Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/F255E05612DB11EBBE14D853C4F9AE02.roa
File: F255E05612DB11EBBE14D853C4F9AE02.roa (raw, json)
Hash identifier: CoOgUqT0FD59n+BELVSjes/s0qoXYfrPfM4+T31Fkoo=
Subject key identifier: 3C:78:C2:E1:0C:21:4C:15:21:06:55:E5:5C:40:00:A9:F2:13:CB:55
Certificate issuer: /CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480
Certificate serial: 079F
Authority key identifier: E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/F255E05612DB11EBBE14D853C4F9AE02.roa
Signing time: Tue 10 Dec 2024 21:50:51 +0000
ROA not before: Tue 10 Dec 2024 21:50:51 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 209557
IP address blocks: 2406:9dc0:40::/44 maxlen: 44
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1951 (0x79f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B625F
Validity
Not Before: Dec 10 21:50:51 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6758b7bb-63df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:a4:75:41:82:f1:84:83:19:5a:e1:c6:ea:
9b:96:4f:cb:31:da:9e:4e:7d:f2:2d:e5:f3:3f:11:
98:02:ff:54:c3:4e:f2:72:b3:9c:65:00:5f:eb:46:
c9:62:d3:82:0f:03:68:5d:d7:5d:0b:78:d9:1c:52:
9b:42:a3:ee:57:52:e6:7a:2c:3e:e7:2b:43:1f:4c:
78:b8:6a:35:a5:bb:57:7c:a9:0a:cd:6d:88:3d:bb:
bc:f1:20:04:ed:09:cb:c7:b4:40:45:10:d9:32:b3:
7f:b3:52:42:4f:d0:01:5a:34:ab:e1:b6:58:04:29:
e1:e8:5d:fc:36:d0:9d:23:ba:51:0c:55:02:3e:55:
f0:87:c5:76:8e:bb:36:28:9b:c7:63:70:2f:ed:e7:
ad:28:b9:f7:b4:1e:3b:6a:4f:0c:2b:d4:da:f5:b1:
bd:ac:39:02:52:15:e0:77:3f:69:45:9a:c4:d7:7b:
e1:53:2c:92:ba:6a:d6:a7:51:d3:8f:fb:be:11:fc:
36:2c:e3:07:83:50:ca:f5:e4:e3:48:36:86:61:59:
8f:b8:43:67:b1:b5:94:4c:af:d1:4d:30:5c:a6:1b:
b1:17:c9:66:b6:bb:63:f4:2b:61:35:a9:90:9e:6b:
79:fc:92:bf:6f:fc:5e:40:1b:72:4e:6c:7f:ba:f1:
96:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:78:C2:E1:0C:21:4C:15:21:06:55:E5:5C:40:00:A9:F2:13:CB:55
X509v3 Authority Key Identifier:
keyid:E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/F255E05612DB11EBBE14D853C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:9dc0:40::/44
Signature Algorithm: sha256WithRSAEncryption
14:0b:a3:d9:b2:c5:15:e8:f7:48:47:20:4c:39:2c:44:ad:1a:
9b:66:5f:43:7a:d8:38:07:cd:ef:b9:9e:57:c3:15:83:35:09:
66:d5:f8:6f:9d:5f:8a:c4:74:74:56:d2:38:24:5d:60:75:0c:
f1:10:20:36:98:7e:76:0c:30:60:c4:61:44:67:a8:c9:0b:0c:
43:8c:f5:6c:77:9c:37:3d:c6:6a:a1:f4:6d:b6:d5:5c:03:39:
36:d2:bf:10:c7:ad:88:e9:8b:b3:73:27:85:be:e3:30:16:72:
af:60:57:1e:9c:44:4d:0e:2b:0b:b2:f0:11:ed:8e:1f:10:df:
98:fe:fa:c0:68:8c:d4:70:5c:e5:11:65:6d:c5:a2:9b:89:d8:
4d:38:8b:81:61:2a:13:37:a6:52:58:c4:2b:22:c2:38:a1:e1:
42:61:3d:1d:60:04:c3:5b:89:29:6c:80:53:c8:5a:0d:7d:07:
ff:f0:42:38:dd:a0:cc:13:67:32:b5:66:40:74:f0:12:4f:e0:
fb:d5:14:87:97:64:b9:38:cd:9e:4f:cd:91:33:ef:1a:31:a4:
86:15:00:1c:a9:a9:16:91:da:2e:37:95:3d:51:88:39:1d:18:
9d:3c:70:16:ff:6e:54:9b:74:62:b5:12:af:d4:ee:db:0e:1e:
83:46:4e:b4
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICB58wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjYyNUYxMTAvBgNVBAUTKEUxNTVCODJBODdEMjhFODc3NjAyRjk5NEY4RkZEM0U3
NDRBQUY0ODAwHhcNMjQxMjEwMjE1MDUxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4YjdiYi02M2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuzukdUGC8YSDGVrhxuqblk/LMdqeTn3yLeXzPxGYAv9Uw07ycrOcZQBf60bJ
YtOCDwNoXdddC3jZHFKbQqPuV1Lmeiw+5ytDH0x4uGo1pbtXfKkKzW2IPbu88SAE
7QnLx7RARRDZMrN/s1JCT9ABWjSr4bZYBCnh6F38NtCdI7pRDFUCPlXwh8V2jrs2
KJvHY3Av7eetKLn3tB47ak8MK9Ta9bG9rDkCUhXgdz9pRZrE13vhUyySumrWp1HT
j/u+Efw2LOMHg1DK9eTjSDaGYVmPuENnsbWUTK/RTTBcphuxF8lmtrtj9CthNamQ
nmt5/JK/b/xeQBtyTmx/uvGW6QIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDx4wuEM
IUwVIQZV5VxAAKnyE8tVMB8GA1UdIwQYMBaAFOFVuCqH0o6HdgL5lPj/0+dEqvSA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjI1Ri8yMkQ5MUY3MjEx
Q0UxMUVCOEFEMDVBMkJDNEY5QUUwMi80Vlc0S29mU2pvZDJBdm1VLVBfVDUwU3E5
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRWVzRLb2ZTam9kMkF2bVUtUF9UNTBTcTlJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjYyNUYvMjJEOTFGNzIxMUNFMTFFQjhBRDA1QTJCQzRGOUFFMDIvRjI1NUUwNTYx
MkRCMTFFQkJFMTREODUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBp3AAEAwDQYJKoZIhvcNAQELBQADggEBABQLo9myxRXo
90hHIEw5LEStGptmX0N62DgHze+5nlfDFYM1CWbV+G+dX4rEdHRW0jgkXWB1DPEQ
IDaYfnYMMGDEYURnqMkLDEOM9Wx3nDc9xmqh9G221VwDOTbSvxDHrYjpi7NzJ4W+
4zAWcq9gVx6cRE0OKwuy8BHtjh8Q35j++sBojNRwXOURZW3FopuJ2E04i4FhKhM3
plJYxCsiwjih4UJhPR1gBMNbiSlsgFPIWg19B//wQjjdoMwTZzK1ZkB08BJP4PvV
FIeXZLk4zZ5PzZEz7xoxpIYVABypqRaR2i43lT1RiDkdGJ08cBb/blSbdGK1Eq/U
7tsOHoNGTrQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:09 2025 by rpki-client