Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/0112375EA05411EDB043385AC4F9AE02.roa
File: 0112375EA05411EDB043385AC4F9AE02.roa (raw, json)
Hash identifier: aBs0HSQclxaDqKZvgHQYQl981j8saXju4dpMEUuQAU4=
Subject key identifier: 20:E1:BF:55:55:41:8C:D6:84:90:B0:93:3E:32:EE:07:A1:5C:9C:65
Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial: 0803
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/0112375EA05411EDB043385AC4F9AE02.roa
Signing time: Tue 04 Feb 2025 21:41:27 +0000
ROA not before: Tue 04 Feb 2025 21:41:27 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 8075
IP address blocks: 203.32.8.0/24 maxlen: 24
203.32.10.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2051 (0x803)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB7AB
Validity
Not Before: Feb 4 21:41:27 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a28987-252e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4f:dd:43:16:ae:ea:da:bc:73:2d:fe:e3:35:
ef:2b:b6:21:2f:43:1e:45:86:cf:8d:2d:c5:1c:1b:
4d:c3:5f:28:27:b2:39:62:89:37:ae:83:eb:bb:42:
4f:28:89:a6:6a:79:6f:32:fa:94:65:b2:85:da:57:
b6:7e:09:d0:9a:af:2f:00:76:87:2c:00:7d:65:d1:
98:70:f0:22:f4:ce:0b:0a:f5:f5:89:b6:be:ae:18:
0e:f9:58:74:6f:7e:4f:80:81:94:64:3c:ff:a4:88:
1c:9f:2a:66:0c:61:09:78:3c:ce:df:58:79:d3:a9:
0b:bc:3e:54:c6:2d:7e:2b:bb:d7:d2:3a:cf:5a:39:
ac:71:14:ab:c9:23:98:7b:01:c7:21:1b:5a:2b:14:
37:77:94:4d:ca:a8:ca:e6:f6:5c:23:78:a5:5b:4a:
bb:2a:a9:88:29:e5:ba:a8:a1:3d:4d:e3:34:94:26:
98:94:6c:aa:c6:d8:22:2a:ca:43:3c:61:be:62:60:
e5:d9:3c:22:44:ad:2d:d0:4d:8e:bd:a0:f8:f5:1f:
27:07:18:f6:ca:4d:3a:15:dd:7b:94:52:79:00:c5:
1f:49:79:f6:37:e8:23:03:97:35:38:22:8e:be:d0:
5d:32:d5:fa:cc:dd:e9:f5:31:26:19:a2:3e:a4:ee:
29:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E1:BF:55:55:41:8C:D6:84:90:B0:93:3E:32:EE:07:A1:5C:9C:65
X509v3 Authority Key Identifier:
keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/0112375EA05411EDB043385AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.8.0/24
203.32.10.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:3b:fd:a7:14:c3:8a:e5:48:7a:01:88:7a:e5:f5:1f:a2:cb:
4d:4d:53:04:f8:10:03:db:34:f4:67:a0:d4:15:cf:bc:e0:dc:
a0:68:95:5d:8a:5d:8e:b7:62:0b:74:97:ec:61:51:95:9d:ca:
21:29:35:36:a3:9b:43:cb:8c:76:c3:30:50:f4:07:86:ff:ce:
54:c4:81:61:cd:3b:33:34:93:e3:a8:a5:94:75:c3:80:2a:98:
da:41:1f:2b:21:8c:41:3f:b0:dd:c0:ce:04:58:bc:8e:f5:ad:
dc:74:48:97:00:c7:29:f0:3e:f5:52:05:87:70:42:eb:19:07:
ef:35:0c:a9:f4:02:07:88:dd:9e:a6:10:3f:77:59:7a:27:72:
6d:2a:37:5b:a0:b6:2c:a0:c5:fe:a6:8a:76:87:10:6a:26:e2:
7c:43:bc:d0:22:71:bc:d7:ef:ba:c8:42:f1:8b:fe:cd:e0:3d:
fb:72:4c:39:5c:fe:a9:ca:52:a6:d4:b3:11:d8:8e:6c:1f:05:
21:c6:2b:b3:80:b3:2a:77:bc:73:dc:12:f6:e3:a9:68:04:0c:
4c:83:cc:db:3b:7c:15:30:45:ed:83:f8:15:85:ff:68:da:94:
d7:6f:24:25:41:54:a2:c0:f2:0e:a8:66:23:c9:54:1c:54:e9:
86:0c:94:cc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCAMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjUwMjA0MjE0MTI3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyODk4Ny0yNTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1k/dQxau6tq8cy3+4zXvK7YhL0MeRYbPjS3FHBtNw18oJ7I5Yok3roPru0JP
KImmanlvMvqUZbKF2le2fgnQmq8vAHaHLAB9ZdGYcPAi9M4LCvX1iba+rhgO+Vh0
b35PgIGUZDz/pIgcnypmDGEJeDzO31h506kLvD5Uxi1+K7vX0jrPWjmscRSrySOY
ewHHIRtaKxQ3d5RNyqjK5vZcI3ilW0q7KqmIKeW6qKE9TeM0lCaYlGyqxtgiKspD
PGG+YmDl2TwiRK0t0E2OvaD49R8nBxj2yk06Fd17lFJ5AMUfSXn2N+gjA5c1OCKO
vtBdMtX6zN3p9TEmGaI+pO4phQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCDhv1VV
QYzWhJCwkz4y7gehXJxlMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvMDExMjM3NUVB
MDU0MTFFREIwNDMzODVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLIAgDBAHLIAowDQYJKoZIhvcNAQELBQADggEBAAw7/acU
w4rlSHoBiHrl9R+iy01NUwT4EAPbNPRnoNQVz7zg3KBolV2KXY63Ygt0l+xhUZWd
yiEpNTajm0PLjHbDMFD0B4b/zlTEgWHNOzM0k+OopZR1w4AqmNpBHyshjEE/sN3A
zgRYvI71rdx0SJcAxynwPvVSBYdwQusZB+81DKn0AgeI3Z6mED93WXoncm0qN1ug
tiygxf6minaHEGom4nxDvNAicbzX77rIQvGL/s3gPftyTDlc/qnKUqbUsxHYjmwf
BSHGK7OAsyp3vHPcEvbjqWgEDEyDzNs7fBUwRe2D+BWF/2jalNdvJCVBVKLA8g6o
ZiPJVBxU6YYMlMw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:19:16 2025 by rpki-client