Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
File: E4BB99E2336E11EA94623E18C4F9AE02.roa (raw, json)
Hash identifier: dDWf0aYmxu05SE8QIKzfCcmUhn7e971nZnRqmk+LmCo=
Subject key identifier: 7F:D0:A2:70:12:1E:FA:04:8B:1D:DC:93:30:80:B7:35:5E:25:B0:F5
Certificate issuer: /CN=A91C6B27/serialNumber=9ECB22ACDE0967A05837E58FC731D357E37637F8
Certificate serial: 0AC9
Authority key identifier: 9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
Signing time: Tue 02 Jul 2024 20:07:54 +0000
ROA not before: Tue 02 Jul 2024 20:07:53 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 14618
IP address blocks: 202.52.43.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2761 (0xac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6B27
Validity
Not Before: Jul 2 20:07:53 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66845e19-167a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b4:4b:06:b1:23:07:5c:2d:f3:e0:6a:ce:52:
50:75:9e:ad:79:53:24:b1:2a:f0:9c:9e:80:cc:af:
a3:ee:ac:32:d7:ca:7d:be:6b:3a:c2:1c:dd:ee:10:
76:50:bc:55:4a:f6:75:5d:55:08:f1:2c:ef:e8:63:
d4:f8:e0:a3:c3:d2:79:39:de:59:39:a0:00:8c:1d:
af:ad:d3:68:6e:b7:96:84:c3:d5:6f:70:c9:38:bf:
20:11:58:f2:a1:c5:51:1f:c4:ab:10:42:67:c7:d7:
a5:e9:51:19:ac:fe:46:ef:b4:e6:bd:4a:1f:a6:16:
0d:a7:da:b0:ec:d8:6d:32:08:e9:cc:2c:fe:21:9e:
0a:e9:96:5b:5e:71:cf:7b:b9:80:77:76:c6:92:b8:
82:04:4f:3f:8f:e7:a1:e6:54:d5:98:45:76:c8:f8:
d4:5b:53:bf:7f:dc:c8:00:32:f3:11:67:13:65:6e:
73:f9:9d:bd:8b:ec:c1:72:5a:b9:9e:15:bf:f7:b8:
64:37:b3:b2:e4:47:fb:02:85:8f:df:2c:78:91:e2:
9b:34:fb:ce:2c:e1:31:3e:a8:a9:9a:ab:99:4d:f9:
07:f2:0b:35:5b:14:7e:49:e1:a7:3f:c9:e5:91:79:
f7:30:4f:ab:99:38:30:f8:4b:e3:53:77:61:8d:eb:
89:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D0:A2:70:12:1E:FA:04:8B:1D:DC:93:30:80:B7:35:5E:25:B0:F5
X509v3 Authority Key Identifier:
keyid:9E:CB:22:AC:DE:09:67:A0:58:37:E5:8F:C7:31:D3:57:E3:76:37:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/nssirN4JZ6BYN-WPxzHTV-N2N_g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nssirN4JZ6BYN-WPxzHTV-N2N_g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6B27/82BF2BF4305411EAAFC9116EC4F9AE02/E4BB99E2336E11EA94623E18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.52.43.0/24
Signature Algorithm: sha256WithRSAEncryption
55:2f:e0:20:34:46:0c:c8:a5:91:8a:71:d3:84:bb:6a:1f:52:
0e:39:65:07:42:54:ea:fc:b8:e8:e1:83:dd:9a:66:fa:29:cd:
6d:dc:de:01:3a:5f:30:f4:93:25:f8:71:9a:e3:1b:af:2d:de:
b8:c2:fc:98:f6:63:50:f1:1a:b9:da:1c:a4:ea:ff:82:96:c2:
bf:7b:cd:85:4c:8c:bb:19:54:39:50:ca:dd:46:af:16:7d:aa:
13:9d:33:91:ab:30:30:15:6a:c4:54:2f:85:ab:5a:a5:e1:04:
bb:d4:20:c4:8b:72:c6:5c:dc:22:16:64:bb:f3:04:3a:18:77:
91:d2:43:59:1b:06:48:78:a8:46:e1:5e:9d:c9:fa:33:67:3e:
0e:33:b5:35:f9:2a:9b:28:ea:8b:9a:9b:4d:e9:f0:03:24:52:
6e:e8:11:96:31:89:48:70:d9:84:11:31:da:c4:b9:04:55:88:
5f:9f:18:72:70:c6:3a:3a:d6:de:af:1e:8c:97:dc:f4:07:fb:
8b:93:05:83:4c:fa:02:d0:9d:d4:13:af:05:ce:71:a0:c4:11:
b9:ff:0e:13:0f:e1:3e:5d:03:0b:fa:73:d6:8e:e7:45:85:81:
19:ad:d0:e2:cb:f0:99:e6:bc:c1:df:bf:91:c3:2e:e0:70:e6:
99:73:80:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCMjcxMTAvBgNVBAUTKDlFQ0IyMkFDREUwOTY3QTA1ODM3RTU4RkM3MzFEMzU3
RTM3NjM3RjgwHhcNMjQwNzAyMjAwNzUzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0NWUxOS0xNjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2bRLBrEjB1wt8+BqzlJQdZ6teVMksSrwnJ6AzK+j7qwy18p9vms6whzd7hB2
ULxVSvZ1XVUI8Szv6GPU+OCjw9J5Od5ZOaAAjB2vrdNobreWhMPVb3DJOL8gEVjy
ocVRH8SrEEJnx9el6VEZrP5G77TmvUofphYNp9qw7NhtMgjpzCz+IZ4K6ZZbXnHP
e7mAd3bGkriCBE8/j+eh5lTVmEV2yPjUW1O/f9zIADLzEWcTZW5z+Z29i+zBclq5
nhW/97hkN7Oy5Ef7AoWP3yx4keKbNPvOLOExPqipmquZTfkH8gs1WxR+SeGnP8nl
kXn3ME+rmTgw+EvjU3dhjeuJUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH/QonAS
HvoEix3ckzCAtzVeJbD1MB8GA1UdIwQYMBaAFJ7LIqzeCWegWDflj8cx01fjdjf4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkIyNy84MkJGMkJGNDMw
NTQxMUVBQUZDOTExNkVDNEY5QUUwMi9uc3Npck40Slo2QllOLVdQeHpIVFYtTjJO
X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25zc2lyTjRKWjZCWU4tV1B4ekhUVi1OMk5fZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCMjcvODJCRjJCRjQzMDU0MTFFQUFGQzkxMTZFQzRGOUFFMDIvRTRCQjk5RTIz
MzZFMTFFQTk0NjIzRTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKNCswDQYJKoZIhvcNAQELBQADggEBAFUv4CA0RgzIpZGK
cdOEu2ofUg45ZQdCVOr8uOjhg92aZvopzW3c3gE6XzD0kyX4cZrjG68t3rjC/Jj2
Y1DxGrnaHKTq/4KWwr97zYVMjLsZVDlQyt1GrxZ9qhOdM5GrMDAVasRUL4WrWqXh
BLvUIMSLcsZc3CIWZLvzBDoYd5HSQ1kbBkh4qEbhXp3J+jNnPg4ztTX5Kpso6oua
m03p8AMkUm7oEZYxiUhw2YQRMdrEuQRViF+fGHJwxjo61t6vHoyX3PQH+4uTBYNM
+gLQndQTrwXOcaDEEbn/DhMP4T5dAwv6c9aO50WFgRmt0OLL8JnmvMHfv5HDLuBw
5plzgLo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:00:36 2025 by rpki-client