Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BADCE/0F7281BC3AF411EC89CE072FC4F9AE02/56C4925E3B0711EC9715501EC4F9AE02.roa
File: 56C4925E3B0711EC9715501EC4F9AE02.roa (raw, json)
Hash identifier: oDzQn6Tfe+0V7n96miKc49I7ez/O5lqHHOWuhAa+pbE=
Subject key identifier: D5:29:62:60:C7:D4:6E:A7:4D:74:9F:82:00:91:D8:F4:45:27:09:DC
Certificate issuer: /CN=A91BADCE/serialNumber=D79A8C7705E2419EAB42953B6BC8A57206BAC626
Certificate serial: 046F
Authority key identifier: D7:9A:8C:77:05:E2:41:9E:AB:42:95:3B:6B:C8:A5:72:06:BA:C6:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15qMdwXiQZ6rQpU7a8ilcga6xiY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BADCE/0F7281BC3AF411EC89CE072FC4F9AE02/56C4925E3B0711EC9715501EC4F9AE02.roa
Signing time: Tue 25 Feb 2025 00:30:21 +0000
ROA not before: Tue 25 Feb 2025 00:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23669
IP address blocks: 202.14.138.0/23 maxlen: 23
202.93.160.0/19 maxlen: 24
203.18.22.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1135 (0x46f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BADCE
Validity
Not Before: Feb 25 00:30:21 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67bd0f1c-232a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:65:4c:97:bb:2c:7a:55:81:1b:97:d3:3f:35:
7b:c7:1c:3f:35:94:67:c2:f3:a8:7e:34:52:be:e0:
86:e7:6b:ff:02:a1:25:e8:56:70:49:69:53:71:2f:
a5:55:c1:5b:f5:f3:5d:87:85:61:38:af:51:aa:4c:
d7:cc:12:3a:12:9e:f5:51:51:25:03:42:53:a8:ac:
b3:a7:4c:e8:1e:92:54:12:40:6e:e8:87:e1:d0:1b:
51:34:9d:9d:06:28:5f:22:3f:da:bd:88:f9:b7:f1:
21:10:57:8f:46:1c:0c:3c:bc:1f:98:ca:31:66:49:
30:95:7b:23:8b:61:ed:5c:0e:ea:1d:f0:56:9e:a3:
e6:e9:3c:fc:dd:bd:ec:1a:3e:76:d9:87:8d:f1:fd:
73:5e:8d:47:e9:ab:a7:f1:9d:a2:85:b4:e8:52:46:
4b:39:7e:5f:dd:76:3e:a2:75:1f:0e:6f:23:83:f4:
2f:45:08:6c:1e:d7:7e:ab:30:82:a3:c2:24:58:b3:
eb:e1:5e:1d:d8:64:2b:f2:03:31:f8:50:4a:d5:29:
c8:6b:ac:1a:e5:a7:0f:4b:09:1a:d2:88:44:6b:7d:
54:d4:2a:d4:ec:0d:55:99:50:e6:43:4e:32:b6:c6:
4e:ab:e8:5f:2e:5d:79:ea:35:98:cd:1d:71:44:9c:
e9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:29:62:60:C7:D4:6E:A7:4D:74:9F:82:00:91:D8:F4:45:27:09:DC
X509v3 Authority Key Identifier:
keyid:D7:9A:8C:77:05:E2:41:9E:AB:42:95:3B:6B:C8:A5:72:06:BA:C6:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BADCE/0F7281BC3AF411EC89CE072FC4F9AE02/15qMdwXiQZ6rQpU7a8ilcga6xiY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15qMdwXiQZ6rQpU7a8ilcga6xiY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BADCE/0F7281BC3AF411EC89CE072FC4F9AE02/56C4925E3B0711EC9715501EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.14.138.0/23
