Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/FF9D89B6AB4C11ECB0C94F67C4F9AE02.roa
File: FF9D89B6AB4C11ECB0C94F67C4F9AE02.roa (raw, json)
Hash identifier: p5RWbmc3OrbusuGd87uXwNNKECyHXGRqb7DFbO3Zzjc=
Subject key identifier: 9F:91:2E:CF:AF:AA:3E:F0:46:D8:9E:54:63:E3:DD:8F:27:EB:FB:F3
Certificate issuer: /CN=A91F8E3D/serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D
Certificate serial: 041B
Authority key identifier: 3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/FF9D89B6AB4C11ECB0C94F67C4F9AE02.roa
Signing time: Sun 15 Dec 2024 00:03:37 +0000
ROA not before: Sun 15 Dec 2024 00:03:37 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 149056
IP address blocks: 2400:3f60:3::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1051 (0x41b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8E3D
Validity
Not Before: Dec 15 00:03:37 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675e1cd9-cbf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a0:bd:6a:36:00:d7:7a:68:54:07:e7:63:e8:
c9:e3:45:93:2b:e0:07:fc:91:a2:82:4b:e6:de:2e:
21:ca:b3:73:31:32:21:91:72:7c:9f:29:91:08:b2:
4b:0f:41:5d:7c:87:94:bd:72:7c:1e:d4:ab:14:21:
28:26:d6:5a:c2:dc:b2:34:42:50:1b:86:23:c2:a7:
b1:30:f2:f1:46:15:2d:a4:6d:b6:2b:0d:c8:d4:69:
85:64:cd:e6:b3:42:14:7e:6a:ed:cb:b6:70:d9:7f:
b6:8c:2f:72:a8:2a:cb:18:b1:35:74:11:ff:47:a8:
a9:3f:74:3e:e5:b3:32:26:4d:d0:08:a0:9d:95:2b:
f0:8e:36:3f:fa:c4:fd:a5:99:d4:05:69:6c:dc:72:
d4:91:85:6c:a5:33:e1:90:c4:90:0d:b0:a0:57:48:
7e:56:37:e6:ec:b1:33:cb:32:e2:70:e2:3c:c9:84:
73:3d:55:af:62:d1:a7:b9:85:23:85:7e:c6:93:33:
0b:aa:8a:9e:11:f1:72:49:3e:0f:e5:b4:f2:7b:c9:
8d:54:50:50:d5:af:a1:9c:cf:13:ae:be:a2:ea:e6:
f7:ce:f4:94:10:77:51:53:ab:4e:99:19:61:a9:da:
52:86:9f:64:0a:ee:42:0d:3e:13:54:3b:cb:59:9d:
36:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:91:2E:CF:AF:AA:3E:F0:46:D8:9E:54:63:E3:DD:8F:27:EB:FB:F3
X509v3 Authority Key Identifier:
keyid:3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/FF9D89B6AB4C11ECB0C94F67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:3f60:3::/48
Signature Algorithm: sha256WithRSAEncryption
1d:20:86:93:24:ed:47:25:3e:e1:0d:a4:92:c4:8b:59:db:a1:
94:b5:2d:64:9c:77:46:42:89:63:3a:73:59:69:a4:84:d7:a7:
e4:61:ca:9b:1b:9e:1f:05:d2:e5:3a:9e:65:3c:7c:2e:cb:93:
da:15:b6:3d:7e:cc:20:c5:2c:97:b8:fb:18:cf:80:41:31:d2:
26:c6:c9:3e:44:67:58:5b:d2:e5:f8:c2:c1:8f:fb:38:6f:89:
dc:e7:50:0a:f3:04:d2:c5:9d:f4:01:82:02:43:c4:87:ca:fd:
64:9c:aa:86:b8:1e:08:00:c2:91:ea:07:e7:e6:db:32:e0:7f:
8d:8c:bf:9d:cb:a6:d1:b6:7e:f3:87:c9:99:88:60:b3:47:37:
64:b2:64:ba:62:0c:2f:81:a6:4f:e0:47:07:c6:be:50:cd:30:
1d:28:35:e5:81:3a:0c:bd:89:8f:02:32:54:fe:8e:6f:d1:89:
eb:ed:71:9e:98:98:f3:1a:37:38:a6:07:bb:56:cc:40:6d:6b:
48:0f:c8:73:32:32:09:df:07:73:b2:2a:18:da:60:19:3c:99:
0c:5a:2e:4a:5d:f3:85:69:74:20:78:89:30:7f:71:bd:42:d2:
ed:12:22:4f:08:b7:11:3d:c9:8e:30:5e:77:48:53:a2:c7:8b:
16:1f:64:f5
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjhFM0QxMTAvBgNVBAUTKDNBQUZGQkI3RUE0QTYwRDc3QkI0NDI4NEFDQkYyNUMz
OThCQTlBNkQwHhcNMjQxMjE1MDAwMzM3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVlMWNkOS1jYmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvaC9ajYA13poVAfnY+jJ40WTK+AH/JGigkvm3i4hyrNzMTIhkXJ8nymRCLJL
D0FdfIeUvXJ8HtSrFCEoJtZawtyyNEJQG4YjwqexMPLxRhUtpG22Kw3I1GmFZM3m
s0IUfmrty7Zw2X+2jC9yqCrLGLE1dBH/R6ipP3Q+5bMyJk3QCKCdlSvwjjY/+sT9
pZnUBWls3HLUkYVspTPhkMSQDbCgV0h+Vjfm7LEzyzLicOI8yYRzPVWvYtGnuYUj
hX7GkzMLqoqeEfFyST4P5bTye8mNVFBQ1a+hnM8Trr6i6ub3zvSUEHdRU6tOmRlh
qdpShp9kCu5CDT4TVDvLWZ02rwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJ+RLs+v
qj7wRtieVGPj3Y8n6/vzMB8GA1UdIwQYMBaAFDqv+7fqSmDXe7RChKy/JcOYuppt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEUzRC8wQUI0Mzg2QTU4
NEUxMUVDOUZDRjE3NzlDNEY5QUUwMi9PcV83dC1wS1lOZDd0RUtFckw4bHc1aTZt
bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xXzd0LXBLWU5kN3RFS0VyTDhsdzVpNm1tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjhFM0QvMEFCNDM4NkE1ODRFMTFFQzlGQ0YxNzc5QzRGOUFFMDIvRkY5RDg5QjZB
QjRDMTFFQ0IwQzk0RjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAD9gAAMwDQYJKoZIhvcNAQELBQADggEBAB0ghpMk7Ucl
PuENpJLEi1nboZS1LWScd0ZCiWM6c1lppITXp+Rhypsbnh8F0uU6nmU8fC7Lk9oV
tj1+zCDFLJe4+xjPgEEx0ibGyT5EZ1hb0uX4wsGP+zhvidznUArzBNLFnfQBggJD
xIfK/WScqoa4HggAwpHqB+fm2zLgf42Mv53LptG2fvOHyZmIYLNHN2SyZLpiDC+B
pk/gRwfGvlDNMB0oNeWBOgy9iY8CMlT+jm/RievtcZ6YmPMaNzimB7tWzEBta0gP
yHMyMgnfB3OyKhjaYBk8mQxaLkpd84VpdCB4iTB/cb1C0u0SIk8ItxE9yY4wXndI
U6LHixYfZPU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:25:46 2025 by rpki-client