Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/BD6571EEC0AC11EF8F832C34C4F9AE02.roa
File: BD6571EEC0AC11EF8F832C34C4F9AE02.roa (raw, json)
Hash identifier: G/Ubv3z+VEdcNFiGQpNHf2mTf7Lsh6KdDEju5wCmKbw=
Subject key identifier: 0C:AD:CB:A0:0F:BF:1F:5D:4E:04:90:E7:E4:10:2D:ED:9F:05:BC:A6
Certificate issuer: /CN=A91DC46A/serialNumber=F8D4A632D069964C61A33E41D6243D535B007D54
Certificate serial: 1DED
Authority key identifier: F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/BD6571EEC0AC11EF8F832C34C4F9AE02.roa
Signing time: Wed 22 Jan 2025 16:23:26 +0000
ROA not before: Wed 22 Jan 2025 16:23:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 23678
IP address blocks: 27.131.32.0/19 maxlen: 24
43.252.44.0/22 maxlen: 22
43.252.44.0/23 maxlen: 23
43.252.44.0/24 maxlen: 24
43.252.45.0/24 maxlen: 24
43.252.46.0/24 maxlen: 24
43.252.47.0/24 maxlen: 24
103.12.64.0/22 maxlen: 22
103.12.64.0/23 maxlen: 23
103.12.64.0/24 maxlen: 24
103.12.65.0/24 maxlen: 24
103.12.66.0/24 maxlen: 24
103.12.67.0/24 maxlen: 24
103.137.120.0/22 maxlen: 24
103.221.60.0/22 maxlen: 23
103.221.60.0/23 maxlen: 24
103.221.62.0/24 maxlen: 24
103.243.192.0/22 maxlen: 22
103.243.192.0/24 maxlen: 24
103.243.193.0/24 maxlen: 24
103.243.194.0/24 maxlen: 24
122.0.16.0/20 maxlen: 24
150.107.156.0/22 maxlen: 22
150.107.156.0/24 maxlen: 24
150.107.157.0/24 maxlen: 24
150.107.158.0/24 maxlen: 24
150.107.159.0/24 maxlen: 24
202.133.96.0/20 maxlen: 24
2405:6400::/32 maxlen: 36
2405:6400::/42 maxlen: 42
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7661 (0x1ded)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC46A
Validity
Not Before: Jan 22 16:23:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67911b7e-714c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ec:00:72:da:55:d4:6a:27:7b:87:c5:70:a3:
3b:f7:e0:34:53:a7:e8:98:d1:96:a6:82:18:df:da:
d8:07:fd:7c:ad:e2:64:53:f7:59:9f:76:7e:e3:38:
d4:fd:30:63:ac:42:42:c5:38:b1:1f:6a:cd:6e:29:
ba:20:8c:bd:c7:cb:ea:4c:4a:0e:f1:2e:c8:ce:3e:
f5:90:83:86:37:16:b0:91:d3:2c:fd:da:19:00:78:
55:de:96:36:34:13:b0:5b:bc:e7:53:7f:af:d4:87:
72:c0:55:ef:f1:34:d4:de:77:75:8f:90:9e:c7:db:
1f:3c:78:96:a0:3f:3d:a2:3c:0a:50:57:17:13:3a:
cf:17:be:23:59:71:8a:4a:6e:e6:e1:c1:a2:94:e0:
91:d2:c2:77:a9:37:6a:56:3e:22:65:8a:ed:fe:31:
f3:11:a4:08:6d:ea:a1:bb:0e:b2:dd:f1:a6:b7:b1:
e3:72:9b:65:00:9c:1e:de:ff:fc:7f:4b:37:3b:26:
bb:6b:72:b8:73:0c:72:83:77:63:ca:b9:ec:7c:1c:
2b:c0:fe:58:44:da:12:f7:2c:de:92:43:d8:16:54:
0b:6b:76:3f:3e:28:44:d1:00:67:b3:76:8e:7f:6f:
dd:28:10:86:d3:18:7f:ad:49:f8:c3:0b:de:b7:1b:
37:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AD:CB:A0:0F:BF:1F:5D:4E:04:90:E7:E4:10:2D:ED:9F:05:BC:A6
X509v3 Authority Key Identifier:
keyid:F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/BD6571EEC0AC11EF8F832C34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.131.32.0/19
