Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/284AFDA0F86011EE8DCC542DC4F9AE02.roa
File: 284AFDA0F86011EE8DCC542DC4F9AE02.roa (raw, json)
Hash identifier: GME0AYTBrW8DD6pyDO4sFetMz8DMX5l1xlxEQF+DkVw=
Subject key identifier: A9:80:73:1C:99:42:A5:81:4D:82:45:69:83:0D:38:26:0F:98:78:9F
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 0853
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/284AFDA0F86011EE8DCC542DC4F9AE02.roa
Signing time: Thu 27 Mar 2025 23:52:15 +0000
ROA not before: Thu 27 Mar 2025 23:52:15 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 9313
IP address blocks: 1.178.175.0/24 maxlen: 24
1.179.62.0/24 maxlen: 24
1.179.63.0/24 maxlen: 24
110.238.147.0/24 maxlen: 24
110.238.148.0/22 maxlen: 24
110.239.0.0/21 maxlen: 24
110.239.15.0/24 maxlen: 24
110.239.16.0/23 maxlen: 24
110.239.26.0/24 maxlen: 24
110.239.31.0/24 maxlen: 24
110.239.136.0/21 maxlen: 24
110.239.177.0/24 maxlen: 24
110.239.179.0/24 maxlen: 24
110.239.180.0/24 maxlen: 24
110.239.181.0/24 maxlen: 24
110.239.182.0/24 maxlen: 24
110.239.183.0/24 maxlen: 24
119.13.179.0/24 maxlen: 24
123.200.132.0/23 maxlen: 24
123.200.170.0/24 maxlen: 24
123.200.171.0/24 maxlen: 24
123.200.173.0/24 maxlen: 24
123.200.176.0/24 maxlen: 24
123.200.177.0/24 maxlen: 24
123.200.178.0/24 maxlen: 24
123.200.184.0/23 maxlen: 24
202.183.103.0/24 maxlen: 24
202.183.109.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2131 (0x853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE
Validity
Not Before: Mar 27 23:52:15 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67e5e4ae-6768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4a:b9:cf:9f:51:89:c7:d7:e0:0e:ba:29:20:
d2:63:da:92:0a:d2:09:82:fa:1f:71:ea:6e:cf:28:
ce:58:71:af:e1:f7:76:f1:47:fd:1b:3f:e9:5b:0f:
a7:2c:fa:f5:a4:54:5e:bb:e5:12:cf:fd:73:87:82:
23:2b:1d:d2:7e:4b:54:c7:4b:c1:4c:38:28:12:b4:
88:cb:6a:59:7b:d6:b6:c4:5a:2f:81:11:9f:54:d0:
2d:18:77:53:7b:10:e1:93:8a:27:5e:12:03:34:35:
63:6c:cc:2f:1f:5a:ba:3a:6a:e6:cf:ad:b1:c3:d6:
3a:4a:18:40:55:c1:bd:b0:d6:fa:d1:6c:09:33:3b:
c4:55:90:13:f8:cd:53:38:4c:d0:76:b9:e6:c3:d7:
2a:f9:e4:51:ef:bf:1a:c1:b6:6b:da:43:3e:ba:16:
e6:54:9a:38:78:b5:13:b6:82:9f:c4:01:f8:25:ab:
9e:9c:1d:f6:9c:2b:6b:1c:45:4b:d4:c1:eb:95:50:
ae:e1:8d:29:8f:20:36:3b:72:b7:c2:92:f4:1f:f1:
bf:20:d2:66:4a:46:bb:5e:21:cc:12:a1:5d:bd:8e:
7e:de:8a:82:7e:b2:88:f3:d0:29:20:c4:01:39:0b:
5a:62:bf:31:88:81:e6:28:8a:79:7b:9c:36:39:d4:
e5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:80:73:1C:99:42:A5:81:4D:82:45:69:83:0D:38:26:0F:98:78:9F
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/284AFDA0F86011EE8DCC542DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.178.175.0/24
