Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC43D/EDB28E7EA48011E583378886C4F9AE02/2D55F42CB0F611E5B464E359C4F9AE02.roa
File: 2D55F42CB0F611E5B464E359C4F9AE02.roa (raw, json)
Hash identifier: 8mIOCO6QpDE7EtPouAHKOU6jLmPWkYnpnE1kJgri2NI=
Subject key identifier: F2:8A:90:D9:9B:7C:B3:43:5D:ED:ED:66:4B:5E:2F:E9:C5:D0:9F:A1
Certificate issuer: /CN=A91FC43D/serialNumber=AC8DF8B407B07B13679B71C5012BACDDE2501E71
Certificate serial: 21E8
Authority key identifier: AC:8D:F8:B4:07:B0:7B:13:67:9B:71:C5:01:2B:AC:DD:E2:50:1E:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rI34tAewexNnm3HFASus3eJQHnE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FC43D/EDB28E7EA48011E583378886C4F9AE02/2D55F42CB0F611E5B464E359C4F9AE02.roa
Signing time: Wed 22 May 2024 16:23:37 +0000
ROA not before: Wed 22 May 2024 16:23:37 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 56200
IP address blocks: 203.215.52.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8680 (0x21e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FC43D
Validity
Not Before: May 22 16:23:37 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=664e1c09-7d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8e:9d:4c:64:ba:28:6e:16:cb:7d:8a:b0:6c:
cc:e1:5f:f3:a2:7d:0b:91:d6:7f:73:b6:db:fb:6b:
44:d9:af:5f:a8:37:61:dd:b8:8c:50:4d:8e:4a:01:
c6:b1:d1:19:40:70:6a:98:17:ec:f8:47:be:94:c8:
63:2d:80:b8:23:12:2f:dd:75:bc:89:9d:d0:af:04:
7d:28:f4:c2:79:05:74:1f:1f:55:84:cd:44:82:e8:
e5:ef:e8:6f:6d:e8:3e:ff:96:a2:3f:cf:70:9f:01:
33:02:44:11:b6:be:b1:96:94:0c:1c:74:f8:03:40:
5a:e1:16:82:1d:01:70:1a:e6:a5:07:d6:99:fc:db:
ea:6c:0e:10:ad:09:81:c2:63:c0:94:0b:a6:d0:8c:
f2:ae:79:7b:29:ae:87:ac:df:b7:7a:ce:b6:03:98:
a9:de:71:9b:b6:a5:55:d7:09:32:13:b7:2a:76:9f:
34:b6:50:8e:1b:19:89:79:5c:f2:13:e3:10:45:0b:
33:56:35:03:2d:52:41:99:bc:d9:dc:d6:67:8b:51:
2a:14:eb:b2:b7:d5:0e:c5:63:70:ca:3b:4e:2f:a6:
28:e9:2c:1c:13:0a:75:93:e6:f3:86:73:a0:53:7e:
22:11:48:3f:ec:09:fc:85:10:9c:e2:74:82:20:80:
53:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8A:90:D9:9B:7C:B3:43:5D:ED:ED:66:4B:5E:2F:E9:C5:D0:9F:A1
X509v3 Authority Key Identifier:
keyid:AC:8D:F8:B4:07:B0:7B:13:67:9B:71:C5:01:2B:AC:DD:E2:50:1E:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FC43D/EDB28E7EA48011E583378886C4F9AE02/rI34tAewexNnm3HFASus3eJQHnE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rI34tAewexNnm3HFASus3eJQHnE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC43D/EDB28E7EA48011E583378886C4F9AE02/2D55F42CB0F611E5B464E359C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.215.52.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:f1:a6:77:78:6b:e6:31:e0:a5:90:be:30:77:20:89:6d:49:
