Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/0CE1846A9F5111EA9DED6709C4F9AE02.roa
File: 0CE1846A9F5111EA9DED6709C4F9AE02.roa (raw, json)
Hash identifier: CCt3BfwWVzoOBuf/bNIIvnTZyBLE785xa6d9SuWo8/4=
Subject key identifier: 41:B2:EA:EF:93:A1:81:5F:33:B8:2E:54:18:27:3B:AF:87:12:88:AE
Certificate issuer: /CN=A91DC46A/serialNumber=F8D4A632D069964C61A33E41D6243D535B007D54
Certificate serial: 1DCF
Authority key identifier: F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/0CE1846A9F5111EA9DED6709C4F9AE02.roa
Signing time: Fri 20 Dec 2024 03:33:12 +0000
ROA not before: Fri 20 Dec 2024 03:33:12 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 23678
IP address blocks: 27.131.32.0/19 maxlen: 24
43.252.44.0/22 maxlen: 22
43.252.44.0/23 maxlen: 23
43.252.44.0/24 maxlen: 24
43.252.45.0/24 maxlen: 24
43.252.46.0/24 maxlen: 24
43.252.47.0/24 maxlen: 24
103.12.64.0/22 maxlen: 22
103.12.64.0/23 maxlen: 23
103.12.64.0/24 maxlen: 24
103.12.65.0/24 maxlen: 24
103.12.66.0/24 maxlen: 24
103.12.67.0/24 maxlen: 24
103.221.60.0/22 maxlen: 24
103.243.192.0/22 maxlen: 22
103.243.192.0/24 maxlen: 24
103.243.193.0/24 maxlen: 24
103.243.194.0/24 maxlen: 24
122.0.16.0/20 maxlen: 24
150.107.156.0/22 maxlen: 22
150.107.156.0/24 maxlen: 24
150.107.157.0/24 maxlen: 24
150.107.158.0/24 maxlen: 24
150.107.159.0/24 maxlen: 24
202.133.96.0/20 maxlen: 24
2405:6400::/32 maxlen: 36
2405:6400::/42 maxlen: 42
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7631 (0x1dcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC46A
Validity
Not Before: Dec 20 03:33:12 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6764e577-3c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:76:f4:3d:82:05:62:a8:26:f0:4b:a5:75:8a:
9a:b1:96:c0:30:95:91:71:d9:34:3a:07:54:88:b5:
bf:d0:41:95:cf:6b:7f:42:d7:30:1a:35:47:45:ad:
0b:f6:8d:66:c8:80:3e:6a:4a:22:74:cc:0a:c5:8a:
22:4f:fb:77:ef:3b:10:a6:7a:da:1c:fb:e5:ce:16:
2d:b9:8f:07:03:ec:6d:27:fc:59:98:dc:d4:51:ed:
eb:f0:c1:5b:26:38:9f:c4:ea:0b:13:33:11:f8:a0:
f3:16:24:da:bb:40:7f:29:a0:a2:54:c4:14:d8:97:
a2:d0:53:89:05:d9:ea:86:e4:8b:a2:ae:2d:ca:f5:
c1:1b:93:f2:33:da:d5:a0:88:99:87:07:0b:68:fc:
90:0e:53:8f:f4:bf:7c:87:cf:79:cf:b6:04:8c:34:
b4:31:c6:c5:26:0f:43:51:7d:51:9e:e7:be:af:31:
1a:4b:d8:66:13:cb:b6:07:8e:14:e8:f4:3b:46:b6:
21:06:a5:a5:8f:77:98:4d:91:6c:5e:00:20:e0:82:
09:84:8f:73:0a:4b:80:f5:bf:a0:dd:28:56:88:f9:
47:bd:1f:9f:b5:ba:1b:3e:20:3c:31:52:63:4c:3c:
c7:1c:f7:33:7c:d0:06:7a:95:5e:45:87:87:e3:7a:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B2:EA:EF:93:A1:81:5F:33:B8:2E:54:18:27:3B:AF:87:12:88:AE
X509v3 Authority Key Identifier:
keyid:F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/0CE1846A9F5111EA9DED6709C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.131.32.0/19
