Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32312e302f32342d3234203d3e20383334.roa
File: 34332e3235322e32312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: BzmPnlSBC7erf5HupUZqbeleBFUXCOl7BYoz+stGt1w=
Subject key identifier: 1C:DA:B2:1E:E8:8D:C7:38:E2:9A:0F:52:0E:6C:8A:A4:B0:BB:09:BE
Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B
Certificate serial: 69710C8BD08DD401D12D798F06B5485F366D13EE
Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32312e302f32342d3234203d3e20383334.roa
Signing time: Wed 18 Dec 2024 06:10:48 +0000
ROA not before: Wed 18 Dec 2024 06:05:48 +0000
ROA not after: Wed 17 Dec 2025 06:10:48 +0000
asID: 834
IP address blocks: 43.252.21.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:71:0c:8b:d0:8d:d4:01:d1:2d:79:8f:06:b5:48:5f:36:6d:13:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD5100000
Validity
Not Before: Dec 18 06:05:48 2024 GMT
Not After : Dec 17 06:10:48 2025 GMT
Subject: CN=1CDAB21EE88DC738E29A0F520E6C8AA4B0BB09BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:83:56:85:a0:5a:f0:14:a6:82:a7:32:c6:5a:
6d:98:8a:b8:b9:e1:7a:74:53:eb:8b:b7:1e:8a:ea:
6f:a3:28:57:b7:75:8a:a5:5b:e5:88:98:d3:35:1a:
b9:11:54:22:59:0a:87:b2:fe:e2:85:19:9f:17:6e:
53:fc:18:ab:88:e5:98:54:3f:1c:7b:ce:12:d2:73:
59:a1:f2:f5:7a:e6:a4:bb:3b:1c:ac:a0:88:6e:07:
ce:37:83:16:4a:13:69:f9:b7:bd:07:1d:16:a0:e0:
f7:6f:d4:af:3e:fc:e2:8f:e0:ad:06:3f:df:dc:8e:
e9:9c:1c:bb:b5:70:a4:4c:cd:08:a1:20:b3:9e:4a:
cf:dd:a2:76:3f:ad:da:12:3f:bc:7d:c5:ee:8d:3e:
6c:b1:da:56:68:ef:17:e6:6e:25:ed:88:3d:eb:a1:
d4:c5:84:d8:6b:9e:bd:0f:5b:03:56:e2:97:72:f0:
0a:24:df:ff:b1:77:c1:34:6a:1a:d4:15:2c:0d:e8:
a2:f8:7f:f2:14:67:4a:82:ab:13:07:11:c9:b3:ce:
a4:04:60:7c:41:51:3b:a6:e0:5f:7c:67:a2:85:0a:
64:20:0b:ab:c8:fb:96:86:f2:d8:9a:a2:fc:d7:9e:
b1:dc:03:7c:27:08:e6:fb:e7:52:6e:bc:b6:84:28:
c4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DA:B2:1E:E8:8D:C7:38:E2:9A:0F:52:0E:6C:8A:A4:B0:BB:09:BE
X509v3 Authority Key Identifier:
keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.21.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:dc:5c:c4:e9:70:69:6b:60:3e:9b:72:72:02:87:62:3f:11:
45:e0:6f:24:53:f3:bd:1e:0e:ec:3d:da:f1:1e:75:76:d1:d7:
9f:a2:2f:c5:5d:62:b4:e9:3c:23:c1:9d:b8:f2:6b:c0:40:e9:
6f:51:69:3b:8e:e2:ca:49:07:a6:6f:8e:c6:6e:5b:7a:3f:f4:
b6:56:7e:23:b5:c9:c7:58:f3:8b:e7:72:ff:29:c3:5b:c4:ae:
11:38:c9:aa:ed:5f:bc:73:88:35:7c:86:36:f7:13:06:12:d4:
68:93:f9:4f:85:ec:48:fb:eb:2b:41:94:0a:f0:71:7b:eb:96:
2e:bb:b2:b5:02:c5:28:d3:b1:03:2d:6e:6e:88:93:c2:37:67:
b6:b4:e2:d3:6c:9e:21:b4:a0:b1:67:0e:d6:81:db:b6:74:97:
b8:a7:2e:b1:05:42:9e:c5:5f:6a:10:94:53:11:84:3b:78:1d:
cb:c1:58:66:35:8e:a4:8b:94:50:d6:1e:cc:3e:fe:2d:a7:d2:
ff:2d:8e:45:e2:75:69:6f:2a:ad:3d:78:b9:43:1c:47:ed:0d:
b7:4c:be:0e:af:7f:32:15:28:3e:77:7e:0b:30:f3:f3:83:3c:
96:b5:92:42:a7:4d:82:18:1a:1b:e2:2a:4c:70:9a:fa:7d:fc:
8f:bf:83:94
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUaXEMi9CN1AHRLXmPBrVIXzZtE+4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1
Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI0MTIxODA2MDU0OFoX
DTI1MTIxNzA2MTA0OFowMzExMC8GA1UEAxMoMUNEQUIyMUVFODhEQzczOEUyOUEw
RjUyMEU2QzhBQTRCMEJCMDlCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJODVoWgWvAUpoKnMsZabZiKuLnhenRT64u3Horqb6MoV7d1iqVb5YiY0zUa
uRFUIlkKh7L+4oUZnxduU/wYq4jlmFQ/HHvOEtJzWaHy9XrmpLs7HKygiG4HzjeD
FkoTafm3vQcdFqDg92/Urz784o/grQY/39yO6Zwcu7VwpEzNCKEgs55Kz92idj+t
2hI/vH3F7o0+bLHaVmjvF+ZuJe2IPeuh1MWE2GuevQ9bA1bil3LwCiTf/7F3wTRq
GtQVLA3oovh/8hRnSoKrEwcRybPOpARgfEFRO6bgX3xnooUKZCALq8j7loby2Jqi
/NeesdwDfCcI5vvnUm68toQoxMsCAwEAAaOCAgswggIHMB0GA1UdDgQWBBQc2rIe
6I3HOOKaD1IObIqksLsJvjAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c
ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw
RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp
UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGFBggrBgEFBQcBCwR5MHcwdQYIKwYBBQUH
MAuGaXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1
MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMxMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAK/wVMA0GCSqGSIb3DQEBCwUAA4IBAQCc3FzE
6XBpa2A+m3JyAodiPxFF4G8kU/O9Hg7sPdrxHnV20defoi/FXWK06TwjwZ248mvA
QOlvUWk7juLKSQemb47Gblt6P/S2Vn4jtcnHWPOL53L/KcNbxK4ROMmq7V+8c4g1
fIY29xMGEtRok/lPhexI++srQZQK8HF765Yuu7K1AsUo07EDLW5uiJPCN2e2tOLT
bJ4htKCxZw7Wgdu2dJe4py6xBUKexV9qEJRTEYQ7eB3LwVhmNY6ki5RQ1h7MPv4t
p9L/LY5F4nVpbyqtPXi5QxxH7Q23TL4Or38yFSg+d34LMPPzgzyWtZJCp02CGBob
4ipMcJr6ffyPv4OU
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:50:39 2025 by rpki-client