Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3A26/561D9224929C11EB957A5D5DC4F9AE02/63D1B4C0929E11EBABC48F60C4F9AE02.roa
File: 63D1B4C0929E11EBABC48F60C4F9AE02.roa (raw, json)
Hash identifier: U7lR5/SoTUzZ7N5QnHfDmyPvzjrTN8A2EyZWFjyTSno=
Subject key identifier: CD:06:3C:AF:F9:1A:E1:A4:96:E9:EA:CC:8D:4B:1E:5C:FD:AD:9D:96
Certificate issuer: /CN=A91D3A26/serialNumber=BEAFC7BABCB7D78D9E190820F6EB2C7F28BB5D88
Certificate serial: 05EF
Authority key identifier: BE:AF:C7:BA:BC:B7:D7:8D:9E:19:08:20:F6:EB:2C:7F:28:BB:5D:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vq_Hury3142eGQgg9ussfyi7XYg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3A26/561D9224929C11EB957A5D5DC4F9AE02/63D1B4C0929E11EBABC48F60C4F9AE02.roa
Signing time: Thu 02 Jan 2025 22:22:18 +0000
ROA not before: Thu 02 Jan 2025 22:22:18 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133116
IP address blocks: 203.28.115.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1519 (0x5ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3A26
Validity
Not Before: Jan 2 22:22:18 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6777119a-a0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c8:34:72:02:b5:96:10:e1:e8:06:ed:63:ce:
be:62:b3:56:7f:f4:ab:f8:52:8a:98:50:ac:9b:cd:
a6:c8:87:dc:2d:74:9e:a0:3f:0c:3a:c7:5c:8d:97:
10:5d:65:6b:4a:cb:15:91:18:01:2e:58:c1:94:82:
7e:80:fd:7b:88:5c:5f:bb:fc:20:3d:77:63:32:70:
7b:d5:59:2b:55:fb:ee:ba:94:e5:0e:f6:9d:ab:44:
f2:ad:92:32:0c:78:ec:85:dc:9d:99:40:a2:3d:08:
9d:ce:cb:f3:e1:d7:e7:d1:7a:97:41:8f:43:e3:2c:
cf:c6:fc:3c:94:0c:47:a1:e3:be:2b:85:e0:e9:e5:
3a:c1:75:6f:ba:35:e8:90:e1:86:67:59:3e:f2:1d:
f7:fc:8b:3e:16:46:51:f6:cc:11:31:9f:de:0a:6d:
c3:a6:ad:38:20:e1:0b:1d:b7:00:08:81:de:37:30:
aa:5a:be:18:a5:8d:c4:98:7c:c7:87:d7:00:b8:c9:
7e:95:79:1d:50:63:16:19:dc:c8:a4:6b:f7:17:32:
5b:c9:25:e9:6e:fb:a5:7d:e0:c6:09:62:89:48:8b:
df:6d:5f:41:2e:e5:cf:43:c3:9b:8c:d4:c6:d5:ec:
5f:ba:43:46:72:78:65:1c:bb:5b:01:6d:5f:d6:b9:
a8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:06:3C:AF:F9:1A:E1:A4:96:E9:EA:CC:8D:4B:1E:5C:FD:AD:9D:96
X509v3 Authority Key Identifier:
keyid:BE:AF:C7:BA:BC:B7:D7:8D:9E:19:08:20:F6:EB:2C:7F:28:BB:5D:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3A26/561D9224929C11EB957A5D5DC4F9AE02/vq_Hury3142eGQgg9ussfyi7XYg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vq_Hury3142eGQgg9ussfyi7XYg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3A26/561D9224929C11EB957A5D5DC4F9AE02/63D1B4C0929E11EBABC48F60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.28.115.0/24