1.179.62.0/23
110.238.147.0-110.238.151.255
110.239.0.0/21
110.239.15.0-110.239.17.255
110.239.26.0/24
110.239.31.0/24
110.239.136.0/21
110.239.177.0/24
110.239.179.0-110.239.183.255
119.13.179.0/24
123.200.132.0/23
123.200.170.0/23
123.200.173.0/24
123.200.176.0-123.200.178.255
123.200.184.0/23
202.183.103.0/24
202.183.109.0/24
Signature Algorithm: sha256WithRSAEncryption
31:16:49:a0:4d:2c:28:de:18:d6:df:64:2a:cd:4e:94:1e:be:
41:67:d6:63:a1:54:65:fe:16:cc:d7:7e:3e:fe:2e:27:1b:48:
9e:5a:99:89:08:1d:3e:ce:6a:8e:67:5e:13:0c:7d:eb:73:7d:
4f:e5:f2:5c:13:71:fe:01:d8:ac:47:f2:d4:1a:38:32:f3:23:
a2:77:0a:66:65:e8:e7:53:eb:e2:2c:ff:67:b1:ea:15:7f:2b:
dc:78:20:c9:c8:15:36:64:a0:3a:c3:d4:d7:09:a9:53:6b:46:
d8:56:54:53:e4:57:6f:f6:ce:14:cb:71:51:a6:77:88:08:2b:
32:76:1d:a1:19:76:4c:d7:4e:14:ee:a3:1d:52:19:ab:eb:3d:
fc:3b:2a:72:42:aa:31:90:9f:ed:c3:74:45:98:b9:dd:42:d9:
41:92:76:47:3d:13:98:d0:32:a0:0b:92:30:40:82:67:61:28:
0b:db:70:1f:de:7e:6d:c1:42:51:32:41:cc:e4:b4:f1:44:c1:
cf:f3:b0:b3:1b:32:92:0f:fb:3d:1d:22:45:01:aa:90:1d:80:
eb:7c:a2:bf:f0:d7:9f:ec:e5:72:a8:c8:51:76:19:56:d6:80:
d4:56:df:c1:c9:5f:40:ad:25:fd:d9:14:f6:86:18:92:52:72:
a9:bc:df:2f
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICCFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjUwMzI3MjM1MjE1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U1ZTRhZS02NzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1kq5z59RicfX4A66KSDSY9qSCtIJgvofcepuzyjOWHGv4fd28Uf9Gz/pWw+n
LPr1pFReu+USz/1zh4IjKx3SfktUx0vBTDgoErSIy2pZe9a2xFovgRGfVNAtGHdT
exDhk4onXhIDNDVjbMwvH1q6Omrmz62xw9Y6ShhAVcG9sNb60WwJMzvEVZAT+M1T
OEzQdrnmw9cq+eRR778awbZr2kM+uhbmVJo4eLUTtoKfxAH4JauenB32nCtrHEVL
1MHrlVCu4Y0pjyA2O3K3wpL0H/G/INJmSka7XiHMEqFdvY5+3oqCfrKI89ApIMQB
OQtaYr8xiIHmKIp5e5w2OdTlEQIDAQABo4IDIDCCAxwwHQYDVR0OBBYEFKmAcxyZ
QqWBTYJFaYMNOCYPmHifMB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvMjg0QUZEQTBG
ODYwMTFFRThEQ0M1NDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgakGCCsGAQUFBwEHAQH/
BIGZMIGWMIGTBAIAATCBjAMEAAGyrwMEAQGzPjAMAwQAbu6TAwQDbu6QAwQDbu8A
MAwDBABu7w8DBAFu7xADBABu7xoDBABu7x8DBANu74gDBABu77EwDAMEAG7vswME
A27vsAMEAHcNswMEAXvIhAMEAXvIqgMEAHvIrTAMAwQEe8iwAwQAe8iyAwQBe8i4
AwQAyrdnAwQAyrdtMA0GCSqGSIb3DQEBCwUAA4IBAQAxFkmgTSwo3hjW32QqzU6U
Hr5BZ9ZjoVRl/hbM134+/i4nG0ieWpmJCB0+zmqOZ14TDH3rc31P5fJcE3H+Adis
R/LUGjgy8yOidwpmZejnU+viLP9nseoVfyvceCDJyBU2ZKA6w9TXCalTa0bYVlRT
5Fdv9s4Uy3FRpneICCsydh2hGXZM104U7qMdUhmr6z38OypyQqoxkJ/tw3RFmLnd
QtlBknZHPROY0DKgC5IwQIJnYSgL23Af3n5twUJRMkHM5LTxRMHP87CzGzKSD/s9
HSJFAaqQHYDrfKK/8Nef7OVyqMhRdhlW1oDUVt/ByV9ArSX92RT2hhiSUnKpvN8v
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:03 2025 by rpki-client