Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/6E9AC80671D811EB8047721DC4F9AE02/00756F7E63F011EC987F5B19C4F9AE02.roa
File: 00756F7E63F011EC987F5B19C4F9AE02.roa (raw, json)
Hash identifier: lAVQxnaIpb4+FR/69nne2013Hk4eswtCR3VSmU3tbJU=
Subject key identifier: 68:E5:35:07:F3:C9:64:AB:84:2F:33:71:FA:F7:B4:A9:32:D7:7E:09
Certificate issuer: /CN=A91DDCB6/serialNumber=18DC531D44F05962E97F23845736141D3E02681B
Certificate serial: 062B
Authority key identifier: 18:DC:53:1D:44:F0:59:62:E9:7F:23:84:57:36:14:1D:3E:02:68:1B
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/GNxTHUTwWWLpfyOEVzYUHT4CaBs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/6E9AC80671D811EB8047721DC4F9AE02/00756F7E63F011EC987F5B19C4F9AE02.roa
Signing time: Tue 08 Oct 2024 20:59:52 +0000
ROA not before: Tue 08 Oct 2024 20:59:52 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132420
IP address blocks: 91.203.132.0/22 maxlen: 24
217.18.52.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1579 (0x62b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DDCB6
Validity
Not Before: Oct 8 20:59:52 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67059d48-fda3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e8:84:b3:73:94:48:bc:2a:4c:4c:e2:5c:88:
7f:8b:51:5d:8a:71:22:90:74:2d:6f:7e:4c:a7:2c:
b0:05:15:30:cf:7f:6d:c5:3e:4b:07:4a:48:f8:91:
9a:9b:06:1b:50:cb:96:5f:59:af:b3:b0:6c:87:33:
42:98:72:90:d6:20:46:5e:8c:06:8d:65:8c:f3:9c:
0d:08:de:ee:c9:4d:26:9a:6c:f0:af:12:0e:f6:af:
8b:da:d7:ba:6e:dd:f5:87:e5:be:27:cd:37:5f:08:
73:7d:c3:b3:d8:aa:9c:c8:cf:d7:30:0c:e9:de:53:
90:3b:5f:63:28:5e:92:d5:8a:12:02:0d:3b:6c:c7:
3e:1a:b6:b1:9a:c0:db:86:62:23:14:00:f6:7d:ba:
1c:37:34:5f:fa:68:68:e9:40:67:55:25:da:5b:af:
e6:fb:9d:86:ef:92:2e:7c:6b:e1:f9:1d:8f:36:bf:
bc:d4:12:9e:27:6a:36:d7:76:41:64:41:d5:bf:18:
51:0b:9b:cd:b5:ca:49:43:49:9f:e1:a2:c7:18:17:
14:12:cd:0c:3d:95:8e:91:71:ff:00:b9:27:66:9d:
e0:7d:32:ba:f7:50:51:45:13:05:e3:fd:9b:c2:54:
57:81:52:b8:e5:e4:2c:da:61:08:97:ba:ab:f0:08:
7d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E5:35:07:F3:C9:64:AB:84:2F:33:71:FA:F7:B4:A9:32:D7:7E:09
X509v3 Authority Key Identifier:
keyid:18:DC:53:1D:44:F0:59:62:E9:7F:23:84:57:36:14:1D:3E:02:68:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/6E9AC80671D811EB8047721DC4F9AE02/GNxTHUTwWWLpfyOEVzYUHT4CaBs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/GNxTHUTwWWLpfyOEVzYUHT4CaBs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/6E9AC80671D811EB8047721DC4F9AE02/00756F7E63F011EC987F5B19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