43.252.44.0/22
103.12.64.0/22
103.137.120.0/22
103.221.60.0/22
103.243.192.0/22
122.0.16.0/20
150.107.156.0/22
202.133.96.0/20
IPv6:
2405:6400::/32
Signature Algorithm: sha256WithRSAEncryption
18:0c:5b:7c:0a:d4:b6:e1:9a:86:91:69:c8:3f:dd:8d:8b:ef:
31:26:ce:12:19:6a:33:fd:36:f2:91:01:1a:c4:83:45:30:9b:
1d:30:80:16:92:a9:74:29:5e:8e:0b:24:fb:85:bb:33:fe:2a:
5d:63:5c:a9:28:dd:a4:e1:04:6a:a4:bd:fa:a7:0b:87:68:19:
32:77:bf:a3:b6:f9:ab:0b:d9:ce:7c:2b:cb:6c:37:b5:ba:53:
44:f2:e3:7d:cf:5c:c2:06:3a:6b:86:bb:ea:bc:64:44:1f:1d:
d8:f7:ef:83:2e:9e:3e:18:10:30:a2:69:d5:0e:90:c8:b4:84:
03:09:36:79:b3:8b:69:07:8a:97:50:be:04:d1:3d:76:0b:c7:
51:67:a9:f8:bf:81:02:e6:29:65:ea:41:79:a7:70:60:4b:09:
21:87:aa:af:f0:aa:a5:60:30:6a:8e:bb:13:96:dc:d9:bf:f6:
7f:de:df:9d:33:fb:d0:9d:61:f7:50:52:f9:cd:1b:32:45:1c:
fe:c4:c3:75:53:fd:9b:db:23:1c:fc:5a:cc:cc:8a:cf:25:5b:
8e:2f:82:8b:7d:28:81:c9:38:71:2e:d8:01:b2:03:b9:0c:eb:
b7:a3:90:6d:8d:30:a8:14:10:f0:d4:99:86:92:e2:1a:ff:22:
92:73:58:81
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICHe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REM0NkExMTAvBgNVBAUTKEY4RDRBNjMyRDA2OTk2NEM2MUEzM0U0MUQ2MjQzRDUz
NUIwMDdENTQwHhcNMjUwMTIyMTYyMzI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxMWI3ZS03MTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsuwActpV1Gone4fFcKM79+A0U6fomNGWpoIY39rYB/18reJkU/dZn3Z+4zjU
/TBjrEJCxTixH2rNbim6IIy9x8vqTEoO8S7Izj71kIOGNxawkdMs/doZAHhV3pY2
NBOwW7znU3+v1IdywFXv8TTU3nd1j5Cex9sfPHiWoD89ojwKUFcXEzrPF74jWXGK
Sm7m4cGilOCR0sJ3qTdqVj4iZYrt/jHzEaQIbeqhuw6y3fGmt7HjcptlAJwe3v/8
f0s3Oya7a3K4cwxyg3djyrnsfBwrwP5YRNoS9yzekkPYFlQLa3Y/PihE0QBns3aO
f2/dKBCG0xh/rUn4wwvetxs3awIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFAyty6AP
vx9dTgSQ5+QQLe2fBbymMB8GA1UdIwQYMBaAFPjUpjLQaZZMYaM+QdYkPVNbAH1U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQ2QS8wMDUwMDE2NDk0
MzIxMUU2OEMxQjgyNEFDNEY5QUUwMi8tTlNtTXRCcGxreGhvejVCMWlROVUxc0Fm
VlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1OU21NdEJwbGt4aG96NUIxaVE5VTFzQWZWUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REM0NkEvMDA1MDAxNjQ5NDMyMTFFNjhDMUI4MjRBQzRGOUFFMDIvQkQ2NTcxRUVD
MEFDMTFFRjhGODMyQzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMDwEAgABMDYDBAUbgyADBAIr/CwDBAJnDEADBAJniXgDBAJn3TwDBAJn88AD
BAR6ABADBAKWa5wDBATKhWAwDQQCAAIwBwMFACQFZAAwDQYJKoZIhvcNAQELBQAD
ggEBABgMW3wK1LbhmoaRacg/3Y2L7zEmzhIZajP9NvKRARrEg0Uwmx0wgBaSqXQp
Xo4LJPuFuzP+Kl1jXKko3aThBGqkvfqnC4doGTJ3v6O2+asL2c58K8tsN7W6U0Ty
433PXMIGOmuGu+q8ZEQfHdj374Munj4YEDCiadUOkMi0hAMJNnmzi2kHipdQvgTR
PXYLx1Fnqfi/gQLmKWXqQXmncGBLCSGHqq/wqqVgMGqOuxOW3Nm/9n/e350z+9Cd
YfdQUvnNGzJFHP7Ew3VT/ZvbIxz8WszMis8lW44vgot9KIHJOHEu2AGyA7kM67ej
kG2NMKgUEPDUmYaS4hr/IpJzWIE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:57:49 2025 by rpki-client