Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/8207CCA0906C11EC86E8B711C4F9AE02.roa
File: 8207CCA0906C11EC86E8B711C4F9AE02.roa (raw, json)
Hash identifier: /ugniFpN/rGX8I1uxfmMZJryeFfYuWgB3WroPzoi6qU=
Subject key identifier: 5D:34:BA:0F:82:59:D9:A8:1F:2D:67:77:AD:89:7E:75:1B:45:56:39
Certificate issuer: /CN=A91E2454/serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0
Certificate serial: 359E
Authority key identifier: AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/8207CCA0906C11EC86E8B711C4F9AE02.roa
Signing time: Thu 12 Dec 2024 14:30:37 +0000
ROA not before: Thu 12 Dec 2024 14:30:37 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 24456
IP address blocks: 121.58.227.0/27 maxlen: 27
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13726 (0x359e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2454
Validity
Not Before: Dec 12 14:30:37 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675af38d-b6a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b2:e8:fb:a7:57:38:d9:e2:0c:81:ee:12:03:
f6:de:39:f3:2f:eb:a3:be:0c:8d:d4:87:df:d4:4a:
1b:7a:86:38:1a:cf:d7:6f:9e:60:a5:6b:fa:b2:f3:
0c:bd:7f:90:74:f9:fe:96:d3:3a:de:10:07:c4:1d:
3b:82:80:33:8f:0a:ac:d6:04:63:2f:70:a8:8e:90:
8b:14:9b:43:bb:a5:59:58:b1:f6:15:64:5d:76:dd:
ad:81:02:d4:62:ad:21:bc:77:73:c6:10:0b:a9:59:
7d:b7:9e:14:d9:2f:ca:92:84:58:60:14:9e:24:05:
9f:cf:52:af:00:a3:54:a2:a1:29:e2:db:b4:37:77:
7f:d8:fd:06:da:2f:0d:f8:e8:74:fd:cb:4b:cc:26:
37:9d:b2:26:4b:1f:1e:cc:d9:5f:46:34:3c:01:4b:
0d:bb:5f:f3:87:e9:b4:ec:82:32:df:4c:3a:69:88:
af:6e:d8:96:98:9a:07:7c:4f:83:59:49:78:d3:dc:
4c:05:93:cd:5a:f5:ec:6b:48:c0:a2:2a:e9:31:3f:
ae:05:c0:b1:f0:3d:3a:ba:7c:4c:5d:35:db:d4:b6:
a6:a8:3f:70:8a:03:c8:c0:93:d7:f4:74:17:84:f6:
9d:3d:78:e3:e0:bb:de:b4:41:83:cc:c6:8a:bc:1d:
a3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:34:BA:0F:82:59:D9:A8:1F:2D:67:77:AD:89:7E:75:1B:45:56:39
X509v3 Authority Key Identifier:
keyid:AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/8207CCA0906C11EC86E8B711C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.58.227.0/27
Signature Algorithm: sha256WithRSAEncryption
80:4b:d6:8d:5e:b8:86:76:a4:a1:2d:bd:af:85:21:e9:18:7d:
aa:12:10:24:dd:b9:e5:6c:31:d4:52:f3:e3:ec:5c:40:be:d3:
55:e5:39:60:6c:34:65:46:be:a2:4f:67:2c:53:7b:e7:8a:35:
20:21:5f:d6:64:bf:9e:b2:cb:54:92:91:f6:5c:87:76:7e:30:
6e:9e:52:c8:31:0f:a2:40:e0:c3:45:62:cc:8a:50:9a:2c:2f:
d3:f6:c1:41:02:9b:14:65:bb:47:7a:fd:aa:40:fd:97:eb:1b:
e6:fb:24:27:b8:f8:cf:8d:a4:75:7c:a8:dc:cd:03:0f:f6:30:
65:76:c8:73:75:af:0f:05:a3:0f:26:7b:d7:59:76:14:13:36:
3b:64:38:ea:75:5c:eb:9f:98:aa:bc:a5:14:72:ee:ed:b8:7a:
97:02:a4:6b:09:e0:f3:0e:83:a7:8b:77:a1:87:b7:dd:93:6e:
7a:d1:fe:f1:1f:75:2d:9c:29:7e:3f:39:90:54:92:d8:e7:90:
b0:51:bd:50:7a:0e:db:b2:2d:3e:b0:6c:e0:e2:51:cd:5e:ce:
96:50:54:8a:70:d3:b8:dc:45:3c:1a:15:88:43:3f:5c:e5:6b:
1a:8b:fc:81:7a:ba:48:e4:79:89:cc:76:56:e4:0f:46:95:de:
b7:4a:e8:22
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICNZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI0NTQxMTAvBgNVBAUTKEFCNjI2MkJDN0QwMkVDMUFENDhCNzFEQTk4QjczRDIy
QTM2MkRBRjAwHhcNMjQxMjEyMTQzMDM3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVhZjM4ZC1iNmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA17Lo+6dXONniDIHuEgP23jnzL+ujvgyN1Iff1EobeoY4Gs/Xb55gpWv6svMM
vX+QdPn+ltM63hAHxB07goAzjwqs1gRjL3CojpCLFJtDu6VZWLH2FWRddt2tgQLU
Yq0hvHdzxhALqVl9t54U2S/KkoRYYBSeJAWfz1KvAKNUoqEp4tu0N3d/2P0G2i8N
+Oh0/ctLzCY3nbImSx8ezNlfRjQ8AUsNu1/zh+m07IIy30w6aYivbtiWmJoHfE+D
WUl409xMBZPNWvXsa0jAoirpMT+uBcCx8D06unxMXTXb1LamqD9wigPIwJPX9HQX
hPadPXjj4LvetEGDzMaKvB2jpwIDAQABo4ICljCCApIwHQYDVR0OBBYEFF00ug+C
WdmoHy1nd62JfnUbRVY5MB8GA1UdIwQYMBaAFKtiYrx9Auwa1Itx2pi3PSKjYtrw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjQ1NC9ENEMzMEI0MjFE
ODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgwQzdCclVpM0hhbUxjOUlxTmky
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3EySml2SDBDN0JyVWkzSGFtTGM5SXFOaTJ2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI0NTQvRDRDMzBCNDIxRDg3MTFFMkExOTgyMkUwMDhCMDJDRDIvODIwN0NDQTA5
MDZDMTFFQzg2RThCNzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgABMAcDBQV5OuMAMA0GCSqGSIb3DQEBCwUAA4IBAQCAS9aNXriGdqSh
Lb2vhSHpGH2qEhAk3bnlbDHUUvPj7FxAvtNV5TlgbDRlRr6iT2csU3vnijUgIV/W
ZL+esstUkpH2XId2fjBunlLIMQ+iQODDRWLMilCaLC/T9sFBApsUZbtHev2qQP2X
6xvm+yQnuPjPjaR1fKjczQMP9jBldshzda8PBaMPJnvXWXYUEzY7ZDjqdVzrn5iq
vKUUcu7tuHqXAqRrCeDzDoOni3ehh7fdk2560f7xH3UtnCl+PzmQVJLY55CwUb1Q
eg7bsi0+sGzg4lHNXs6WUFSKcNO43EU8GhWIQz9c5Wsai/yBerpI5HmJzHZW5A9G
ld63Sugi
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:07 2025 by rpki-client