Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/7/323430303a363832303a3a2f33322d3438203d3e2039383838.roa
File: 323430303a363832303a3a2f33322d3438203d3e2039383838.roa (raw, json)
Hash identifier: IuJmEVUfqCPytnG8AEOkj/ZoGEMJgsuh1bHlpcX48s4=
Subject key identifier: A3:3B:4B:CA:3E:1D:C8:E0:05:84:E5:CC:4B:65:44:06:5E:AF:79:04
Certificate issuer: /CN=A919619E0000/serialNumber=4B1987D5160068092602529871C93EA320045A75
Certificate serial: 632BF2DA08B5D7B1D113DD0A766638CDC22BE563
Authority key identifier: 4B:19:87:D5:16:00:68:09:26:02:52:98:71:C9:3E:A3:20:04:5A:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SxmH1RYAaAkmAlKYcck-oyAEWnU.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/7/323430303a363832303a3a2f33322d3438203d3e2039383838.roa
Signing time: Wed 04 Dec 2024 07:09:29 +0000
ROA not before: Wed 04 Dec 2024 07:04:29 +0000
ROA not after: Wed 03 Dec 2025 07:09:29 +0000
asID: 9888
IP address blocks: 2400:6820::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:2b:f2:da:08:b5:d7:b1:d1:13:dd:0a:76:66:38:cd:c2:2b:e5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919619E0000
Validity
Not Before: Dec 4 07:04:29 2024 GMT
Not After : Dec 3 07:09:29 2025 GMT
Subject: CN=A33B4BCA3E1DC8E00584E5CC4B6544065EAF7904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:aa:66:75:b3:30:07:9b:a6:46:47:0b:76:b1:
0b:fd:c7:e8:3a:74:2c:69:4d:a4:88:5f:40:e4:a5:
0a:c1:27:f7:20:ed:17:b8:0d:4b:4e:93:40:21:d8:
60:fe:49:9d:91:80:d8:45:bf:1e:76:f4:52:7a:e1:
89:55:fc:06:05:ac:65:30:60:28:a0:1a:b5:5c:95:
80:55:c6:56:45:3f:c3:e2:6a:1e:c6:36:9e:63:65:
64:5f:c4:5a:70:5a:6e:c4:40:a5:39:45:c1:a7:36:
26:c7:53:50:a9:75:0a:63:91:c4:5f:08:92:24:28:
65:53:1b:3d:41:0b:ac:9c:ba:60:42:5c:77:96:ef:
2b:10:89:ea:05:13:54:a4:e7:4d:2a:4c:92:57:38:
b9:1e:23:6a:54:0d:2a:8a:1b:f7:46:32:09:fa:91:
1d:ea:68:1b:82:3f:ce:01:d7:56:59:54:3c:43:7a:
c3:5f:ce:5c:af:7c:28:c8:8d:d8:6f:9b:28:a6:cd:
39:82:0c:77:f7:99:69:16:20:53:ff:c0:97:06:40:
bb:df:c3:9d:b9:bb:84:e3:6d:e1:2e:03:b3:c3:ed:
11:52:08:f2:26:8b:b7:87:5d:d1:4f:be:83:4a:52:
9d:50:87:a1:b5:bd:a0:ee:fe:7b:28:71:8c:76:40:
c1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3B:4B:CA:3E:1D:C8:E0:05:84:E5:CC:4B:65:44:06:5E:AF:79:04
X509v3 Authority Key Identifier:
keyid:4B:19:87:D5:16:00:68:09:26:02:52:98:71:C9:3E:A3:20:04:5A:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/7/4B1987D5160068092602529871C93EA320045A75.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SxmH1RYAaAkmAlKYcck-oyAEWnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/7/323430303a363832303a3a2f33322d3438203d3e2039383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6820::/32