93:25:ff:39:35:b2:2f:95:ee:79:5a:86:c8:20:aa:7d:75:ed:
b4:2d:e5:12:6c:7f:64:75:5a:f6:5c:4a:82:9a:f3:d8:98:3c:
85:64:25:50:17:ad:0b:36:e1:a5:8c:40:28:45:da:93:2f:8b:
fb:62:40:27:b9:4d:8d:4b:29:2e:23:32:c4:cc:02:29:05:b9:
4d:6d:f6:92:d7:c9:34:c1:f7:ad:16:d9:77:56:de:4f:db:16:
60:6e:41:7f:e6:26:c8:3b:cb:28:e7:55:e1:0a:c1:b5:53:1d:
93:a7:6f:d9:cc:d8:6e:e2:9b:30:34:5f:97:f0:14:e9:88:47:
03:2c:a2:82:cd:19:b3:e5:11:3b:82:30:31:0f:95:06:ed:2e:
1c:61:2c:7a:73:7d:6a:58:1f:6c:1f:c2:00:f0:60:0b:e3:2d:
0b:0b:f8:09:6d:85:67:74:c8:01:b7:7c:75:c0:b9:c9:3d:19:
f5:a6:a8:b3:75:26:0b:18:5f:67:29:63:0f:c7:0b:9a:10:ef:
ad:e1:84:1e:2f:8d:52:d2:5c:43:f2:ce:42:a8:05:da:90:75:
6c:c5:bd:ae:70:a5:01:17:1a:5a:91:69:42:95:7c:23:c4:86:
00:c0:6d:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICIegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkM0M0QxMTAvBgNVBAUTKEFDOERGOEI0MDdCMDdCMTM2NzlCNzFDNTAxMkJBQ0RE
RTI1MDFFNzEwHhcNMjQwNTIyMTYyMzM3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRlMWMwOS03ZDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Y6dTGS6KG4Wy32KsGzM4V/zon0LkdZ/c7bb+2tE2a9fqDdh3biMUE2OSgHG
sdEZQHBqmBfs+Ee+lMhjLYC4IxIv3XW8iZ3QrwR9KPTCeQV0Hx9VhM1Egujl7+hv
beg+/5aiP89wnwEzAkQRtr6xlpQMHHT4A0Ba4RaCHQFwGualB9aZ/NvqbA4QrQmB
wmPAlAum0Izyrnl7Ka6HrN+3es62A5ip3nGbtqVV1wkyE7cqdp80tlCOGxmJeVzy
E+MQRQszVjUDLVJBmbzZ3NZni1EqFOuyt9UOxWNwyjtOL6Yo6SwcEwp1k+bzhnOg
U34iEUg/7An8hRCc4nSCIIBTEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPKKkNmb
fLNDXe3tZkteL+nF0J+hMB8GA1UdIwQYMBaAFKyN+LQHsHsTZ5txxQErrN3iUB5x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQzQzRC9FREIyOEU3RUE0
ODAxMUU1ODMzNzg4ODZDNEY5QUUwMi9ySTM0dEFld2V4Tm5tM0hGQVN1czNlSlFI
bkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JJMzR0QWV3ZXhObm0zSEZBU3VzM2VKUUhuRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkM0M0QvRURCMjhFN0VBNDgwMTFFNTgzMzc4ODg2QzRGOUFFMDIvMkQ1NUY0MkNC
MEY2MTFFNUI0NjRFMzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALL1zQwDQYJKoZIhvcNAQELBQADggEBACrxpnd4a+Yx4KWQ
vjB3IIltSZMl/zk1si+V7nlahsggqn117bQt5RJsf2R1WvZcSoKa89iYPIVkJVAX
rQs24aWMQChF2pMvi/tiQCe5TY1LKS4jMsTMAikFuU1t9pLXyTTB960W2XdW3k/b
FmBuQX/mJsg7yyjnVeEKwbVTHZOnb9nM2G7imzA0X5fwFOmIRwMsooLNGbPlETuC
MDEPlQbtLhxhLHpzfWpYH2wfwgDwYAvjLQsL+AlthWd0yAG3fHXAuck9GfWmqLN1
JgsYX2cpYw/HC5oQ763hhB4vjVLSXEPyzkKoBdqQdWzFva5wpQEXGlqRaUKVfCPE
hgDAbRQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:42 2025 by rpki-client