91.203.132.0/22
217.18.52.0/22
Signature Algorithm: sha256WithRSAEncryption
74:30:91:1e:80:fd:f2:04:b9:45:c4:28:1c:63:14:ea:2f:02:
98:10:46:59:3f:c8:a5:a9:19:b4:b8:ba:09:39:c4:73:9e:20:
e1:46:9b:cb:ec:30:d3:79:0e:ad:ed:1d:eb:6d:3d:02:87:eb:
b9:7f:00:84:07:1d:ac:32:14:1c:69:02:09:3a:9a:88:be:1a:
5f:33:8b:9c:c7:55:f8:2f:b6:4f:06:62:79:ff:f4:65:f3:60:
3b:64:3c:08:bc:aa:47:08:fd:7f:0a:63:ee:20:b8:f6:0d:69:
ba:14:93:fd:ad:9e:6a:d4:06:a0:f1:5f:1b:10:08:33:01:44:
ba:a4:d9:ed:61:af:72:42:f4:26:27:b0:13:fe:69:e8:1f:ff:
a7:07:2d:63:89:11:bc:68:6a:82:57:85:4e:64:08:a7:02:c6:
bf:37:20:4e:f9:a8:fb:5a:bc:f8:19:42:fb:52:28:7e:23:1a:
51:c8:3e:ac:fc:bf:23:75:ce:02:97:95:17:f8:05:a7:e4:d2:
c0:0d:fa:79:ae:8a:05:7c:9f:0d:b9:7b:c3:dd:b5:9a:33:53:
71:3c:05:8a:72:d6:1a:5b:80:9c:e5:b2:f0:79:88:e3:3c:36:
20:1e:3f:0a:f2:01:d1:8c:34:be:90:5b:1e:8e:21:b6:37:95:
61:e7:06:df
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RERDQjYxMTAvBgNVBAUTKDE4REM1MzFENDRGMDU5NjJFOTdGMjM4NDU3MzYxNDFE
M0UwMjY4MUIwHhcNMjQxMDA4MjA1OTUyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA1OWQ0OC1mZGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyuiEs3OUSLwqTEziXIh/i1FdinEikHQtb35MpyywBRUwz39txT5LB0pI+JGa
mwYbUMuWX1mvs7BshzNCmHKQ1iBGXowGjWWM85wNCN7uyU0mmmzwrxIO9q+L2te6
bt31h+W+J803XwhzfcOz2KqcyM/XMAzp3lOQO19jKF6S1YoSAg07bMc+GraxmsDb
hmIjFAD2fbocNzRf+mho6UBnVSXaW6/m+52G75IufGvh+R2PNr+81BKeJ2o213ZB
ZEHVvxhRC5vNtcpJQ0mf4aLHGBcUEs0MPZWOkXH/ALknZp3gfTK691BRRRMF4/2b
wlRXgVK45eQs2mEIl7qr8Ah9TwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGjlNQfz
yWSrhC8zcfr3tKky134JMB8GA1UdIwQYMBaAFBjcUx1E8Fli6X8jhFc2FB0+Amgb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi82RTlBQzgwNjcx
RDgxMUVCODA0NzcyMURDNEY5QUUwMi9HTnhUSFVUd1dXTHBmeU9FVnpZVUhUNENh
QnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0dOeFRIVVR3V1dMcGZ5T0VWellVSFQ0Q2FCcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RERDQjYvNkU5QUM4MDY3MUQ4MTFFQjgwNDc3MjFEQzRGOUFFMDIvMDA3NTZGN0U2
M0YwMTFFQzk4N0Y1QjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJby4QDBALZEjQwDQYJKoZIhvcNAQELBQADggEBAHQwkR6A
/fIEuUXEKBxjFOovApgQRlk/yKWpGbS4ugk5xHOeIOFGm8vsMNN5Dq3tHettPQKH
67l/AIQHHawyFBxpAgk6moi+Gl8zi5zHVfgvtk8GYnn/9GXzYDtkPAi8qkcI/X8K
Y+4guPYNaboUk/2tnmrUBqDxXxsQCDMBRLqk2e1hr3JC9CYnsBP+aegf/6cHLWOJ
EbxoaoJXhU5kCKcCxr83IE75qPtavPgZQvtSKH4jGlHIPqz8vyN1zgKXlRf4Bafk
0sAN+nmuigV8nw25e8PdtZozU3E8BYpy1hpbgJzlsvB5iOM8NiAePwryAdGMNL6Q
Wx6OIbY3lWHnBt8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:41 2025 by rpki-client