Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A917447B0000/0/3136302e3138372e3132342e302f32332d3234203d3e20313533333436.roa
File: 3136302e3138372e3132342e302f32332d3234203d3e20313533333436.roa (raw, json)
Hash identifier: lt8UIG15p3kUFo1J40t+NeYpM4QkHXYfBc0bEGxMbK0=
Subject key identifier: 09:E6:44:D8:68:39:A6:3D:00:C3:56:91:56:88:E2:6B:49:56:CE:AD
Certificate issuer: /CN=A917447B0000/serialNumber=BEC716379E148BA880231B055E3B034159DB8697
Certificate serial: 0C262D01CE6BA614D74A1EAB1B0F70B47AF20366
Authority key identifier: BE:C7:16:37:9E:14:8B:A8:80:23:1B:05:5E:3B:03:41:59:DB:86:97
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vscWN54Ui6iAIxsFXjsDQVnbhpc.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A917447B0000/0/3136302e3138372e3132342e302f32332d3234203d3e20313533333436.roa
Signing time: Mon 25 Aug 2025 13:54:15 +0000
ROA not before: Mon 25 Aug 2025 13:49:15 +0000
ROA not after: Mon 24 Aug 2026 13:54:15 +0000
asID: 153346
IP address blocks: 160.187.124.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:26:2d:01:ce:6b:a6:14:d7:4a:1e:ab:1b:0f:70:b4:7a:f2:03:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917447B0000, serialNumber=BEC716379E148BA880231B055E3B034159DB8697
Validity
Not Before: Aug 25 13:49:15 2025 GMT
Not After : Aug 24 13:54:15 2026 GMT
Subject: CN=09E644D86839A63D00C356915688E26B4956CEAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5b:86:4a:19:e7:7c:41:6d:04:1b:5b:df:3d:
97:f8:c5:f4:ae:e6:d5:dd:88:0d:d9:48:62:ca:45:
0e:17:54:b0:88:96:63:8f:63:35:7d:a6:13:7c:4b:
69:50:a5:aa:12:80:78:d8:61:2c:c8:a0:68:95:c2:
51:30:75:7e:b7:c1:11:7a:26:41:d4:66:0f:61:43:
ab:3d:24:5e:b4:7e:7e:63:25:1e:7b:5f:2f:e1:3a:
c3:58:c6:b1:69:91:48:e9:7e:29:72:e3:de:64:d3:
28:0b:b5:ed:5f:66:12:97:07:77:39:c4:e5:59:13:
a4:ea:21:b7:34:35:10:23:e9:61:f1:16:6a:2d:e2:
8d:18:5a:18:d2:6a:6d:ae:49:2d:89:fd:72:6d:9f:
06:1d:21:d7:d7:91:73:e9:71:b1:8b:d5:4c:77:86:
5e:c6:12:b2:d4:4c:74:c9:a5:ee:df:8e:ab:bc:bb:
20:68:50:77:3d:9d:60:a6:4e:6f:94:de:85:4b:d6:
7f:27:cf:8f:24:cc:ba:55:d5:6e:ad:59:a3:d5:6d:
c7:e1:45:86:cb:5b:ee:29:ac:7f:80:4c:4e:5f:e7:
d2:43:12:98:5a:91:fb:15:25:ec:02:1e:33:0e:3a:
12:5a:aa:c3:69:a7:63:f9:52:4a:72:58:c4:25:df:
6b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E6:44:D8:68:39:A6:3D:00:C3:56:91:56:88:E2:6B:49:56:CE:AD
X509v3 Authority Key Identifier:
