Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/FD114232912711EFBCB4ED6EC4F9AE02.roa
File: FD114232912711EFBCB4ED6EC4F9AE02.roa (raw, json)
Hash identifier: TxCwNFrh+xkaqDR3M5kqqPa5bX7FhYwp1p0wkxa1CxU=
Subject key identifier: 31:50:0C:A8:34:0B:F2:48:68:85:A2:1F:73:75:8F:07:E9:B9:F7:B0
Certificate issuer: /CN=A91DF0EC/serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228
Certificate serial: 09D2
Authority key identifier: DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/FD114232912711EFBCB4ED6EC4F9AE02.roa
Signing time: Wed 12 Feb 2025 20:58:13 +0000
ROA not before: Wed 12 Feb 2025 20:58:13 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 139715
IP address blocks: 123.0.29.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2514 (0x9d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF0EC
Validity
Not Before: Feb 12 20:58:13 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ad0b64-59f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:46:8c:b7:d1:b7:93:bd:21:29:6a:e2:66:
23:16:e4:c3:6d:83:49:3a:07:4e:7f:ed:fb:3b:55:
61:f1:36:a1:55:f6:7e:e8:76:54:36:17:e8:c6:9e:
21:78:9c:aa:ed:14:12:89:25:b4:31:cb:20:bc:55:
53:4f:5a:53:59:d9:e4:ef:a9:ff:6b:0e:d1:59:1e:
4a:e1:83:7b:72:68:9f:51:1f:66:65:69:97:e0:6c:
cd:d4:fc:e1:03:5e:91:19:e5:93:03:fd:98:22:5f:
1d:7e:17:61:cd:58:6b:84:8b:86:ff:87:96:d2:44:
99:f1:fd:55:97:7b:89:c5:ea:43:de:b2:90:87:10:
3b:d9:f4:e5:55:c4:1c:d4:19:fe:c1:d8:7e:ce:dd:
0d:de:b4:8c:b7:7f:62:f9:5c:43:0d:29:8e:25:65:
3a:28:64:29:2f:0f:14:22:6d:f9:1e:8c:72:e6:1b:
67:57:4f:95:e1:98:05:81:01:c0:d4:90:61:23:7f:
1a:e6:f3:94:f1:2b:bb:cb:de:86:e3:1f:e7:73:33:
b4:ce:d5:c9:5c:48:f9:46:f2:74:05:2b:27:15:b5:
e3:6a:bc:b6:e2:99:ed:ca:0d:e9:30:cb:7e:81:bf:
8a:78:0c:9e:3e:5c:88:9c:01:06:d7:31:81:fe:ed:
7a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:50:0C:A8:34:0B:F2:48:68:85:A2:1F:73:75:8F:07:E9:B9:F7:B0
X509v3 Authority Key Identifier:
keyid:DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/FD114232912711EFBCB4ED6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.0.29.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:25:7a:f5:f9:98:f6:ae:03:87:53:9e:50:13:ea:af:f4:b6:
de:26:9e:67:06:57:cf:eb:90:eb:0d:41:bb:40:3b:63:b9:ff:
e0:70:98:68:45:ba:e5:eb:fb:e3:4a:d4:48:e4:40:6b:7e:fd:
be:66:9a:a6:af:26:c1:80:a7:08:aa:27:37:bc:cf:36:15:76:
dd:2d:80:8e:88:58:2c:79:c2:da:e0:cf:ef:f3:c7:4d:b0:80:
7a:d1:2f:23:ae:73:2b:8b:d4:c9:db:a5:4c:f6:7d:42:c6:7a:
33:f0:8b:86:b2:5d:d7:38:b4:71:64:b4:30:6b:11:96:b8:eb:
f3:10:c9:f8:27:6c:8e:bb:b1:cf:67:7f:ed:35:3f:11:5f:a0:
13:a2:11:0f:31:99:c5:31:7f:a1:71:cd:72:71:67:18:a1:36:
0a:b5:4e:8e:18:7f:cf:9c:30:75:76:cf:35:1c:29:32:96:e1:
9e:6a:a5:0f:a8:8c:18:a6:06:42:ee:8a:c8:3a:78:97:6e:bc:
77:24:e8:52:5a:4f:9e:c1:95:e1:cf:2b:26:cf:66:54:67:89:
0a:3d:45:4c:51:86:d8:ff:46:61:2e:73:f4:ed:ec:7e:ee:84:
b2:c9:e8:10:ee:b9:0f:04:73:5f:a3:72:94:7e:db:4e:2d:bd:
b4:c7:43:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REYwRUMxMTAvBgNVBAUTKERBMkI0M0NDMTgzQ0E4RTBGNkE4RjZEQUE1NENERDcz
MDZGODYyMjgwHhcNMjUwMjEyMjA1ODEzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkMGI2NC01OWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAneZGjLfRt5O9ISlq4mYjFuTDbYNJOgdOf+37O1Vh8TahVfZ+6HZUNhfoxp4h
eJyq7RQSiSW0McsgvFVTT1pTWdnk76n/aw7RWR5K4YN7cmifUR9mZWmX4GzN1Pzh
A16RGeWTA/2YIl8dfhdhzVhrhIuG/4eW0kSZ8f1Vl3uJxepD3rKQhxA72fTlVcQc
1Bn+wdh+zt0N3rSMt39i+VxDDSmOJWU6KGQpLw8UIm35Hoxy5htnV0+V4ZgFgQHA
1JBhI38a5vOU8Su7y96G4x/nczO0ztXJXEj5RvJ0BSsnFbXjary24pntyg3pMMt+
gb+KeAyePlyInAEG1zGB/u16CQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDFQDKg0
C/JIaIWiH3N1jwfpufewMB8GA1UdIwQYMBaAFNorQ8wYPKjg9qj22qVM3XMG+GIo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjBFQy85OTFDRUY3RTc5
NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFPRDJxUGJhcFV6ZGN3YjRZ
aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJpdER6Qmc4cU9EMnFQYmFwVXpkY3diNFlpZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REYwRUMvOTkxQ0VGN0U3OTU4MTFFQTkzQUU5NjQ2QzRGOUFFMDIvRkQxMTQyMzI5
MTI3MTFFRkJDQjRFRDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7AB0wDQYJKoZIhvcNAQELBQADggEBAD4levX5mPauA4dT
nlAT6q/0tt4mnmcGV8/rkOsNQbtAO2O5/+BwmGhFuuXr++NK1EjkQGt+/b5mmqav
JsGApwiqJze8zzYVdt0tgI6IWCx5wtrgz+/zx02wgHrRLyOucyuL1MnbpUz2fULG
ejPwi4ayXdc4tHFktDBrEZa46/MQyfgnbI67sc9nf+01PxFfoBOiEQ8xmcUxf6Fx
zXJxZxihNgq1To4Yf8+cMHV2zzUcKTKW4Z5qpQ+ojBimBkLuisg6eJduvHck6FJa
T57BleHPKybPZlRniQo9RUxRhtj/RmEuc/Tt7H7uhLLJ6BDuuQ8Ec1+jcpR+204t
vbTHQ/w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:33 2025 by rpki-client