Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa
File: 834D7D565BAA11EFBAF22B7FC4F9AE02.roa (raw, json)
Hash identifier: TJYAsaduMNFlCfCtpHImQhHzTtlz3kZi3/4L+kmyEYE=
Subject key identifier: 9B:B7:BE:42:E4:03:AA:03:BD:99:9A:F0:87:B2:69:EA:86:29:F7:2F
Certificate issuer: /CN=A91DF863/serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348
Certificate serial: 32C6
Authority key identifier: 39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa
Signing time: Fri 20 Dec 2024 15:51:55 +0000
ROA not before: Fri 20 Dec 2024 15:51:55 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135437
IP address blocks: 203.175.160.0/20 maxlen: 23
203.175.160.0/21 maxlen: 24
203.175.168.0/22 maxlen: 24
203.175.172.0/23 maxlen: 24
203.175.174.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12998 (0x32c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF863
Validity
Not Before: Dec 20 15:51:55 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6765929b-60a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ad:02:46:8f:d6:b4:14:88:71:b5:da:78:cf:
4b:5f:cc:84:3a:fe:b9:bc:6f:fd:ca:a0:c6:03:63:
44:80:19:c4:12:d1:d5:9a:aa:f0:ff:3e:5c:78:7b:
be:39:b8:82:e8:c2:c4:d3:1b:ea:ce:68:87:2a:19:
74:da:9c:cd:14:30:04:9b:47:27:5f:f5:73:dc:4a:
c9:15:ed:5f:27:93:f1:dd:a7:eb:54:b5:97:37:65:
32:e7:55:ef:f1:81:3d:8e:ec:d9:76:f3:ee:a5:73:
c7:64:4f:fa:e6:d4:6d:e8:60:33:20:c9:1a:d3:e3:
b4:4d:43:1a:03:19:a7:cd:4b:e5:8b:d9:c9:ae:4a:
7b:31:35:a0:44:11:51:7e:92:62:67:a0:b4:68:92:
6b:66:e2:cd:16:90:a7:bb:20:65:8d:6e:00:b7:c5:
89:1f:35:97:4d:16:77:c7:47:c6:b8:07:28:5a:08:
b9:56:76:69:c4:7b:61:3c:9e:07:d6:55:9c:e0:4b:
44:2d:fa:b5:0a:c6:15:88:c0:f2:d7:77:d3:23:0d:
6c:27:bb:ea:d8:c6:a8:8b:28:e1:d7:9b:b4:3a:7b:
39:2f:3d:3e:fb:0a:e6:6d:f8:e4:b1:fb:2a:43:7e:
81:f3:f6:7c:23:fb:ac:ff:5b:fb:01:94:eb:de:6a:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B7:BE:42:E4:03:AA:03:BD:99:9A:F0:87:B2:69:EA:86:29:F7:2F
X509v3 Authority Key Identifier:
keyid:39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.175.160.0/20
Signature Algorithm: sha256WithRSAEncryption
59:7c:b0:f1:7a:47:d1:c5:84:27:97:cc:4c:3a:c6:84:97:d8:
85:f7:d0:3e:88:ad:3f:1f:d1:69:36:e3:8c:c3:f1:db:a2:5d:
15:34:2a:16:31:b5:94:91:3f:c8:8c:76:b8:ff:2c:08:df:c8:
e0:d2:46:08:d9:18:23:24:81:27:a0:49:9a:ca:8f:47:07:fa:
15:dc:f0:fa:5d:50:65:0e:aa:b6:b8:ce:8f:7b:c9:fe:35:97:
5e:b4:51:9b:05:04:11:98:75:e9:dc:89:3c:04:9f:cb:ad:52:
82:a0:c0:4b:b6:d3:86:cb:6d:39:84:39:ad:6d:cc:6c:39:7e:
e1:f7:d1:20:08:f9:a4:37:30:12:45:d7:77:2a:e0:ae:91:0c:
48:4b:be:20:8c:bb:c7:1f:a5:cc:5c:ae:63:27:f2:86:3d:5c:
7f:da:a5:77:83:8c:60:32:74:86:b8:53:30:74:cf:33:20:10:
b5:1a:f1:21:b3:85:62:ee:1c:56:e8:f7:74:42:a1:c4:34:eb:
07:a0:bb:d0:50:ea:a9:15:a8:b3:c0:a5:31:a8:c7:41:ff:97:
34:0c:23:6e:fe:a4:c7:ca:2e:82:bc:cd:f8:87:34:7c:fc:79:
58:51:7c:f8:5a:2a:5d:51:ff:cc:90:29:f9:f4:18:e4:03:0e:
a7:7d:20:d5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY4NjMxMTAvBgNVBAUTKDM5Q0UxNURCMzY3MzlBMjJDQUVFNjRFMENGOEJBMzFG
NUE2QjkzNDgwHhcNMjQxMjIwMTU1MTU1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1OTI5Yi02MGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2q0CRo/WtBSIcbXaeM9LX8yEOv65vG/9yqDGA2NEgBnEEtHVmqrw/z5ceHu+
ObiC6MLE0xvqzmiHKhl02pzNFDAEm0cnX/Vz3ErJFe1fJ5Px3afrVLWXN2Uy51Xv
8YE9juzZdvPupXPHZE/65tRt6GAzIMka0+O0TUMaAxmnzUvli9nJrkp7MTWgRBFR
fpJiZ6C0aJJrZuLNFpCnuyBljW4At8WJHzWXTRZ3x0fGuAcoWgi5VnZpxHthPJ4H
1lWc4EtELfq1CsYViMDy13fTIw1sJ7vq2Maoiyjh15u0Ons5Lz0++wrmbfjksfsq
Q36B8/Z8I/us/1v7AZTr3mpdpQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJu3vkLk
A6oDvZma8IeyaeqGKfcvMB8GA1UdIwQYMBaAFDnOFds2c5oiyu5k4M+Lox9aa5NI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg2My9CRkU1NEE2ODgx
NUIxMUUyOUI1OEE3M0IzMjkyQjVFOC9PYzRWMnpaem1pTEs3bVRnejR1akgxcHJr
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jNFYyelp6bWlMSzdtVGd6NHVqSDFwcmswZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY4NjMvQkZFNTRBNjg4MTVCMTFFMjlCNThBNzNCMzI5MkI1RTgvODM0RDdENTY1
QkFBMTFFRkJBRjIyQjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBATLr6AwDQYJKoZIhvcNAQELBQADggEBAFl8sPF6R9HFhCeX
zEw6xoSX2IX30D6IrT8f0Wk244zD8duiXRU0KhYxtZSRP8iMdrj/LAjfyODSRgjZ
GCMkgSegSZrKj0cH+hXc8PpdUGUOqra4zo97yf41l160UZsFBBGYdenciTwEn8ut
UoKgwEu204bLbTmEOa1tzGw5fuH30SAI+aQ3MBJF13cq4K6RDEhLviCMu8cfpcxc
rmMn8oY9XH/apXeDjGAydIa4UzB0zzMgELUa8SGzhWLuHFbo93RCocQ06wegu9BQ
6qkVqLPApTGox0H/lzQMI27+pMfKLoK8zfiHNHz8eVhRfPhaKl1R/8yQKfn0GOQD
Dqd9INU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:52:13 2025 by rpki-client