Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/77D96D4A4F3411EFBA0A2659C4F9AE02.roa
File: 77D96D4A4F3411EFBA0A2659C4F9AE02.roa (raw, json)
Hash identifier: ol23eWYMbqFxa7AzTOzpz7Em2i4wKmL7cxMptLBFr00=
Subject key identifier: 2B:12:BE:F6:5D:1E:67:F0:ED:39:E4:F7:7D:D1:2F:BD:B8:68:E0:4F
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 359E
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/77D96D4A4F3411EFBA0A2659C4F9AE02.roa
Signing time: Wed 18 Dec 2024 14:40:42 +0000
ROA not before: Wed 18 Dec 2024 14:40:42 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45814
IP address blocks: 116.90.106.0/24 maxlen: 24
116.90.107.0/24 maxlen: 24
116.90.108.0/24 maxlen: 24
116.90.109.0/24 maxlen: 24
116.90.110.0/24 maxlen: 24
202.69.33.0/24 maxlen: 24
202.69.36.0/24 maxlen: 24
202.69.42.0/24 maxlen: 24
202.69.54.0/24 maxlen: 24
202.69.55.0/24 maxlen: 24
202.142.152.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13726 (0x359e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E
Validity
Not Before: Dec 18 14:40:42 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762dee9-9290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ce:a2:88:4d:e2:ad:67:04:f3:43:07:3c:29:
e8:a6:b9:d8:a8:bc:86:b6:c1:e0:8e:b8:62:46:e8:
7b:56:e6:81:ca:47:e9:0e:5e:5a:63:f9:a6:1b:70:
25:27:5a:36:5a:7a:da:45:6d:ff:62:1b:cf:db:d1:
b1:30:a3:2e:c8:f7:59:34:f6:b1:4d:98:6d:c6:8a:
94:1d:51:f7:e6:9d:13:12:8d:f2:7f:d3:d5:3a:d9:
97:45:03:2e:48:26:25:6a:16:b5:10:f7:dc:8e:8e:
53:a3:1c:32:36:03:92:8b:ed:48:85:2f:49:4c:8b:
03:46:d5:c8:a5:cd:eb:a7:cf:ab:df:48:12:d1:05:
e9:ab:ca:05:71:3f:df:db:49:1b:44:7e:71:18:4a:
e6:08:ff:e2:42:22:ff:f1:da:55:af:cc:47:ed:cf:
a5:06:61:4e:25:9a:ed:27:2b:30:a9:db:fd:f1:10:
52:ae:c3:2a:bf:9f:d8:c8:5c:2a:99:ca:c7:5a:cd:
ee:f3:51:52:31:0b:d4:3e:9a:d0:91:7a:a8:1a:3c:
16:a4:47:fa:13:1a:6e:bf:02:9c:00:f0:81:7d:08:
ae:a0:39:7f:ed:ba:61:29:75:2c:25:72:b4:73:51:
c6:fc:8e:76:4e:0d:4a:0b:71:0a:35:d5:c8:83:a6:
5f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:12:BE:F6:5D:1E:67:F0:ED:39:E4:F7:7D:D1:2F:BD:B8:68:E0:4F
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/77D96D4A4F3411EFBA0A2659C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.106.0-116.90.110.255
202.69.33.0/24
202.69.36.0/24
202.69.42.0/24
202.69.54.0/23
202.142.152.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:9b:cb:b5:80:87:63:ee:d6:f5:af:0c:b7:e1:01:f9:bf:04:
47:ff:e4:27:42:80:f5:9d:3a:5b:03:d2:12:14:71:1d:55:a8:
f2:4e:df:80:ac:0b:b1:eb:38:21:13:d0:c0:88:79:20:0c:03:
81:38:58:c6:69:e6:77:c2:17:30:5c:b1:44:f8:4d:c2:e2:97:
34:d4:90:25:32:3b:c1:d8:2b:73:81:13:2a:c1:de:e3:e5:de:
19:66:02:91:71:8f:ae:eb:ee:39:23:f8:9d:4d:c1:e8:fb:38:
1d:9d:33:c0:f7:12:64:56:8a:23:f9:5d:35:6d:f3:e2:c4:2a:
97:2c:b6:00:e8:1e:1c:65:e2:27:00:5e:59:32:ab:ae:73:c4:
50:b0:17:7d:6e:3d:fc:d5:e7:7a:03:88:5a:cd:06:31:dd:99:
a4:5d:a5:05:72:f0:17:e6:f8:fa:2e:ad:3c:10:16:d2:ca:98:
b5:c2:ee:99:6d:78:c9:7d:5a:9d:b3:77:63:a8:41:df:1b:c9:
7e:c6:bc:45:6d:da:cc:a1:c3:79:5a:d6:95:40:11:33:31:f6:
43:4d:9a:7e:63:4e:09:5e:41:6e:1e:60:bf:fa:42:e3:17:d9:
8e:6b:a2:83:a9:a2:ec:55:f9:93:9a:eb:58:7c:ee:1f:52:d4:
e9:c3:09:ec
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICNZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQxMjE4MTQ0MDQyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZGVlOS05MjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArs6iiE3irWcE80MHPCnoprnYqLyGtsHgjrhiRuh7VuaBykfpDl5aY/mmG3Al
J1o2WnraRW3/YhvP29GxMKMuyPdZNPaxTZhtxoqUHVH35p0TEo3yf9PVOtmXRQMu
SCYlaha1EPfcjo5ToxwyNgOSi+1IhS9JTIsDRtXIpc3rp8+r30gS0QXpq8oFcT/f
20kbRH5xGErmCP/iQiL/8dpVr8xH7c+lBmFOJZrtJyswqdv98RBSrsMqv5/YyFwq
mcrHWs3u81FSMQvUPprQkXqoGjwWpEf6ExpuvwKcAPCBfQiuoDl/7bphKXUsJXK0
c1HG/I52Tg1KC3EKNdXIg6ZfUwIDAQABo4ICuzCCArcwHQYDVR0OBBYEFCsSvvZd
Hmfw7Tnk933RL724aOBPMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvNzdEOTZENEE0
RjM0MTFFRkJBMEEyNjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwwDAMEAXRaagMEAHRabgMEAMpFIQMEAMpFJAMEAMpFKgMEAcpF
NgMEAMqOmDANBgkqhkiG9w0BAQsFAAOCAQEAD5vLtYCHY+7W9a8Mt+EB+b8ER//k
J0KA9Z06WwPSEhRxHVWo8k7fgKwLses4IRPQwIh5IAwDgThYxmnmd8IXMFyxRPhN
wuKXNNSQJTI7wdgrc4ETKsHe4+XeGWYCkXGPruvuOSP4nU3B6Ps4HZ0zwPcSZFaK
I/ldNW3z4sQqlyy2AOgeHGXiJwBeWTKrrnPEULAXfW49/NXnegOIWs0GMd2ZpF2l
BXLwF+b4+i6tPBAW0sqYtcLumW14yX1anbN3Y6hB3xvJfsa8RW3azKHDeVrWlUAR
MzH2Q02afmNOCV5Bbh5gv/pC4xfZjmuig6mi7FX5k5rrWHzuH1LU6cMJ7A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:03 2025 by rpki-client