Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32342d3234203d3e2039343439.roa
File: 3230332e342e3136382e302f32342d3234203d3e2039343439.roa (raw, json)
Hash identifier: ZoLzi5Xd5utb1AI63IXWGz+aVO82OnCDuPInrqLocDM=
Subject key identifier: FE:E0:81:32:F8:66:4A:71:6D:31:CE:D7:2B:19:04:E0:D1:34:1F:6F
Certificate issuer: /CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Certificate serial: 28057E2BD6517E4E2E8644F7126FCBB1574D42D1
Authority key identifier: B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32342d3234203d3e2039343439.roa
Signing time: Tue 14 Jan 2025 00:10:10 +0000
ROA not before: Tue 14 Jan 2025 00:05:10 +0000
ROA not after: Tue 13 Jan 2026 00:10:10 +0000
asID: 9449
IP address blocks: 203.4.168.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:05:7e:2b:d6:51:7e:4e:2e:86:44:f7:12:6f:cb:b1:57:4d:42:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AC370000
Validity
Not Before: Jan 14 00:05:10 2025 GMT
Not After : Jan 13 00:10:10 2026 GMT
Subject: CN=FEE08132F8664A716D31CED72B1904E0D1341F6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:4d:85:03:57:67:7e:4d:59:66:7e:0f:19:ec:
0f:79:cb:30:9a:3e:c3:da:dd:0a:84:f4:31:1d:4f:
17:46:1c:5c:52:7f:9c:6a:2d:6d:13:a5:a4:dc:9b:
06:77:6c:2b:2d:da:27:2b:4f:bf:ed:e2:ba:c7:40:
ac:da:62:a5:34:b1:24:41:eb:ce:4e:34:96:f3:af:
fd:07:e6:2a:44:3e:ec:0a:9f:fb:8e:6c:f7:b5:5d:
b4:a8:20:ea:eb:27:7b:75:e7:58:29:da:48:2b:12:
13:6a:ed:7e:9c:6b:30:dd:fe:38:42:10:47:58:1a:
27:73:d5:a2:56:b7:01:bf:e0:f2:51:9d:72:a7:36:
12:27:0a:7f:e4:78:89:aa:b1:51:13:80:65:0e:9f:
c0:67:a4:40:1e:ac:b0:7d:9f:55:6b:a4:a1:e0:59:
3e:4b:02:fd:10:90:d4:94:1a:a1:ac:4f:e1:eb:f8:
53:c2:87:a7:fb:2c:1f:77:ea:39:90:bb:d3:35:98:
93:fb:b3:0d:0c:50:48:98:65:0b:2e:07:08:15:e4:
94:a0:39:99:d5:f8:bd:7c:6d:9a:1d:fa:e2:42:58:
dd:69:1f:38:c7:08:92:dd:38:5e:86:1d:2d:a9:a0:
9b:bc:ac:87:53:ee:e7:cf:83:be:92:4a:09:82:bb:
aa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E0:81:32:F8:66:4A:71:6D:31:CE:D7:2B:19:04:E0:D1:34:1F:6F
X509v3 Authority Key Identifier:
keyid:B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/B18F989967D30F2509E3D29707C5F85B5F6BDB6F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136382e302f32342d3234203d3e2039343439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.4.168.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:c9:1a:40:60:c3:d4:51:88:b9:6f:c3:87:de:5d:b6:31:91:
4b:c5:9f:4a:74:2a:c8:7a:06:01:fb:5c:cb:64:fc:6f:40:fa:
