Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/DCD7F756048411F095177229C4F9AE02.roa
File: DCD7F756048411F095177229C4F9AE02.roa (raw, json)
Hash identifier: PJnt80PstBsPu+Je/uk2L+eWT12a7ahlhHYmODLLA84=
Subject key identifier: 65:25:60:1D:F9:35:F3:B8:E9:04:FB:DA:7A:11:9C:14:84:1A:AE:C6
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 35F3
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/DCD7F756048411F095177229C4F9AE02.roa
Signing time: Wed 19 Mar 2025 05:41:54 +0000
ROA not before: Wed 19 Mar 2025 05:41:54 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 55154
IP address blocks: 116.90.100.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13811 (0x35f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E
Validity
Not Before: Mar 19 05:41:54 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67da5921-ce2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c4:6e:92:d5:5c:28:71:9f:11:83:8d:ff:2e:
fd:52:82:19:6d:41:1c:76:34:6b:6e:44:22:72:54:
7d:2a:a2:33:e1:47:b7:02:62:7b:38:70:18:c2:46:
c7:51:55:58:df:99:f6:d1:48:0c:e6:04:72:dc:e1:
fe:f0:6e:88:d3:15:32:d4:6b:ae:cd:0c:51:13:32:
e3:da:8c:9f:e5:fd:c1:fa:1a:cc:d0:bf:9f:de:f4:
f8:75:11:02:a7:a2:12:15:e0:82:24:40:1e:60:a9:
9d:05:b7:8c:d1:fc:c2:5e:e5:37:07:df:d9:81:2e:
3d:75:71:fb:d5:20:2f:28:26:fd:03:10:0b:3c:84:
f1:66:c6:c7:64:8f:2d:9b:43:1b:39:f3:d1:03:3f:
17:7a:d4:6c:41:2e:6c:a5:89:21:cd:9b:98:3b:5f:
40:5d:7e:a7:1f:5d:e1:c6:bf:22:f9:5a:0b:4d:87:
da:68:34:05:cc:fe:93:bc:5c:06:be:a6:b4:e0:f9:
05:fe:38:f2:30:dc:5e:21:56:72:95:92:c8:ff:11:
2a:8a:65:e5:67:bd:f2:6a:a6:13:8d:60:28:51:10:
46:29:41:ee:5d:60:40:57:99:cf:6e:9a:1c:1d:ca:
f6:0b:43:2f:a8:88:e1:2e:3e:e0:b0:d5:90:82:13:
e3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:25:60:1D:F9:35:F3:B8:E9:04:FB:DA:7A:11:9C:14:84:1A:AE:C6
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/DCD7F756048411F095177229C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.100.0/24
116.90.115.0/24
Signature Algorithm: sha256WithRSAEncryption
79:28:61:ab:14:e0:3f:9c:a0:a6:b7:73:79:1d:25:e9:49:42:
e8:30:00:16:e2:5f:30:af:d2:f1:94:1a:d3:5a:5b:b7:99:93:
63:90:71:1d:03:bc:82:57:30:a7:e2:30:ff:ca:87:a5:49:2d:
9e:93:e6:f3:76:7f:67:61:04:00:af:56:ae:b6:08:6b:f1:e4:
5e:80:54:af:86:f3:37:65:ef:58:fd:55:ba:71:3f:74:94:b2:
ca:31:58:33:a8:5f:86:9e:12:1d:0f:92:92:80:c2:5f:aa:6a:
d0:6f:e6:4e:ae:f8:1b:83:9e:05:ee:3f:35:2a:da:8e:b7:5d:
12:80:27:5e:84:f1:a5:28:20:a1:cc:4a:f8:c3:0a:9f:ad:68:
b5:db:5f:3b:67:6e:fd:5d:77:20:80:fb:3e:7b:fb:dd:6b:e2:
a2:28:a7:2c:b8:13:89:ba:d6:be:81:23:df:95:1a:b4:68:d8:
70:1a:d4:05:c6:e0:57:4e:5e:67:83:53:10:36:0e:b0:b3:35:
25:b8:6c:97:8b:11:92:14:6c:2d:1e:b6:80:59:09:aa:36:a2:
a2:81:bc:9f:32:cf:4d:97:7a:52:6f:b6:d7:62:8a:46:7e:3b:
90:e0:fd:13:2e:af:d4:d7:1b:f1:f9:a4:d1:ef:fc:cd:76:3b:
41:f4:61:b4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjUwMzE5MDU0MTU0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RhNTkyMS1jZTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6sRuktVcKHGfEYON/y79UoIZbUEcdjRrbkQiclR9KqIz4Ue3AmJ7OHAYwkbH
UVVY35n20UgM5gRy3OH+8G6I0xUy1GuuzQxREzLj2oyf5f3B+hrM0L+f3vT4dREC
p6ISFeCCJEAeYKmdBbeM0fzCXuU3B9/ZgS49dXH71SAvKCb9AxALPITxZsbHZI8t
m0MbOfPRAz8XetRsQS5spYkhzZuYO19AXX6nH13hxr8i+VoLTYfaaDQFzP6TvFwG
vqa04PkF/jjyMNxeIVZylZLI/xEqimXlZ73yaqYTjWAoURBGKUHuXWBAV5nPbpoc
Hcr2C0MvqIjhLj7gsNWQghPjewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGUlYB35
NfO46QT72noRnBSEGq7GMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRENEN0Y3NTYw
NDg0MTFGMDk1MTc3MjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB0WmQDBAB0WnMwDQYJKoZIhvcNAQELBQADggEBAHkoYasU
4D+coKa3c3kdJelJQugwABbiXzCv0vGUGtNaW7eZk2OQcR0DvIJXMKfiMP/Kh6VJ
LZ6T5vN2f2dhBACvVq62CGvx5F6AVK+G8zdl71j9VbpxP3SUssoxWDOoX4aeEh0P
kpKAwl+qatBv5k6u+BuDngXuPzUq2o63XRKAJ16E8aUoIKHMSvjDCp+taLXbXztn
bv1ddyCA+z57+91r4qIopyy4E4m61r6BI9+VGrRo2HAa1AXG4FdOXmeDUxA2DrCz
NSW4bJeLEZIUbC0etoBZCao2oqKBvJ8yz02XelJvttdiikZ+O5Dg/RMur9TXG/H5
pNHv/M12O0H0YbQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:47:55 2025 by rpki-client