202.93.160.0/19
203.18.22.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:3c:69:07:a3:8c:43:1a:52:ac:e2:5b:07:bf:ff:04:92:fa:
3b:89:3c:12:6e:ad:d2:68:e7:1a:e5:8f:2b:f0:4e:32:18:01:
18:28:93:06:6b:99:ce:dc:ce:b8:63:cf:26:9b:c2:8c:db:74:
cf:75:b2:8a:43:68:a3:f9:f2:44:28:ff:bc:ac:60:6d:46:57:
c6:e6:76:cd:0b:79:58:04:f1:5e:0c:22:f1:10:84:0a:e9:48:
8d:26:40:45:e9:05:fc:fd:99:1f:c4:50:c6:80:2e:f2:21:bc:
c7:06:ef:dc:c1:db:cb:97:08:b0:69:99:33:04:2e:b3:e8:c9:
6f:9d:28:87:3d:3e:98:63:fe:79:93:a1:d9:af:f1:07:dd:e6:
7e:87:92:8d:83:74:17:e4:da:ea:e1:65:99:1a:8d:0f:7c:9c:
62:9b:21:c4:c3:ca:6c:be:07:7f:16:27:35:ad:e6:3e:68:7f:
a9:ec:24:59:e8:6d:ed:90:a2:f7:cb:f1:0c:82:14:fa:c4:6b:
95:ce:36:ef:87:cf:be:f2:64:76:15:b6:c5:6d:ed:97:9f:cc:
ad:86:b5:73:90:4d:1c:72:28:41:b8:03:b3:66:a6:04:ab:ed:
cb:27:31:c7:06:b0:56:65:5c:a7:5b:5a:ed:a5:fb:77:ff:09:
58:85:f4:d8
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBG8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkFEQ0UxMTAvBgNVBAUTKEQ3OUE4Qzc3MDVFMjQxOUVBQjQyOTUzQjZCQzhBNTcy
MDZCQUM2MjYwHhcNMjUwMjI1MDAzMDIxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JkMGYxYy0yMzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1GVMl7sselWBG5fTPzV7xxw/NZRnwvOofjRSvuCG52v/AqEl6FZwSWlTcS+l
VcFb9fNdh4VhOK9RqkzXzBI6Ep71UVElA0JTqKyzp0zoHpJUEkBu6Ifh0BtRNJ2d
BihfIj/avYj5t/EhEFePRhwMPLwfmMoxZkkwlXsji2HtXA7qHfBWnqPm6Tz83b3s
Gj522YeN8f1zXo1H6aun8Z2ihbToUkZLOX5f3XY+onUfDm8jg/QvRQhsHtd+qzCC
o8IkWLPr4V4d2GQr8gMx+FBK1SnIa6wa5acPSwka0ohEa31U1CrU7A1VmVDmQ04y
tsZOq+hfLl156jWYzR1xRJzpkwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNUpYmDH
1G6nTXSfggCR2PRFJwncMB8GA1UdIwQYMBaAFNeajHcF4kGeq0KVO2vIpXIGusYm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQURDRS8wRjcyODFCQzNB
RjQxMUVDODlDRTA3MkZDNEY5QUUwMi8xNXFNZHdYaVFaNnJRcFU3YThpbGNnYTZ4
aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzE1cU1kd1hpUVo2clFwVTdhOGlsY2dhNnhpWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkFEQ0UvMEY3MjgxQkMzQUY0MTFFQzg5Q0UwNzJGQzRGOUFFMDIvNTZDNDkyNUUz
QjA3MTFFQzk3MTU1MDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAHKDooDBAXKXaADBADLEhYwDQYJKoZIhvcNAQELBQADggEB
AKI8aQejjEMaUqziWwe//wSS+juJPBJurdJo5xrljyvwTjIYARgokwZrmc7czrhj
zyabwozbdM91sopDaKP58kQo/7ysYG1GV8bmds0LeVgE8V4MIvEQhArpSI0mQEXp
Bfz9mR/EUMaALvIhvMcG79zB28uXCLBpmTMELrPoyW+dKIc9Pphj/nmTodmv8Qfd
5n6Hko2DdBfk2urhZZkajQ98nGKbIcTDymy+B38WJzWt5j5of6nsJFnobe2QovfL
8QyCFPrEa5XONu+Hz77yZHYVtsVt7ZefzK2GtXOQTRxyKEG4A7NmpgSr7csnMccG
sFZlXKdbWu2l+3f/CViF9Ng=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:32:24 2025 by rpki-client