Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/AD0EFB005DFD11EBAD26AA4BC4F9AE02.roa
File: AD0EFB005DFD11EBAD26AA4BC4F9AE02.roa (raw, json)
Hash identifier: KYrgpq+j2JdiosQSHACv2bRMY5BVzOvfLnyNf5narws=
Subject key identifier: 62:B1:F4:52:41:24:14:60:7F:F1:35:F5:E3:15:14:E2:64:3C:C6:B9
Certificate issuer: /CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480
Certificate serial: 0799
Authority key identifier: E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/AD0EFB005DFD11EBAD26AA4BC4F9AE02.roa
Signing time: Tue 10 Dec 2024 21:50:46 +0000
ROA not before: Tue 10 Dec 2024 21:50:46 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 10153
IP address blocks: 2406:9dc0:50::/44 maxlen: 48
2406:9dc0:1010::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1945 (0x799)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B625F
Validity
Not Before: Dec 10 21:50:46 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6758b7b6-bb08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:56:ef:38:87:a3:43:b1:f8:bd:38:2f:56:
32:e7:29:3c:a4:66:f1:ec:95:45:ae:a6:77:68:0f:
02:d0:de:74:01:55:61:07:d3:e1:93:14:6f:c4:97:
27:b7:43:2d:e8:72:0e:9b:40:3d:c0:e5:b4:22:83:
17:f8:2f:56:39:fe:66:7d:bc:c0:4d:aa:53:7b:27:
98:07:a7:a3:ad:fd:60:c3:36:f5:48:9d:1b:85:75:
98:47:61:f7:47:c0:fa:ca:75:0d:39:35:a4:77:6c:
4c:e9:8a:a8:7c:82:17:d1:7e:d9:40:23:95:2d:50:
ff:d1:08:78:b8:96:ce:8e:ef:a0:db:3d:ef:bf:e5:
0c:c3:88:70:49:38:98:05:dd:28:ad:db:63:c5:f4:
de:8b:61:fe:b6:13:0f:f5:98:1c:89:ce:f5:3e:6e:
05:61:1d:17:32:a1:2d:3d:84:40:d7:af:51:58:06:
ee:c8:a4:c4:b8:60:33:3e:89:a8:97:7d:23:ec:2e:
d9:e2:a7:a2:59:f0:0d:32:df:04:27:ee:e0:9f:96:
46:ec:f8:a5:54:d1:6d:b2:e0:e2:63:81:a5:3d:cb:
76:cd:69:44:1b:3c:bf:0d:98:d3:90:ab:34:4a:eb:
80:9e:2b:b9:39:6d:94:3a:10:77:e6:c3:d7:2f:9b:
3b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B1:F4:52:41:24:14:60:7F:F1:35:F5:E3:15:14:E2:64:3C:C6:B9
X509v3 Authority Key Identifier:
keyid:E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/AD0EFB005DFD11EBAD26AA4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:9dc0:50::/44
2406:9dc0:1010::/44
Signature Algorithm: sha256WithRSAEncryption
ae:a4:e9:c4:72:4a:9e:02:14:b4:47:c4:52:7d:d4:fb:3e:b0:
83:60:20:8e:3b:48:d3:ad:59:53:04:1a:47:58:0a:4f:de:cc:
de:30:80:7d:32:51:6d:a6:26:e3:86:06:4a:05:de:10:14:36:
ac:2c:72:ff:8e:ee:8d:30:0a:67:a2:d2:5c:5c:4d:9a:51:4d:
0a:80:a0:02:c0:ab:92:4e:26:bc:2e:21:1d:68:b4:3e:8d:ae:
5c:a9:0a:c5:39:70:55:40:31:6f:89:d9:b8:91:0a:97:69:2a:
05:d9:1c:bc:52:fb:d9:8c:6f:90:3e:ba:60:89:5b:80:f7:a6:
1c:d4:c8:5e:42:bc:69:fa:ea:49:d2:48:b4:5b:2c:12:bd:2c:
56:a1:88:e3:28:8b:21:2d:bb:ab:45:b4:72:f0:d4:11:d4:90:
eb:61:94:73:1e:d8:a5:bd:9a:cc:0d:c0:15:a6:ee:75:68:53:
c1:d5:f5:26:f2:b5:78:21:b4:ea:81:2f:2c:df:27:56:14:76:
be:37:e7:2d:92:41:7a:40:bb:48:bc:6e:28:bd:a9:fe:9b:02:
fe:26:fa:5e:8b:63:90:00:43:b0:58:f2:44:d9:1a:f5:26:98:
e0:b2:a0:35:8e:24:a3:e6:bc:26:54:4a:40:ae:22:17:8d:8c:
fe:68:e6:09
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB5kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjYyNUYxMTAvBgNVBAUTKEUxNTVCODJBODdEMjhFODc3NjAyRjk5NEY4RkZEM0U3
NDRBQUY0ODAwHhcNMjQxMjEwMjE1MDQ2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4YjdiNi1iYjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsQxW7ziHo0Ox+L04L1Yy5yk8pGbx7JVFrqZ3aA8C0N50AVVhB9PhkxRvxJcn
t0Mt6HIOm0A9wOW0IoMX+C9WOf5mfbzATapTeyeYB6ejrf1gwzb1SJ0bhXWYR2H3
R8D6ynUNOTWkd2xM6YqofIIX0X7ZQCOVLVD/0Qh4uJbOju+g2z3vv+UMw4hwSTiY
Bd0ordtjxfTei2H+thMP9Zgcic71Pm4FYR0XMqEtPYRA169RWAbuyKTEuGAzPomo
l30j7C7Z4qeiWfANMt8EJ+7gn5ZG7PilVNFtsuDiY4GlPct2zWlEGzy/DZjTkKs0
SuuAniu5OW2UOhB35sPXL5s7FQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGKx9FJB
JBRgf/E19eMVFOJkPMa5MB8GA1UdIwQYMBaAFOFVuCqH0o6HdgL5lPj/0+dEqvSA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjI1Ri8yMkQ5MUY3MjEx
Q0UxMUVCOEFEMDVBMkJDNEY5QUUwMi80Vlc0S29mU2pvZDJBdm1VLVBfVDUwU3E5
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRWVzRLb2ZTam9kMkF2bVUtUF9UNTBTcTlJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjYyNUYvMjJEOTFGNzIxMUNFMTFFQjhBRDA1QTJCQzRGOUFFMDIvQUQwRUZCMDA1
REZEMTFFQkFEMjZBQTRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwQkBp3AAFADBwQkBp3AEBAwDQYJKoZIhvcNAQELBQADggEB
AK6k6cRySp4CFLRHxFJ91Ps+sINgII47SNOtWVMEGkdYCk/ezN4wgH0yUW2mJuOG
BkoF3hAUNqwscv+O7o0wCmei0lxcTZpRTQqAoALAq5JOJrwuIR1otD6NrlypCsU5
cFVAMW+J2biRCpdpKgXZHLxS+9mMb5A+umCJW4D3phzUyF5CvGn66knSSLRbLBK9
LFahiOMoiyEtu6tFtHLw1BHUkOthlHMe2KW9mswNwBWm7nVoU8HV9SbytXghtOqB
LyzfJ1YUdr435y2SQXpAu0i8bii9qf6bAv4m+l6LY5AAQ7BY8kTZGvUmmOCyoDWO
JKPmvCZUSkCuIheNjP5o5gk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:52:14 2025 by rpki-client