Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A50F0FEEFDD611EFB626AD70C4F9AE02.roa
File: A50F0FEEFDD611EFB626AD70C4F9AE02.roa (raw, json)
Hash identifier: glT2Od8RNp0kxvg3JqKW6DcMDo5RatIgr2uI7M79H8U=
Subject key identifier: 2A:8E:0B:D7:BC:CB:AD:21:10:E1:4D:58:B2:C5:32:E9:AF:0A:14:4F
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0CD0
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A50F0FEEFDD611EFB626AD70C4F9AE02.roa
Signing time: Mon 10 Mar 2025 17:39:41 +0000
ROA not before: Mon 10 Mar 2025 17:39:41 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 55154
IP address blocks: 14.192.152.0/24 maxlen: 24
111.92.128.0/24 maxlen: 24
111.92.140.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3280 (0xcd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Mar 10 17:39:41 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67cf23dc-da7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b6:85:7a:97:1b:e8:81:8a:2b:96:80:c2:c5:
c0:90:96:bb:3b:99:55:88:17:98:7e:c5:7a:70:fe:
39:b9:97:48:6f:73:e1:14:ab:d2:31:89:47:1b:16:
79:5f:a4:87:31:76:89:28:68:4e:7e:78:6b:f1:60:
0d:2c:b3:71:95:9d:2a:b5:fa:44:6d:95:2e:aa:66:
ae:aa:3f:3a:87:48:cf:b6:18:71:25:4b:f2:4d:43:
4a:41:f9:d7:45:82:a7:c7:d8:7d:4e:62:da:65:72:
95:57:c9:e2:1c:76:73:34:5c:e7:95:38:98:1e:22:
f0:99:6b:a8:7e:69:1b:2d:94:69:7a:4b:42:a1:39:
77:ae:7f:cd:5a:dd:f5:9e:fb:55:df:1c:4b:96:57:
59:d5:f7:96:7c:fd:e7:92:44:af:57:d5:18:dc:af:
61:b9:68:bb:2e:13:9d:37:c5:d3:a5:0b:7f:0a:75:
c3:7c:0f:5e:6e:15:0d:49:b6:32:db:2e:1c:09:e8:
f3:31:99:eb:0a:f7:c5:93:43:99:04:4c:2d:86:25:
da:80:3d:d5:8c:dd:c3:85:01:75:6f:f0:43:27:6e:
8e:b3:67:d9:68:66:fd:c1:f6:4c:55:9b:c1:fb:33:
64:5e:d9:59:c0:f7:42:a9:e6:21:d3:fc:89:78:66:
2e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8E:0B:D7:BC:CB:AD:21:10:E1:4D:58:B2:C5:32:E9:AF:0A:14:4F
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A50F0FEEFDD611EFB626AD70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.152.0/24
111.92.128.0/24
111.92.140.0/24
111.92.150.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:0f:e3:b3:ce:77:79:41:6e:08:4b:20:05:22:00:c1:5f:ae:
da:95:4d:9e:dc:28:87:6a:e4:0f:d2:fa:13:78:fd:d0:51:a6:
0b:71:88:6f:2a:9c:07:10:78:1d:dc:d2:79:e0:7d:30:6c:a9:
cd:34:d9:e8:e0:61:ca:75:e9:d6:2a:a2:ff:17:77:36:1d:28:
8d:b9:b7:e6:8b:c1:cd:d7:b9:9e:73:18:6f:ad:53:83:85:16:
b4:38:ec:f3:08:e2:6f:5f:08:ef:f3:3e:b2:de:66:fe:7e:c3:
49:ba:8c:0a:61:3e:a2:68:33:1d:c2:1c:40:ce:b2:3a:a5:11:
a4:ee:fa:3d:05:db:bf:80:dc:c6:eb:36:e0:7a:10:aa:05:23:
2a:1c:30:bc:d7:7e:ca:a8:40:47:8e:1b:e5:6d:e7:f3:24:06:
54:e8:90:21:4b:94:1e:f4:15:15:18:ba:7c:f4:c5:b1:7d:6d:
6d:0a:0e:11:c1:29:26:92:53:9a:99:26:00:f8:f5:ed:8c:a5:
a8:97:87:a0:3a:bd:8b:75:4c:f0:f1:63:35:54:a6:f7:cb:de:
68:0f:ab:d8:83:b5:77:a8:9b:1a:b6:23:d5:a5:f4:c4:1c:e7:
d2:a9:a8:ed:80:9c:a8:7e:97:2a:41:94:7c:a2:0d:5f:4d:82:
fe:2f:87:09
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDNAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMzEwMTczOTQxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmMjNkYy1kYTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6LaFepcb6IGKK5aAwsXAkJa7O5lViBeYfsV6cP45uZdIb3PhFKvSMYlHGxZ5
X6SHMXaJKGhOfnhr8WANLLNxlZ0qtfpEbZUuqmauqj86h0jPthhxJUvyTUNKQfnX
RYKnx9h9TmLaZXKVV8niHHZzNFznlTiYHiLwmWuofmkbLZRpektCoTl3rn/NWt31
nvtV3xxLlldZ1feWfP3nkkSvV9UY3K9huWi7LhOdN8XTpQt/CnXDfA9ebhUNSbYy
2y4cCejzMZnrCvfFk0OZBEwthiXagD3VjN3DhQF1b/BDJ26Os2fZaGb9wfZMVZvB
+zNkXtlZwPdCqeYh0/yJeGYuaQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFCqOC9e8
y60hEOFNWLLFMumvChRPMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQTUwRjBGRUVG
REQ2MTFFRkI2MjZBRDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAAOwJgDBABvXIADBABvXIwDBABvXJYwDQYJKoZIhvcNAQEL
BQADggEBACwP47POd3lBbghLIAUiAMFfrtqVTZ7cKIdq5A/S+hN4/dBRpgtxiG8q
nAcQeB3c0nngfTBsqc002ejgYcp16dYqov8XdzYdKI25t+aLwc3XuZ5zGG+tU4OF
FrQ47PMI4m9fCO/zPrLeZv5+w0m6jAphPqJoMx3CHEDOsjqlEaTu+j0F27+A3Mbr
NuB6EKoFIyocMLzXfsqoQEeOG+Vt5/MkBlTokCFLlB70FRUYunz0xbF9bW0KDhHB
KSaSU5qZJgD49e2MpaiXh6A6vYt1TPDxYzVUpvfL3mgPq9iDtXeomxq2I9Wl9MQc
59KpqO2AnKh+lypBlHyiDV9Ngv4vhwk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:11:10 2025 by rpki-client