Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/4B2AFD54ABA611EEA4B59A6AC4F9AE02.roa
File: 4B2AFD54ABA611EEA4B59A6AC4F9AE02.roa (raw, json)
Hash identifier: 92OU291hR0YIYqWJJIcvZXszn84NKrAjVspQkxjVbEI=
Subject key identifier: 4A:CA:B4:53:55:98:42:1A:43:0C:9D:84:9E:2B:B7:96:A8:C5:8D:8F
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3596
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/4B2AFD54ABA611EEA4B59A6AC4F9AE02.roa
Signing time: Wed 18 Dec 2024 14:40:35 +0000
ROA not before: Wed 18 Dec 2024 14:40:35 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 141215
IP address blocks: 116.90.119.0/24 maxlen: 24
202.142.155.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13718 (0x3596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E
Validity
Not Before: Dec 18 14:40:35 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762dee3-afc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:d1:6b:08:43:ca:5b:09:ce:90:5e:40:4a:
d6:e5:44:ec:a0:75:71:cc:ff:52:63:c5:24:9a:23:
44:94:4d:2c:32:a6:02:9f:02:a2:61:ea:a5:42:c2:
99:95:29:d2:aa:b9:04:d7:a3:96:b2:ad:74:f9:cc:
b0:47:f0:57:d1:f7:ef:2d:f1:bd:4d:69:16:92:13:
f0:56:4d:f5:08:3f:0a:3d:68:0e:f6:c5:f1:e7:78:
93:33:07:12:c8:67:d5:2a:de:ee:26:29:29:dc:a7:
17:cd:db:78:48:02:f6:de:2a:ae:7e:6e:03:a2:99:
67:8c:2a:76:19:6f:9f:96:6a:f5:5f:4b:71:70:79:
54:b1:3b:0e:9b:a9:5c:d5:ca:43:8a:b3:ba:6f:6a:
c0:63:51:21:8c:54:53:5b:0f:77:b5:8c:76:2c:58:
a9:61:9d:b4:5b:17:51:fd:83:11:e8:af:4b:c7:e4:
ed:4e:38:92:f0:99:d0:75:09:b9:ee:e6:09:68:c2:
24:cc:7d:7a:d7:2a:40:72:3c:84:41:39:02:45:c9:
5d:4f:95:be:a1:6d:3b:3a:e8:5c:b7:95:36:72:c7:
f4:ab:df:50:3e:61:0e:b7:2b:aa:29:bf:f1:61:aa:
17:49:16:2c:ac:b3:44:9f:f9:b9:d4:61:bf:b8:86:
1e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:CA:B4:53:55:98:42:1A:43:0C:9D:84:9E:2B:B7:96:A8:C5:8D:8F
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/4B2AFD54ABA611EEA4B59A6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.119.0/24
202.142.155.0/24
Signature Algorithm: sha256WithRSAEncryption
87:6a:12:63:a6:05:db:00:d3:9c:c3:94:2e:c0:ed:91:86:28:
00:90:46:59:84:1e:94:03:75:b0:83:e3:22:49:36:32:87:19:
84:06:3b:c4:33:22:e6:fb:52:73:e9:b8:95:fd:ff:b6:2d:93:
5d:ec:04:d8:f1:db:71:32:3f:91:a9:5a:a4:7d:d5:f9:6b:86:
0b:63:44:46:56:44:70:25:e0:e2:c0:0a:2b:0b:d6:2e:a4:05:
d8:be:66:db:cf:79:59:04:fd:79:8d:c6:41:4c:03:09:33:12:
a2:e5:d8:e7:b8:6b:66:ef:11:83:8f:9a:f5:c7:d7:70:ea:3d:
59:f5:bf:42:25:b1:aa:a8:eb:23:7b:2a:4a:b3:eb:4e:d3:0b:
a2:12:ac:0e:5c:87:bd:89:5b:61:4d:b8:13:50:72:54:8d:30:
ae:f6:41:df:37:8b:da:f4:5c:41:95:d2:f6:2f:7b:71:b3:5c:
e7:27:6b:e5:7e:46:87:2d:aa:ce:61:75:11:f6:b4:68:81:51:
89:25:38:ac:50:80:98:3a:10:b6:f8:79:26:db:83:25:19:1e:
3d:9b:f0:5a:65:62:ad:20:a0:72:47:c1:e7:ab:55:4a:32:16:
7d:6d:e0:bf:30:cb:23:ec:2a:29:14:4c:d5:9a:4f:c6:9f:4d:
c4:e3:fe:f3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQxMjE4MTQ0MDM1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZGVlMy1hZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs7DRawhDylsJzpBeQErW5UTsoHVxzP9SY8UkmiNElE0sMqYCnwKiYeqlQsKZ
lSnSqrkE16OWsq10+cywR/BX0ffvLfG9TWkWkhPwVk31CD8KPWgO9sXx53iTMwcS
yGfVKt7uJikp3KcXzdt4SAL23iqufm4DoplnjCp2GW+flmr1X0txcHlUsTsOm6lc
1cpDirO6b2rAY1EhjFRTWw93tYx2LFipYZ20WxdR/YMR6K9Lx+TtTjiS8JnQdQm5
7uYJaMIkzH161ypAcjyEQTkCRcldT5W+oW07Ouhct5U2csf0q99QPmEOtyuqKb/x
YaoXSRYsrLNEn/m51GG/uIYe9QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFErKtFNV
mEIaQwydhJ4rt5aoxY2PMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvNEIyQUZENTRB
QkE2MTFFRUE0QjU5QTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB0WncDBADKjpswDQYJKoZIhvcNAQELBQADggEBAIdqEmOm
BdsA05zDlC7A7ZGGKACQRlmEHpQDdbCD4yJJNjKHGYQGO8QzIub7UnPpuJX9/7Yt
k13sBNjx23EyP5GpWqR91flrhgtjREZWRHAl4OLACisL1i6kBdi+ZtvPeVkE/XmN
xkFMAwkzEqLl2Oe4a2bvEYOPmvXH13DqPVn1v0Ilsaqo6yN7Kkqz607TC6ISrA5c
h72JW2FNuBNQclSNMK72Qd83i9r0XEGV0vYve3GzXOcna+V+Roctqs5hdRH2tGiB
UYklOKxQgJg6ELb4eSbbgyUZHj2b8FplYq0goHJHweerVUoyFn1t4L8wyyPsKikU
TNWaT8afTcTj/vM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:45:07 2025 by rpki-client