Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa
File: B757FF4EAB8311EA9983D717C4F9AE02.roa (raw, json)
Hash identifier: q5IkP0u3/4X3zrB3YXKIdUEoegOtePooQhqPih9d+0I=
Subject key identifier: 4C:C9:6A:E8:3B:AD:FF:78:31:57:B8:94:15:CD:F8:C3:69:4B:E4:EA
Certificate issuer: /CN=A91BCF31/serialNumber=5F8E4FD4A6DD635E43782E5A055622CAB2654A37
Certificate serial: 08BB
Authority key identifier: 5F:8E:4F:D4:A6:DD:63:5E:43:78:2E:5A:05:56:22:CA:B2:65:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa
Signing time: Mon 20 Jan 2025 20:19:49 +0000
ROA not before: Mon 20 Jan 2025 20:19:49 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 10109
IP address blocks: 119.40.96.0/21 maxlen: 21
119.40.96.0/24 maxlen: 24
119.40.97.0/24 maxlen: 24
119.40.98.0/24 maxlen: 24
119.40.99.0/24 maxlen: 24
119.40.100.0/24 maxlen: 24
119.40.101.0/24 maxlen: 24
119.40.102.0/24 maxlen: 24
119.40.103.0/24 maxlen: 24
2400:d4e0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2235 (0x8bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BCF31
Validity
Not Before: Jan 20 20:19:49 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678eafe5-4488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:17:70:b6:9a:a8:f1:b8:ba:55:96:b8:4d:25:
9f:a6:02:f2:ff:47:54:04:e2:b8:a3:28:d6:f6:87:
75:33:c2:d1:0c:7c:b9:4c:0f:ba:10:cf:f5:dc:b5:
41:a3:5d:8e:99:9b:e1:6a:44:79:5b:e2:39:60:ca:
be:ef:04:89:76:8e:fa:3d:3f:28:67:83:3d:8a:d9:
e5:52:5a:cc:bf:76:01:6d:99:66:03:e5:8c:d8:73:
b6:a8:ad:56:f3:b2:57:c2:f9:86:34:9b:0c:76:fc:
c8:22:bd:76:d4:b8:bb:1f:2b:97:03:0b:30:7e:6c:
4f:ff:00:f7:78:3c:fe:33:d2:50:be:2a:17:c3:24:
fd:8d:60:51:ea:06:51:f4:8b:af:1b:0f:24:73:cf:
ba:5c:8d:e5:cf:fb:4e:00:0a:b3:26:e8:5b:f8:5c:
ae:9e:b3:24:f6:20:6e:24:11:5a:39:72:c5:3a:23:
6b:7f:50:ae:cf:7d:26:29:29:cb:b8:ee:4b:47:f7:
13:b8:ca:96:fe:ce:58:33:91:06:b8:a0:64:e5:36:
31:27:ad:42:53:87:54:52:49:82:2b:83:e5:8d:df:
98:a9:cd:18:54:cd:6b:72:39:87:eb:ca:38:49:68:
25:c2:37:d2:e2:3d:14:e1:92:16:ca:62:77:ef:7f:
3c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C9:6A:E8:3B:AD:FF:78:31:57:B8:94:15:CD:F8:C3:69:4B:E4:EA
X509v3 Authority Key Identifier:
keyid:5F:8E:4F:D4:A6:DD:63:5E:43:78:2E:5A:05:56:22:CA:B2:65:4A:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/X45P1KbdY15DeC5aBVYiyrJlSjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.40.96.0/21
IPv6:
2400:d4e0::/32
Signature Algorithm: sha256WithRSAEncryption
