Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8673F05C816911EF9022F40CC4F9AE02.roa
File: 8673F05C816911EF9022F40CC4F9AE02.roa (raw, json)
Hash identifier: Lvob14CywzAMuxThU8EVo51F2cECjcbnduJBtYIJSBI=
Subject key identifier: 42:BB:BF:58:65:2E:00:18:16:94:BA:D1:AD:2D:96:4B:0B:D4:9C:FE
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 01FD
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8673F05C816911EF9022F40CC4F9AE02.roa
Signing time: Thu 03 Oct 2024 09:26:10 +0000
ROA not before: Thu 03 Oct 2024 09:26:10 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 149977
IP address blocks: 203.21.72.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 509 (0x1fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A
Validity
Not Before: Oct 3 09:26:10 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66fe6332-0f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:72:82:d8:76:6e:46:98:49:e6:06:76:51:67:
9b:0e:55:38:25:7a:ce:a9:34:2f:45:7c:bf:42:e8:
56:45:9b:9c:48:31:6a:73:35:9d:ea:cd:1d:30:c7:
53:cf:0b:83:9c:91:af:56:01:01:23:02:b9:4f:c9:
cd:2d:45:cb:59:8e:ff:10:96:4c:30:c2:7c:9d:1e:
68:ae:d4:ff:f4:0a:52:61:b2:6e:b3:79:36:ee:db:
bd:a8:cb:94:dd:f5:79:2c:65:d3:6e:0d:76:9c:dc:
25:19:f8:d2:d8:19:79:9d:28:c0:93:cb:a7:ac:d5:
77:49:75:f4:5b:04:7e:c5:98:14:83:88:a0:2b:6c:
ce:b8:68:bd:f4:19:34:e2:2a:e3:80:ad:df:7b:17:
57:f8:ec:f7:75:10:20:6c:90:c7:bf:2c:eb:75:69:
e1:3e:c1:46:18:e6:dd:33:95:78:41:b3:5c:a0:db:
0b:d3:8b:d2:89:b7:33:30:5b:26:b8:59:69:6d:b8:
84:30:94:d2:5e:03:e5:37:72:50:04:ed:ce:c3:0a:
7b:cd:6e:4d:eb:33:ee:7b:a4:a7:e7:42:f4:cd:3f:
d4:dd:b9:14:1d:45:90:b6:89:97:57:b6:8a:00:c2:
e5:b5:53:95:b6:25:f2:e9:d9:c6:19:85:32:b2:0a:
58:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BB:BF:58:65:2E:00:18:16:94:BA:D1:AD:2D:96:4B:0B:D4:9C:FE
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/8673F05C816911EF9022F40CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.72.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:29:2f:7d:57:e9:bc:6e:5b:89:2c:ac:a9:17:c5:ac:bc:6d:
85:a2:3a:db:53:01:7c:72:c2:9e:76:51:b5:4b:0f:b9:67:ba:
61:67:93:69:03:3a:d5:e9:cf:8d:6b:46:76:fb:11:06:67:09:
1d:12:2b:45:85:9c:43:cd:68:36:bb:51:2a:7b:a1:21:07:b3:
00:b1:e0:af:b8:35:0e:6f:da:a3:05:ea:0a:b3:b4:b0:ca:b2:
2d:b5:b6:ba:73:31:6b:41:84:fd:e8:10:6b:55:13:fc:41:92:
72:25:7e:ae:cd:50:b8:e9:ac:d3:aa:ee:ad:48:55:df:56:e8:
49:e2:d6:52:1a:1c:35:90:17:3c:54:af:af:46:0c:02:a8:31:
f1:ca:2c:27:91:ea:b8:4d:48:9f:9f:25:36:b2:85:69:c4:49:
e9:ae:6c:b0:38:9d:67:49:d7:86:1c:53:7c:ea:26:11:d9:c7:
c1:e9:f4:b8:54:9e:83:f2:ee:f9:85:6b:b5:1b:8e:14:cb:41:
5d:a2:f5:04:b4:63:28:86:c5:fa:54:6e:be:c5:f9:33:c8:0b:
dc:f7:3a:4d:76:12:02:ce:1a:f8:5d:b4:c1:23:ed:36:cd:68:
ef:a8:76:ed:01:e6:ed:80:39:ff:b6:cc:62:a8:0c:f8:5a:12:
e2:90:58:79
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjQxMDAzMDkyNjEwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZlNjMzMi0wZjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm3KC2HZuRphJ5gZ2UWebDlU4JXrOqTQvRXy/QuhWRZucSDFqczWd6s0dMMdT
zwuDnJGvVgEBIwK5T8nNLUXLWY7/EJZMMMJ8nR5ortT/9ApSYbJus3k27tu9qMuU
3fV5LGXTbg12nNwlGfjS2Bl5nSjAk8unrNV3SXX0WwR+xZgUg4igK2zOuGi99Bk0
4irjgK3fexdX+Oz3dRAgbJDHvyzrdWnhPsFGGObdM5V4QbNcoNsL04vSibczMFsm
uFlpbbiEMJTSXgPlN3JQBO3Owwp7zW5N6zPue6Sn50L0zT/U3bkUHUWQtomXV7aK
AMLltVOVtiXy6dnGGYUysgpYYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEK7v1hl
LgAYFpS60a0tlksL1Jz+MB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvODY3M0YwNUM4
MTY5MTFFRjkwMjJGNDBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLFUgwDQYJKoZIhvcNAQELBQADggEBAI0pL31X6bxuW4ks
rKkXxay8bYWiOttTAXxywp52UbVLD7lnumFnk2kDOtXpz41rRnb7EQZnCR0SK0WF
nEPNaDa7USp7oSEHswCx4K+4NQ5v2qMF6gqztLDKsi21trpzMWtBhP3oEGtVE/xB
knIlfq7NULjprNOq7q1IVd9W6Eni1lIaHDWQFzxUr69GDAKoMfHKLCeR6rhNSJ+f
JTayhWnESemubLA4nWdJ14YcU3zqJhHZx8Hp9LhUnoPy7vmFa7UbjhTLQV2i9QS0
YyiGxfpUbr7F+TPIC9z3Ok12EgLOGvhdtMEj7TbNaO+odu0B5u2AOf+2zGKoDPha
EuKQWHk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:03:50 2025 by rpki-client