33:53:9b:cd:81:26:50:61:30:dd:a6:d5:97:5b:d1:1e:d3:76:
34:d2:02:15:7b:e0:4c:e1:b9:d1:6e:a6:33:36:21:9a:49:fc:
57:29:e3:cd:75:64:14:f8:b0:6e:8c:41:14:28:1d:d2:1d:c5:
fa:f0:1d:1e:fd:28:79:40:4d:a3:5a:de:07:b5:13:27:1c:4b:
71:12:43:68:5f:db:aa:72:1a:98:53:14:ff:2c:28:c8:37:e6:
70:a4:06:fb:9d:13:40:7d:89:1e:78:a6:d5:17:df:22:a6:0c:
2d:38:31:ae:7d:3d:25:c7:98:4c:6f:f0:cc:34:91:6e:b9:c6:
d7:91:f3:5c:96:f3:c3:b4:52:a4:ed:75:6c:d0:cb:96:c1:4f:
05:71:88:a5:8d:5c:ee:75:08:32:81:01:6b:f4:c0:3f:a8:c6:
25:1c:02:95:f9:60:5a:29:3e:4d:41:73:10:9a:a9:c7:45:8d:
87:a1:c0:66:39:fe:84:98:2a:0b:30:5a:d7:d7:58:8d:ee:9c:
21:21:58:9c:31:07:13:50:8f:4a:0a:df:ab:d9:8c:bf:e2:47:
b8:37:2a:a8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUKAV+K9ZRfk4uhkT3Em/LsVdNQtEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMUFDMzcwMDAwMTEwLwYDVQQFEyhCMThGOTg5OTY3
RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGMB4XDTI1MDExNDAwMDUxMFoX
DTI2MDExMzAwMTAxMFowMzExMC8GA1UEAxMoRkVFMDgxMzJGODY2NEE3MTZEMzFD
RUQ3MkIxOTA0RTBEMTM0MUY2RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdNhQNXZ35NWWZ+DxnsD3nLMJo+w9rdCoT0MR1PF0YcXFJ/nGotbROlpNyb
BndsKy3aJytPv+3iusdArNpipTSxJEHrzk40lvOv/QfmKkQ+7Aqf+45s97VdtKgg
6usne3XnWCnaSCsSE2rtfpxrMN3+OEIQR1gaJ3PVola3Ab/g8lGdcqc2EicKf+R4
iaqxUROAZQ6fwGekQB6ssH2fVWukoeBZPksC/RCQ1JQaoaxP4ev4U8KHp/ssH3fq
OZC70zWYk/uzDQxQSJhlCy4HCBXklKA5mdX4vXxtmh364kJY3WkfOMcIkt04XoYd
Lamgm7ysh1Pu58+DvpJKCYK7qvsCAwEAAaOCAg0wggIJMB0GA1UdDgQWBBT+4IEy
+GZKcW0xztcrGQTg0TQfbzAfBgNVHSMEGDAWgBSxj5iZZ9MPJQnj0pcHxfhbX2vb
bzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvMy9CMThGOTg5
OTY3RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9zWS1ZbVdmVER5
VUo0OUtYQjhYNFcxOXIyMjguY2VyMIGHBggrBgEFBQcBCwR7MHkwdwYIKwYBBQUH
MAuGa3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzMvMzIzMDMzMmUzNDJlMzEzNjM4MmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzkzNDM0Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYB
BQUHAQcBAf8EEDAOMAwEAgABMAYDBADLBKgwDQYJKoZIhvcNAQELBQADggEBAA7J
GkBgw9RRiLlvw4feXbYxkUvFn0p0Ksh6BgH7XMtk/G9A+jNTm82BJlBhMN2m1Zdb
0R7TdjTSAhV74EzhudFupjM2IZpJ/Fcp4811ZBT4sG6MQRQoHdIdxfrwHR79KHlA
TaNa3ge1EyccS3ESQ2hf26pyGphTFP8sKMg35nCkBvudE0B9iR54ptUX3yKmDC04
Ma59PSXHmExv8Mw0kW65xteR81yW88O0UqTtdWzQy5bBTwVxiKWNXO51CDKBAWv0
wD+oxiUcApX5YFopPk1BcxCaqcdFjYehwGY5/oSYKgswWtfXWI3unCEhWJwxBxNQ
j0oK36vZjL/iR7g3Kqg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:14:27 2025 by rpki-client