Signature Algorithm: sha256WithRSAEncryption
12:81:6b:5a:79:a5:88:12:63:a7:26:72:f8:b3:01:95:3c:e5:
2e:6a:48:99:7a:2a:48:e3:97:d3:ca:05:63:6d:2b:09:9b:d3:
af:af:20:ed:f9:f1:e4:56:d2:93:b5:12:8d:a4:f6:d5:84:78:
97:8f:75:1b:4c:39:1d:41:d5:ab:16:5d:e1:71:c7:f6:b5:7d:
31:3b:ac:30:4f:27:d8:93:d5:3e:4c:8f:07:fd:eb:f0:da:ba:
01:00:d6:c1:a4:d5:99:28:5a:24:3e:40:d6:c5:c5:fd:60:02:
74:c2:32:a5:8d:76:62:cf:0d:ab:e8:48:ec:33:c4:35:5e:01:
b6:d9:c0:d9:f8:ab:17:5d:a5:34:b0:65:a2:e7:5c:da:ce:32:
ec:2b:a7:8c:43:b2:9d:ac:e1:a2:b7:30:5d:8e:8f:7c:8d:61:
ef:24:96:7f:68:56:5b:a4:c6:20:9a:33:44:2a:0b:e5:c9:1b:
44:46:28:50:a8:1d:15:b7:57:81:0d:17:6c:84:91:5b:e6:91:
db:e4:44:29:9d:83:fb:53:d0:b0:c9:55:d1:0c:bc:bb:fa:6d:
8a:6e:4e:8e:5b:75:3b:a1:77:bb:fd:1e:cc:77:7a:27:67:91:
97:53:c2:7c:f3:25:07:d5:7e:9d:df:0d:83:26:f2:f3:ae:e9:
3b:ef:2c:74
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDNBMjYxMTAvBgNVBAUTKEJFQUZDN0JBQkNCN0Q3OEQ5RTE5MDgyMEY2RUIyQzdG
MjhCQjVEODgwHhcNMjUwMTAyMjIyMjE4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3MTE5YS1hMGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqsg0cgK1lhDh6AbtY86+YrNWf/Sr+FKKmFCsm82myIfcLXSeoD8MOsdcjZcQ
XWVrSssVkRgBLljBlIJ+gP17iFxfu/wgPXdjMnB71VkrVfvuupTlDvadq0TyrZIy
DHjshdydmUCiPQidzsvz4dfn0XqXQY9D4yzPxvw8lAxHoeO+K4Xg6eU6wXVvujXo
kOGGZ1k+8h33/Is+FkZR9swRMZ/eCm3Dpq04IOELHbcACIHeNzCqWr4YpY3EmHzH
h9cAuMl+lXkdUGMWGdzIpGv3FzJbySXpbvulfeDGCWKJSIvfbV9BLuXPQ8ObjNTG
1exfukNGcnhlHLtbAW1f1rmoKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM0GPK/5
GuGklunqzI1LHlz9rZ2WMB8GA1UdIwQYMBaAFL6vx7q8t9eNnhkIIPbrLH8ou12I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0EyNi81NjFEOTIyNDky
OUMxMUVCOTU3QTVENURDNEY5QUUwMi92cV9IdXJ5MzE0MmVHUWdnOXVzc2Z5aTdY
WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZxX0h1cnkzMTQyZUdRZ2c5dXNzZnlpN1hZZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDNBMjYvNTYxRDkyMjQ5MjlDMTFFQjk1N0E1RDVEQzRGOUFFMDIvNjNEMUI0QzA5
MjlFMTFFQkFCQzQ4RjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLHHMwDQYJKoZIhvcNAQELBQADggEBABKBa1p5pYgSY6cm
cvizAZU85S5qSJl6Kkjjl9PKBWNtKwmb06+vIO358eRW0pO1Eo2k9tWEeJePdRtM
OR1B1asWXeFxx/a1fTE7rDBPJ9iT1T5Mjwf96/DaugEA1sGk1ZkoWiQ+QNbFxf1g
AnTCMqWNdmLPDavoSOwzxDVeAbbZwNn4qxddpTSwZaLnXNrOMuwrp4xDsp2s4aK3
MF2Oj3yNYe8kln9oVlukxiCaM0QqC+XJG0RGKFCoHRW3V4ENF2yEkVvmkdvkRCmd
g/tT0LDJVdEMvLv6bYpuTo5bdTuhd7v9Hsx3eidnkZdTwnzzJQfVfp3fDYMm8vOu
6TvvLHQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:51 2025 by rpki-client