Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/69E6E12EDC9011EF9BE91E56C4F9AE02.roa
File: 69E6E12EDC9011EF9BE91E56C4F9AE02.roa (raw, json)
Hash identifier: cAYJAsveDaU7daevw1gSN5NU9WXBY8DFWS1w5jLRBMU=
Subject key identifier: 3A:F0:97:E2:96:C3:2D:D5:A1:FA:A5:2E:76:59:44:0E:1C:12:36:A0
Certificate issuer: /CN=A91BF312/serialNumber=F0297D0E4531A1D62A95AF5D2F22EF2408DAD29C
Certificate serial: 075C
Authority key identifier: F0:29:7D:0E:45:31:A1:D6:2A:95:AF:5D:2F:22:EF:24:08:DA:D2:9C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Cl9DkUxodYqla9dLyLvJAja0pw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/69E6E12EDC9011EF9BE91E56C4F9AE02.roa
Signing time: Mon 27 Jan 2025 09:23:48 +0000
ROA not before: Mon 27 Jan 2025 09:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147040
IP address blocks: 139.5.178.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1884 (0x75c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF312
Validity
Not Before: Jan 27 09:23:48 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679750a4-7ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:a9:38:22:86:45:28:f8:ae:75:ca:29:72:
54:68:c1:c0:fc:76:60:99:61:c0:af:30:64:f0:6f:
3b:3c:8e:aa:9e:86:2d:e5:23:64:7b:db:5e:7c:50:
7f:10:37:2d:49:62:d5:f7:d9:18:1c:fd:f4:3d:c3:
e2:2b:39:76:d4:cd:76:18:30:8a:64:f8:dd:d0:73:
2d:ad:9b:52:74:72:d0:7a:3b:05:8f:83:8f:49:90:
bf:25:08:fb:88:db:81:54:af:f8:25:03:bf:29:ca:
05:86:bd:fa:f3:eb:33:9b:a8:d7:4a:f7:a1:f6:ae:
25:39:16:87:7a:ed:15:93:24:7f:2a:8a:75:aa:5f:
08:e0:fb:e1:da:4a:cb:14:14:41:62:39:48:79:fe:
49:29:4b:f8:69:a0:0b:7d:51:f3:ed:fd:f1:ac:3c:
9d:77:20:89:1f:4e:05:89:14:6a:c3:10:41:37:34:
4d:2f:5d:5c:c9:d3:e9:34:fc:f2:bc:7c:f3:b1:17:
8a:4e:f6:04:7c:0d:a5:26:f4:84:fa:79:a8:ed:1d:
40:80:ad:73:a9:c7:ab:5a:1a:46:2f:5a:c4:d0:86:
b7:94:58:c8:ea:16:97:e4:28:a4:40:66:f6:da:67:
fb:4b:d4:8c:93:02:a0:47:e1:6f:12:b5:60:54:c5:
67:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F0:97:E2:96:C3:2D:D5:A1:FA:A5:2E:76:59:44:0E:1C:12:36:A0
X509v3 Authority Key Identifier:
keyid:F0:29:7D:0E:45:31:A1:D6:2A:95:AF:5D:2F:22:EF:24:08:DA:D2:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/8Cl9DkUxodYqla9dLyLvJAja0pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Cl9DkUxodYqla9dLyLvJAja0pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/69E6E12EDC9011EF9BE91E56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.5.178.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:50:39:82:36:e4:c6:55:3b:ec:66:b1:22:36:fa:6c:1e:d1:
