:4e:23:59:e9:e8:
ee:14:d8:e3:40:3d:8c:75:c2:6c:2a:aa:08:6b:27:
12:02:c4:01:52:b9:33:ad:f6:5b:36:f8:e4:d1:fb:
07:c4:ff:9d:c0:30:f4:f0:ba:86:01:f6:9b:a4:05:
1a:da:d1:7e:03:50:00:67:02:75:2d:8d:b9:0c:2e:
e2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8D:10:5E:4A:CB:F4:A6:9B:5C:D7:87:DE:62:71:FF:0B:31:9C:FE
X509v3 Authority Key Identifier:
keyid:A7:57:0D:CF:37:20:A8:D5:A8:85:6A:4B:B6:58:3F:1B:AE:AE:00:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/p1cNzzcgqNWohWpLtlg_G66uAJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p1cNzzcgqNWohWpLtlg_G66uAJM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/4F6721CEB84B11EAB6247B7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.127.38.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:ea:20:50:c7:68:bc:20:88:51:0f:ae:6f:3d:e8:5f:28:80:
78:9e:b4:b8:b5:2b:2b:dd:d9:78:8c:bb:06:41:0f:0d:e3:bb:
27:43:05:ea:b3:71:52:eb:93:0e:51:28:e6:47:82:7f:89:b8:
f6:e6:28:a9:02:1b:8b:ab:da:98:25:c8:f6:2b:8a:40:3d:2a:
c4:d3:73:9a:ce:c4:15:36:19:95:ff:73:c0:3f:b8:b4:8f:ce:
e8:6b:87:3d:2a:05:6c:b1:cb:d4:a7:6c:db:2b:50:3f:0e:fd:
7b:9b:ab:79:e1:0b:40:c8:b0:c8:56:bf:35:49:97:9f:8a:06:
34:96:82:cd:07:59:23:b0:3e:59:43:da:5b:f0:10:e6:05:fc:
ad:f2:0f:e0:34:7c:f5:ce:71:4c:77:ed:1f:c7:a1:b7:d2:6e:
68:be:4f:a4:00:da:8c:49:12:92:9b:49:9c:0e:08:cd:54:8d:
8d:b2:ab:a3:e2:2e:3b:e9:30:a4:7e:57:83:c9:57:4c:c1:42:
6f:60:b4:7d:bf:6d:51:29:b7:fb:21:9a:f6:23:12:e8:14:29:
74:7c:d6:29:13:dc:72:99:74:bf:1f:ab:fa:bb:a1:f3:1d:48:
19:17:c9:6c:d8:f3:c3:5d:eb:ad:43:99:98:52:17:87:6d:06:
a5:4e:7a:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDFcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjM3RTMxMTAvBgNVBAUTKEE3NTcwRENGMzcyMEE4RDVBODg1NkE0QkI2NTgzRjFC
QUVBRTAwOTMwHhcNMjUwMjE0MTkwOTQ3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FmOTRmYi1kOTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA980seuHoT3Q8ovhIjYhlzR3dutFR/uqwVH1WvJDQppKPodLT+tkQNZ2jRINx
d3+3grqn1PXdl75Bz/nN+cZhsbxHBfbdz/05RRHSv6YYGHPA0KgMRpiJx7BIwK12
Z8NPit8izUlY50tf69WafmMB7tCq8uY0HXQ3gQonaef6J623AtNAjOKYfMup+f9o
TSWNW3ZK8YVMZWGh6SzifM3x/n5TPffP719ER6p2Nl8cFhwJsvYtjZiMJVNhWcsW
TiNZ6ejuFNjjQD2MdcJsKqoIaycSAsQBUrkzrfZbNvjk0fsHxP+dwDD08LqGAfab
pAUa2tF+A1AAZwJ1LY25DC7iSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIiNEF5K
y/Smm1zXh95icf8LMZz+MB8GA1UdIwQYMBaAFKdXDc83IKjVqIVqS7ZYPxuurgCT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzdFMy8wQUZFQTdDRTAz
QTAxMUVBQjRDNUQyN0NDNEY5QUUwMi9wMWNOenpjZ3FOV29oV3BMdGxnX0c2NnVB
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3AxY056emNncU5Xb2hXcEx0bGdfRzY2dUFKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjM3RTMvMEFGRUE3Q0UwM0EwMTFFQUI0QzVEMjdDQzRGOUFFMDIvNEY2NzIxQ0VC
ODRCMTFFQUI2MjQ3QjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABzfyYwDQYJKoZIhvcNAQELBQADggEBAC/qIFDHaLwgiFEP
rm896F8ogHietLi1Kyvd2XiMuwZBDw3juydDBeqzcVLrkw5RKOZHgn+JuPbmKKkC
G4ur2pglyPYrikA9KsTTc5rOxBU2GZX/c8A/uLSPzuhrhz0qBWyxy9SnbNsrUD8O
/Xubq3nhC0DIsMhWvzVJl5+KBjSWgs0HWSOwPllD2lvwEOYF/K3yD+A0fPXOcUx3
7R/HobfSbmi+T6QA2oxJEpKbSZwOCM1UjY2yq6PiLjvpMKR+V4PJV0zBQm9gtH2/
bVEpt/shmvYjEugUKXR81ikT3HKZdL8fq/q7ofMdSBkXyWzY88Nd661DmZhSF4dt
BqVOeqo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:52:51 2025 by rpki-client