Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/EA7EF77860BB11EF98A27D59C4F9AE02.roa
File: EA7EF77860BB11EF98A27D59C4F9AE02.roa (raw, json)
Hash identifier: gD7iFebAgkAY9IUPNKXCwnTZXnscQVACePU7q6AjDEc=
Subject key identifier: F6:1D:19:08:66:77:20:26:64:59:A0:B2:A8:53:E8:B1:10:FC:98:DE
Certificate issuer: /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6
Certificate serial: 219E
Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/EA7EF77860BB11EF98A27D59C4F9AE02.roa
Signing time: Fri 06 Dec 2024 16:03:34 +0000
ROA not before: Fri 06 Dec 2024 16:03:34 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134712
IP address blocks: 220.158.204.0/22 maxlen: 22
220.158.204.0/24 maxlen: 24
220.158.205.0/24 maxlen: 24
220.158.206.0/24 maxlen: 24
220.158.207.0/24 maxlen: 24
2405:d340::/32 maxlen: 32
2405:d340::/48 maxlen: 48
2405:d340:1::/48 maxlen: 48
2405:d340:2::/48 maxlen: 48
2405:d340:3::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8606 (0x219e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4845
Validity
Not Before: Dec 6 16:03:34 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67532055-da3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:5e:c0:ca:53:62:74:36:34:14:57:38:cb:d8:
5d:82:c8:c5:47:5d:74:2f:ab:43:37:cc:34:b2:9b:
68:02:5d:09:61:5f:fa:f6:0b:22:66:aa:2c:eb:55:
08:ad:a7:1a:d2:44:77:9a:e2:b2:55:e1:aa:96:7e:
76:72:9b:9c:77:8c:00:e3:11:28:96:14:e6:a2:24:
e7:2a:67:a2:00:a8:2f:62:fd:ac:e2:4c:bd:b8:c8:
74:37:bf:d4:c6:6e:65:63:b5:c2:f0:b1:ab:ae:98:
d0:d1:3d:20:24:f4:12:6c:9b:58:b4:3f:c8:71:1e:
09:c7:36:3c:06:24:21:07:3f:36:fc:ab:5d:0e:55:
c5:38:e4:fd:44:dc:cb:11:d6:41:c0:9e:d3:4a:33:
d5:b1:2e:60:ac:2a:4a:d3:d6:a1:40:7d:21:a8:49:
90:1a:02:1e:75:84:14:9e:57:e6:ca:25:24:29:c3:
72:b1:65:57:dd:0b:45:02:56:34:53:44:97:e0:12:
d8:d2:df:a9:c6:a3:ab:95:2b:ff:97:3c:40:6d:a6:
bd:b0:9c:56:2d:55:b8:ca:f2:67:ba:13:36:a4:36:
5c:0c:e4:ac:8e:b3:bb:f7:56:62:73:bb:a5:7b:66:
fd:f0:f8:11:2a:e5:08:b7:f6:a9:12:77:5b:f8:9c:
25:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1D:19:08:66:77:20:26:64:59:A0:B2:A8:53:E8:B1:10:FC:98:DE
X509v3 Authority Key Identifier:
keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/EA7EF77860BB11EF98A27D59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.158.204.0/22
IPv6:
2405:d340::/32
Signature Algorithm: sha256WithRSAEncryption
08:f4:f1:7c:0e:57:1f:d4:5f:e3:51:51:16:fe:d8:1d:cd:3b:
e5:51:3c:42:8d:57:87:26:9c:88:70:1a:77:0c:61:50:8b:fa:
e3:76:b0:74:11:d9:d3:57:59:d4:c0:2c:4f:60:a2:47:d2:fa:
e3:2a:25:39:0a:ce:81:51:59:a4:75:1d:69:05:b6:64:4d:c9:
95:42:f6:51:7e:1e:3f:73:88:24:41:3b:0f:19:e0:09:96:a0:
ea:65:d8:7a:f9:88:2f:7c:f9:de:3e:d2:c4:eb:c4:dd:ee:05:
5c:08:a9:31:66:9a:1d:91:ab:ac:75:54:25:f8:1a:86:a7:86:
79:30:f3:c9:26:5d:1a:95:4a:b6:94:bb:f7:1d:8a:c1:99:f4:
fd:94:e3:77:eb:dd:45:e8:12:e5:e9:39:79:88:a5:ea:1f:6e:
5c:b9:08:49:14:73:69:91:cd:55:18:c1:8a:7f:01:f9:95:9e:
1b:68:d1:0f:27:6d:72:4f:3a:f4:ae:78:16:1b:31:ff:9a:7b:
a9:eb:02:19:9d:b4:95:2c:72:e5:ba:54:e6:28:a7:69:d6:d8:
3c:38:83:f7:37:16:0b:8d:ac:c0:c4:2e:a0:67:2a:e2:37:4f:
86:a6:55:79:6e:5a:99:d6:9d:0a:16:c1:c1:ec:f6:32:ca:9d:
c3:7a:a9:c0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICIZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2
RUY2N0I2RDYwHhcNMjQxMjA2MTYwMzM0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzMjA1NS1kYTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA417AylNidDY0FFc4y9hdgsjFR110L6tDN8w0sptoAl0JYV/69gsiZqos61UI
raca0kR3muKyVeGqln52cpucd4wA4xEolhTmoiTnKmeiAKgvYv2s4ky9uMh0N7/U
xm5lY7XC8LGrrpjQ0T0gJPQSbJtYtD/IcR4JxzY8BiQhBz82/KtdDlXFOOT9RNzL
EdZBwJ7TSjPVsS5grCpK09ahQH0hqEmQGgIedYQUnlfmyiUkKcNysWVX3QtFAlY0
U0SX4BLY0t+pxqOrlSv/lzxAbaa9sJxWLVW4yvJnuhM2pDZcDOSsjrO791Zic7ul
e2b98PgRKuUIt/apEndb+JwlKQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPYdGQhm
dyAmZFmgsqhT6LEQ/JjeMB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy
RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50
dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvRUE3RUY3Nzg2
MEJCMTFFRjk4QTI3RDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBALcnswwDQQCAAIwBwMFACQF00AwDQYJKoZIhvcNAQELBQAD
ggEBAAj08XwOVx/UX+NRURb+2B3NO+VRPEKNV4cmnIhwGncMYVCL+uN2sHQR2dNX
WdTALE9gokfS+uMqJTkKzoFRWaR1HWkFtmRNyZVC9lF+Hj9ziCRBOw8Z4AmWoOpl
2Hr5iC98+d4+0sTrxN3uBVwIqTFmmh2Rq6x1VCX4Goanhnkw88kmXRqVSraUu/cd
isGZ9P2U43fr3UXoEuXpOXmIpeofbly5CEkUc2mRzVUYwYp/AfmVnhto0Q8nbXJP
OvSueBYbMf+ae6nrAhmdtJUscuW6VOYop2nW2Dw4g/c3FguNrMDELqBnKuI3T4am
VXluWpnWnQoWwcHs9jLKncN6qcA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:05:17 2025 by rpki-client