20:ce:24:33:64:ec:df:f0:29:a8:11:1c:cd:97:5c:9b:4b:cf:
1c:a1:48:31:11:6e:c0:aa:ba:c5:25:16:60:96:52:c6:a4:ec:
45:e9:e1:25:14:d5:69:f9:31:01:b1:4e:e5:c0:14:9c:bc:c5:
54:36:8a:b3:b8:3f:f5:cb:23:78:86:95:4f:be:33:8d:8a:54:
0b:af:18:90:8b:ec:3b:43:54:63:b5:93:01:89:3d:64:be:af:
aa:08:57:b5:a2:aa:d4:40:59:db:0f:56:12:47:8c:e4:f7:1a:
f7:cc:56:15:ac:fb:1d:fb:8e:65:25:e2:5e:34:34:78:34:9a:
8f:7a:1d:fb:cd:02:8a:89:78:d9:72:99:d2:c0:49:88:80:f8:
2a:09:e6:0a:34:f9:18:7d:a0:28:8e:de:41:a0:ee:52:31:d2:
d5:66:bc:c3:77:9c:e3:fc:c2:aa:36:41:8e:60:eb:40:85:ad:
e3:7a:4d:31:30:4d:a3:ed:14:b7:8b:6a:d5:27:4d:46:53:b1:
ed:f3:21:20:b8:fc:c6:21:68:e9:5a:3e:8a:c1:d9:1d:61:95:
d4:88:ba:80:cd:d3:35:da:ef:d9:c4:b7:6b:2e:9f:ff:ef:e7:
e1:2c:16:5c:d1:80:cc:e2:43:a4:5d:c5:c4:8e:36:d5:6b:13:
f4:5d:23:4f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkNGMzExMTAvBgNVBAUTKDVGOEU0RkQ0QTZERDYzNUU0Mzc4MkU1QTA1NTYyMkNB
QjI2NTRBMzcwHhcNMjUwMTIwMjAxOTQ5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhlYWZlNS00NDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApBdwtpqo8bi6VZa4TSWfpgLy/0dUBOK4oyjW9od1M8LRDHy5TA+6EM/13LVB
o12OmZvhakR5W+I5YMq+7wSJdo76PT8oZ4M9itnlUlrMv3YBbZlmA+WM2HO2qK1W
87JXwvmGNJsMdvzIIr121Li7HyuXAwswfmxP/wD3eDz+M9JQvioXwyT9jWBR6gZR
9IuvGw8kc8+6XI3lz/tOAAqzJuhb+FyunrMk9iBuJBFaOXLFOiNrf1Cuz30mKSnL
uO5LR/cTuMqW/s5YM5EGuKBk5TYxJ61CU4dUUkmCK4Pljd+Yqc0YVM1rcjmH68o4
SWglwjfS4j0U4ZIWymJ37388OwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEzJaug7
rf94MVe4lBXN+MNpS+TqMB8GA1UdIwQYMBaAFF+OT9Sm3WNeQ3guWgVWIsqyZUo3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQ0YzMS9BRjdGRUQ2MkFB
NEUxMUVBOUQ4RUM3ODJDNEY5QUUwMi9YNDVQMUtiZFkxNURlQzVhQlZZaXlySmxT
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1g0NVAxS2JkWTE1RGVDNWFCVllpeXJKbFNqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkNGMzEvQUY3RkVENjJBQTRFMTFFQTlEOEVDNzgyQzRGOUFFMDIvQjc1N0ZGNEVB
QjgzMTFFQTk5ODNENzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAN3KGAwDQQCAAIwBwMFACQA1OAwDQYJKoZIhvcNAQELBQAD
ggEBACDOJDNk7N/wKagRHM2XXJtLzxyhSDERbsCqusUlFmCWUsak7EXp4SUU1Wn5
MQGxTuXAFJy8xVQ2irO4P/XLI3iGlU++M42KVAuvGJCL7DtDVGO1kwGJPWS+r6oI
V7WiqtRAWdsPVhJHjOT3GvfMVhWs+x37jmUl4l40NHg0mo96HfvNAoqJeNlymdLA
SYiA+CoJ5go0+Rh9oCiO3kGg7lIx0tVmvMN3nOP8wqo2QY5g60CFreN6TTEwTaPt
FLeLatUnTUZTse3zISC4/MYhaOlaPorB2R1hldSIuoDN0zXa79nEt2sun//v5+Es
FlzRgMziQ6RdxcSONtVrE/RdI08=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:06:03 2025 by rpki-client