Signature Algorithm: sha256WithRSAEncryption
a3:22:3d:72:1f:1d:90:f0:00:08:dd:4f:74:cd:7c:a8:12:29:
05:04:70:3e:0d:d8:bb:96:89:aa:d9:cc:e7:18:13:eb:cb:18:
28:4a:5a:c5:60:a0:76:44:39:ba:58:99:6d:3e:97:46:79:74:
a3:cb:7c:0c:98:ed:2d:fa:64:42:19:56:01:7a:e8:96:2d:9b:
83:21:54:db:b6:96:90:a9:87:93:c5:23:21:35:38:eb:e9:30:
91:63:a1:14:9f:53:86:7b:85:f3:98:f9:eb:52:47:31:68:69:
0d:bd:ba:7d:a0:7e:90:32:5f:5a:6e:5d:db:68:6a:d8:cb:29:
b4:4c:19:89:92:08:ba:54:85:7b:58:c3:6b:fc:a6:80:09:72:
99:41:a0:a4:f1:95:02:28:c1:0f:b7:36:69:f0:ca:53:07:a7:
41:eb:35:2f:50:2a:2f:46:ec:f5:2f:6b:c5:66:4d:fc:e4:de:
35:0b:58:4f:ba:06:c0:5a:13:76:89:29:d2:ce:ff:3a:03:60:
9e:78:6d:39:41:26:71:ab:3b:84:0e:be:bd:56:d9:6e:9f:c4:
0b:73:30:fa:ba:f2:2c:c3:3a:c9:1c:11:7b:3f:8d:a7:dd:46:
9e:ec:33:35:30:31:8c:50:84:8f:0d:97:21:f1:b0:51:9c:c6:
8f:b6:58:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUYyvy2gi117HRE90KdmY4zcIr5WMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxOTYxOUUwMDAwMTEwLwYDVQQFEyg0QjE5ODdENTE2
MDA2ODA5MjYwMjUyOTg3MUM5M0VBMzIwMDQ1QTc1MB4XDTI0MTIwNDA3MDQyOVoX
DTI1MTIwMzA3MDkyOVowMzExMC8GA1UEAxMoQTMzQjRCQ0EzRTFEQzhFMDA1ODRF
NUNDNEI2NTQ0MDY1RUFGNzkwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCqZnWzMAebpkZHC3axC/3H6Dp0LGlNpIhfQOSlCsEn9yDtF7gNS06TQCHY
YP5JnZGA2EW/Hnb0UnrhiVX8BgWsZTBgKKAatVyVgFXGVkU/w+JqHsY2nmNlZF/E
WnBabsRApTlFwac2JsdTUKl1CmORxF8IkiQoZVMbPUELrJy6YEJcd5bvKxCJ6gUT
VKTnTSpMklc4uR4jalQNKoob90YyCfqRHepoG4I/zgHXVllUPEN6w1/OXK98KMiN
2G+bKKbNOYIMd/eZaRYgU//AlwZAu9/Dnbm7hONt4S4Ds8PtEVII8iaLt4dd0U++
g0pSnVCHobW9oO7+eyhxjHZAwbUCAwEAAaOCAg4wggIKMB0GA1UdDgQWBBSjO0vK
Ph3I4AWE5cxLZUQGXq95BDAfBgNVHSMEGDAWgBRLGYfVFgBoCSYCUphxyT6jIARa
dTAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvNy80QjE5ODdE
NTE2MDA2ODA5MjYwMjUyOTg3MUM5M0VBMzIwMDQ1QTc1LmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9TeG1IMVJZQWFB
a21BbEtZY2NrLW95QUVXblUuY2VyMIGHBggrBgEFBQcBCwR7MHkwdwYIKwYBBQUH
MAuGa3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzcvMzIzNDMwMzAzYTM2MzgzMjMwM2EzYTJmMzMzMjJkMzQzODIwM2Qz
ZTIwMzkzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYB
BQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAGggMA0GCSqGSIb3DQEBCwUAA4IBAQCj
Ij1yHx2Q8AAI3U90zXyoEikFBHA+Ddi7lomq2cznGBPryxgoSlrFYKB2RDm6WJlt
PpdGeXSjy3wMmO0t+mRCGVYBeuiWLZuDIVTbtpaQqYeTxSMhNTjr6TCRY6EUn1OG
e4XzmPnrUkcxaGkNvbp9oH6QMl9abl3baGrYyym0TBmJkgi6VIV7WMNr/KaACXKZ
QaCk8ZUCKMEPtzZp8MpTB6dB6zUvUCovRuz1L2vFZk385N41C1hPugbAWhN2iSnS
zv86A2CeeG05QSZxqzuEDr69Vtlun8QLczD6uvIswzrJHBF7P42n3Uae7DM1MDGM
UISPDZch8bBRnMaPtljM
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:35 2025 by rpki-client