43.252.44.0/22
103.12.64.0/22
103.221.60.0/22
103.243.192.0/22
122.0.16.0/20
150.107.156.0/22
202.133.96.0/20
IPv6:
2405:6400::/32
Signature Algorithm: sha256WithRSAEncryption
0e:58:31:f8:36:5b:70:16:17:2e:ce:f8:ae:6b:6b:6c:f6:f0:
9c:a8:93:8b:64:8a:7b:32:a4:57:f2:18:6e:a0:c8:2e:c8:8a:
7c:e7:78:35:b5:50:03:89:1a:37:d5:75:7a:f9:36:82:b2:a3:
52:06:14:36:67:3e:ba:d3:fa:3b:88:06:59:77:3e:46:40:c9:
88:80:ce:f4:76:00:a1:e8:b9:db:d1:5a:b4:de:e2:23:a9:1b:
f3:18:38:8a:00:b3:bf:cf:62:82:9f:4a:94:03:c8:90:c7:fe:
c3:ec:ba:5f:01:a4:fd:70:84:86:1a:9e:09:59:b0:d8:59:22:
58:3c:8b:d2:ee:3b:2c:c7:b6:f9:10:a5:f5:3a:f6:a3:72:17:
5b:da:14:99:12:c4:2a:f9:ce:2b:b7:37:dd:88:92:17:49:36:
5f:ab:b3:4e:9f:66:48:4a:e2:64:37:cc:ea:7e:04:3a:35:34:
95:2a:e0:31:d5:9c:6f:ae:f0:7e:6d:04:a3:0f:70:32:08:a0:
75:9c:63:70:d5:50:29:38:55:24:64:40:29:17:56:40:0e:ca:
57:1d:f2:34:30:3d:03:93:ab:89:0b:78:a0:3a:a4:74:5d:3b:
e9:01:60:ee:a9:78:1c:06:6b:2c:99:f9:19:92:c0:8f:47:d1:
ed:33:ba:32
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICHc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REM0NkExMTAvBgNVBAUTKEY4RDRBNjMyRDA2OTk2NEM2MUEzM0U0MUQ2MjQzRDUz
NUIwMDdENTQwHhcNMjQxMjIwMDMzMzEyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY0ZTU3Ny0zYzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3nb0PYIFYqgm8EuldYqasZbAMJWRcdk0OgdUiLW/0EGVz2t/QtcwGjVHRa0L
9o1myIA+akoidMwKxYoiT/t37zsQpnraHPvlzhYtuY8HA+xtJ/xZmNzUUe3r8MFb
JjifxOoLEzMR+KDzFiTau0B/KaCiVMQU2Jei0FOJBdnqhuSLoq4tyvXBG5PyM9rV
oIiZhwcLaPyQDlOP9L98h895z7YEjDS0McbFJg9DUX1Rnue+rzEaS9hmE8u2B44U
6PQ7RrYhBqWlj3eYTZFsXgAg4IIJhI9zCkuA9b+g3ShWiPlHvR+ftbobPiA8MVJj
TDzHHPczfNAGepVeRYeH43pPJQIDAQABo4ICzjCCAsowHQYDVR0OBBYEFEGy6u+T
oYFfM7guVBgnO6+HEoiuMB8GA1UdIwQYMBaAFPjUpjLQaZZMYaM+QdYkPVNbAH1U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQ2QS8wMDUwMDE2NDk0
MzIxMUU2OEMxQjgyNEFDNEY5QUUwMi8tTlNtTXRCcGxreGhvejVCMWlROVUxc0Fm
VlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1OU21NdEJwbGt4aG96NUIxaVE5VTFzQWZWUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REM0NkEvMDA1MDAxNjQ5NDMyMTFFNjhDMUI4MjRBQzRGOUFFMDIvMENFMTg0NkE5
RjUxMTFFQTlERUQ2NzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAUbgyADBAIr/CwDBAJnDEADBAJn3TwDBAJn88ADBAR6ABAD
BAKWa5wDBATKhWAwDQQCAAIwBwMFACQFZAAwDQYJKoZIhvcNAQELBQADggEBAA5Y
Mfg2W3AWFy7O+K5ra2z28Jyok4tkinsypFfyGG6gyC7IinzneDW1UAOJGjfVdXr5
NoKyo1IGFDZnPrrT+juIBll3PkZAyYiAzvR2AKHoudvRWrTe4iOpG/MYOIoAs7/P
YoKfSpQDyJDH/sPsul8BpP1whIYanglZsNhZIlg8i9LuOyzHtvkQpfU69qNyF1va
FJkSxCr5ziu3N92IkhdJNl+rs06fZkhK4mQ3zOp+BDo1NJUq4DHVnG+u8H5tBKMP
cDIIoHWcY3DVUCk4VSRkQCkXVkAOylcd8jQwPQOTq4kLeKA6pHRdO+kBYO6peBwG
ayyZ+RmSwI9H0e0zujI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:39 2025 by rpki-client