65:71:9c:0d:1f:f2:af:a0:f7:46:2e:5e:7a:17:b3:80:1d:d0:
44:87:52:28:c6:a0:aa:dd:86:ea:75:05:e2:7a:e0:fa:6a:06:
09:07:30:df:aa:51:8c:b2:d5:5c:e4:90:b6:4c:86:dd:42:02:
fa:eb:a6:20:f2:a9:06:25:07:ce:06:89:73:04:c3:75:8c:27:
c1:2b:71:58:46:c9:de:7c:55:47:dd:e2:81:e6:42:6c:15:25:
1f:49:a0:a1:8b:58:d9:a3:a1:5b:46:21:4b:53:3d:35:08:29:
a5:b4:ba:a5:21:bd:fa:66:3b:bc:ac:28:9a:ca:ad:35:dd:78:
37:ac:de:88:aa:46:e8:25:8d:72:65:cb:16:a2:1b:99:62:80:
56:00:b7:a8:1b:d0:a0:64:09:b0:3d:e1:59:64:53:ca:3c:11:
86:64:15:1c:d0:e7:97:94:ae:5e:50:56:a9:fe:d8:2d:df:c9:
a4:5c:a2:0d:a6:80:74:3f:12:57:0e:f1:77:18:0f:0f:62:e1:
65:93:de:68:95:ba:13:78:9f:f0:ce:3b:14:5f:01:c4:41:5d:
ce:41:d7:35:b4:03:3e:08:df:cc:a2:a6:1c:82:e9:61:39:2f:
55:8e:c6:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB1wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkYzMTIxMTAvBgNVBAUTKEYwMjk3RDBFNDUzMUExRDYyQTk1QUY1RDJGMjJFRjI0
MDhEQUQyOUMwHhcNMjUwMTI3MDkyMzQ4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk3NTBhNC03ZWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqrOpOCKGRSj4rnXKKXJUaMHA/HZgmWHArzBk8G87PI6qnoYt5SNke9tefFB/
EDctSWLV99kYHP30PcPiKzl21M12GDCKZPjd0HMtrZtSdHLQejsFj4OPSZC/JQj7
iNuBVK/4JQO/KcoFhr368+szm6jXSveh9q4lORaHeu0VkyR/Kop1ql8I4Pvh2krL
FBRBYjlIef5JKUv4aaALfVHz7f3xrDyddyCJH04FiRRqwxBBNzRNL11cydPpNPzy
vHzzsReKTvYEfA2lJvSE+nmo7R1AgK1zqcerWhpGL1rE0Ia3lFjI6haX5CikQGb2
2mf7S9SMkwKgR+FvErVgVMVnCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDrwl+KW
wy3VofqlLnZZRA4cEjagMB8GA1UdIwQYMBaAFPApfQ5FMaHWKpWvXS8i7yQI2tKc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjMxMi9BQTkyQjk3ODBD
MjkxMUVCOTU0MERENjFDNEY5QUUwMi84Q2w5RGtVeG9kWXFsYTlkTHlMdkpBamEw
cHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhDbDlEa1V4b2RZcWxhOWRMeUx2SkFqYTBwdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkYzMTIvQUE5MkI5NzgwQzI5MTFFQjk1NDBERDYxQzRGOUFFMDIvNjlFNkUxMkVE
QzkwMTFFRjlCRTkxRTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACLBbIwDQYJKoZIhvcNAQELBQADggEBAB9QOYI25MZVO+xm
sSI2+mwe0WVxnA0f8q+g90YuXnoXs4Ad0ESHUijGoKrdhup1BeJ64PpqBgkHMN+q
UYyy1VzkkLZMht1CAvrrpiDyqQYlB84GiXMEw3WMJ8ErcVhGyd58VUfd4oHmQmwV
JR9JoKGLWNmjoVtGIUtTPTUIKaW0uqUhvfpmO7ysKJrKrTXdeDes3oiqRugljXJl
yxaiG5ligFYAt6gb0KBkCbA94VlkU8o8EYZkFRzQ55eUrl5QVqn+2C3fyaRcog2m
gHQ/ElcO8XcYDw9i4WWT3miVuhN4n/DOOxRfAcRBXc5B1zW0Az4I38yiphyC6WE5
L1WOxq0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:09:58 2025 by rpki-client