Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa
File: 8FF00754732F11EE90078C13C4F9AE02.roa (raw, json)
Hash identifier: FvhGoDcJkl/uVyMeuA2e84lQ0fEQXKW9fiAoOj29wy4=
Subject key identifier: D1:11:95:C0:2F:9B:A7:8A:4F:3A:76:42:93:E7:A7:63:D2:48:14:91
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3597
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa
Signing time: Wed 18 Dec 2024 14:40:36 +0000
ROA not before: Wed 18 Dec 2024 14:40:36 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 141342
IP address blocks: 116.90.96.0/24 maxlen: 24
116.90.97.0/24 maxlen: 24
116.90.98.0/24 maxlen: 24
116.90.99.0/24 maxlen: 24
116.90.102.0/24 maxlen: 24
116.90.103.0/24 maxlen: 24
116.90.104.0/24 maxlen: 24
116.90.112.0/24 maxlen: 24
116.90.113.0/24 maxlen: 24
116.90.114.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13719 (0x3597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E
Validity
Not Before: Dec 18 14:40:36 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762dee4-82e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:3e:e3:1f:e6:9d:ab:4b:9c:7f:e3:bc:1e:
71:d6:37:b6:ed:c8:12:c7:53:18:f6:97:c7:7b:01:
3b:a5:b5:a3:c7:42:90:a9:48:19:d3:63:2c:6e:83:
d9:f1:f8:d7:9b:1f:74:07:3d:2d:c2:5d:3d:b0:32:
b2:f8:0f:cd:35:78:45:55:6c:ac:a6:b7:82:44:21:
68:33:0f:59:b0:64:28:c7:8f:ec:f9:4c:38:66:04:
5a:06:7b:af:2d:dd:d1:9c:5a:77:f1:d7:ce:a6:19:
95:f7:99:de:06:2d:19:44:d3:e6:3f:94:5d:00:e3:
c4:27:17:24:e8:92:6c:6a:7c:1c:50:0e:e0:46:d3:
b1:c9:52:e8:ce:32:7a:4a:17:0f:63:a7:97:83:8c:
5d:84:ce:67:ec:28:21:90:44:f8:15:66:ce:ca:f1:
4d:84:ef:fc:30:4b:a3:5c:9e:9d:c4:43:a8:cf:78:
b6:78:ba:15:4b:02:e9:f1:e4:e3:67:00:5b:84:c1:
86:75:6a:50:de:86:01:8f:60:35:b9:1b:27:ee:17:
1e:a3:7b:53:9e:ec:88:3e:12:0f:ff:9e:18:e2:fd:
d4:12:dd:c5:6e:9f:77:a4:e6:d8:9c:86:15:10:27:
e5:16:20:f3:bd:80:5a:c6:50:92:28:19:62:e8:76:
92:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:11:95:C0:2F:9B:A7:8A:4F:3A:76:42:93:E7:A7:63:D2:48:14:91
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.96.0/22
116.90.102.0-116.90.104.255
116.90.112.0-116.90.114.255
Signature Algorithm: sha256WithRSAEncryption
ac:3e:75:3f:2f:2a:d1:cd:93:9a:cc:e4:82:6b:19:f2:6d:ae:
6e:0b:76:6b:34:d8:69:28:2d:b2:c2:f1:3c:34:b0:9b:68:af:
0e:0b:8c:95:53:42:5b:9d:16:0d:e2:e5:0a:a1:6c:8c:86:4c:
e2:0a:b7:40:19:a7:63:8f:c0:c2:ce:5d:85:09:ad:21:c0:34:
35:45:96:72:f3:63:08:ba:e5:12:a1:4e:17:4a:f7:4b:48:9d:
61:50:1d:86:14:50:9f:44:2e:a2:b8:94:26:d2:37:24:d6:63:
7f:12:c1:df:35:45:1b:ae:04:e0:1c:22:65:42:b0:6f:7a:e4:
20:bc:64:b9:15:d6:f2:9a:c5:06:81:05:dd:f6:22:c0:bc:5d:
e8:df:af:90:58:db:f6:b8:75:5c:20:04:12:46:ea:68:3f:57:
1b:4e:19:a8:40:14:61:7b:23:b0:42:34:b2:31:01:58:5f:5d:
a6:bc:41:45:64:27:56:1e:50:33:b0:d2:f7:d6:31:22:91:73:
14:d2:a6:f1:77:3f:4c:63:fb:c9:ff:75:e5:07:7f:18:8d:d3:
91:ba:23:50:15:51:08:98:8e:e4:82:73:ec:3d:df:df:4e:a0:
f0:29:5a:63:41:74:d1:02:aa:e3:e0:f6:fa:f2:e2:08:d2:cf:
87:55:46:fe
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICNZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQxMjE4MTQ0MDM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZGVlNC04MmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqII+4x/mnatLnH/jvB5x1je27cgSx1MY9pfHewE7pbWjx0KQqUgZ02MsboPZ
8fjXmx90Bz0twl09sDKy+A/NNXhFVWyspreCRCFoMw9ZsGQox4/s+Uw4ZgRaBnuv
Ld3RnFp38dfOphmV95neBi0ZRNPmP5RdAOPEJxck6JJsanwcUA7gRtOxyVLozjJ6
ShcPY6eXg4xdhM5n7CghkET4FWbOyvFNhO/8MEujXJ6dxEOoz3i2eLoVSwLp8eTj
ZwBbhMGGdWpQ3oYBj2A1uRsn7hceo3tTnuyIPhIP/54Y4v3UEt3Fbp93pObYnIYV
ECflFiDzvYBaxlCSKBli6HaSOwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFNERlcAv
m6eKTzp2QpPnp2PSSBSRMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvOEZGMDA3NTQ3
MzJGMTFFRTkwMDc4QzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIDBAJ0WmAwDAMEAXRaZgMEAHRaaDAMAwQEdFpwAwQAdFpyMA0G
CSqGSIb3DQEBCwUAA4IBAQCsPnU/LyrRzZOazOSCaxnyba5uC3ZrNNhpKC2ywvE8
NLCbaK8OC4yVU0JbnRYN4uUKoWyMhkziCrdAGadjj8DCzl2FCa0hwDQ1RZZy82MI
uuUSoU4XSvdLSJ1hUB2GFFCfRC6iuJQm0jck1mN/EsHfNUUbrgTgHCJlQrBveuQg
vGS5FdbymsUGgQXd9iLAvF3o36+QWNv2uHVcIAQSRupoP1cbThmoQBRheyOwQjSy
MQFYX12mvEFFZCdWHlAzsNL31jEikXMU0qbxdz9MY/vJ/3XlB38YjdORuiNQFVEI
mI7kgnPsPd/fTqDwKVpjQXTRAqrj4Pb68uII0s+HVUb+
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:35 2025 by rpki-client