keyid:BE:C7:16:37:9E:14:8B:A8:80:23:1B:05:5E:3B:03:41:59:DB:86:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/0/BEC716379E148BA880231B055E3B034159DB8697.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vscWN54Ui6iAIxsFXjsDQVnbhpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/0/3136302e3138372e3132342e302f32332d3234203d3e20313533333436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.187.124.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:49:19:f6:93:92:22:c6:d9:6d:b8:c3:e1:6d:bf:ab:a2:59:
db:91:e3:0d:f4:57:08:e0:56:4f:dc:1f:4c:4c:c3:74:4d:ad:
4a:13:ca:9c:89:4a:54:cf:e7:70:db:a3:f0:1b:6c:53:d6:bb:
2f:e7:af:dc:c4:09:82:e6:7d:35:78:15:d2:9e:bf:e0:f7:e4:
02:a9:72:48:de:23:35:ea:ac:01:bf:4c:88:1c:ca:e9:6a:fa:
aa:f3:76:00:3a:f2:cb:dc:f1:8e:3c:43:3a:b8:7f:bf:eb:65:
e8:3c:13:f5:cb:20:b9:7a:b6:36:ad:26:95:2f:72:74:aa:36:
d6:ff:9d:05:4a:d4:10:32:47:17:6a:f5:16:69:59:dd:51:c3:
7a:65:0b:9b:bf:fd:54:33:da:47:2c:4c:99:d4:6b:7d:ab:4c:
99:b1:37:6a:56:64:c9:e2:ec:b0:e6:6a:a1:e4:63:ab:8e:db:
31:8b:e1:57:17:17:80:fe:1e:cd:e3:01:d7:03:91:3b:91:62:
a5:39:f5:c0:34:d2:23:d3:43:88:4c:89:69:d4:21:e2:e5:77:
6f:23:92:ac:9c:03:cf:95:a5:ca:8d:85:08:f0:05:17:0d:f6:
49:a2:af:37:1f:94:19:d8:17:69:88:83:85:ef:16:6d:14:4e:
29:54:b0:04
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUDCYtAc5rphTXSh6rGw9wtHryA2YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNzQ0N0IwMDAwMTEwLwYDVQQFEyhCRUM3MTYzNzlF
MTQ4QkE4ODAyMzFCMDU1RTNCMDM0MTU5REI4Njk3MB4XDTI1MDgyNTEzNDkxNVoX
DTI2MDgyNDEzNTQxNVowMzExMC8GA1UEAxMoMDlFNjQ0RDg2ODM5QTYzRDAwQzM1
NjkxNTY4OEUyNkI0OTU2Q0VBRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9bhkoZ53xBbQQbW989l/jF9K7m1d2IDdlIYspFDhdUsIiWY49jNX2mE3xL
aVClqhKAeNhhLMigaJXCUTB1frfBEXomQdRmD2FDqz0kXrR+fmMlHntfL+E6w1jG
sWmRSOl+KXLj3mTTKAu17V9mEpcHdznE5VkTpOohtzQ1ECPpYfEWai3ijRhaGNJq
ba5JLYn9cm2fBh0h19eRc+lxsYvVTHeGXsYSstRMdMml7t+Oq7y7IGhQdz2dYKZO
b5TehUvWfyfPjyTMulXVbq1Zo9Vtx+FFhstb7imsf4BMTl/n0kMSmFqR+xUl7AIe
Mw46Elqqw2mnY/lSSnJYxCXfay0CAwEAAaOCAhcwggITMB0GA1UdDgQWBBQJ5kTY
aDmmPQDDVpFWiOJrSVbOrTAfBgNVHSMEGDAWgBS+xxY3nhSLqIAjGwVeOwNBWduG
lzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE3NDQ3QjAwMDAvMC9CRUM3MTYz
NzlFMTQ4QkE4ODAyMzFCMDU1RTNCMDM0MTU5REI4Njk3LmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi92c2NXTjU0VWk2
aUFJeHNGWGpzRFFWbmJocGMuY2VyMIGRBggrBgEFBQcBCwSBhDCBgTB/BggrBgEF
BQcwC4ZzcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE3
NDQ3QjAwMDAvMC8zMTM2MzAyZTMxMzgzNzJlMzEzMjM0MmUzMDJmMzIzMzJkMzIz
NDIwM2QzZTIwMzEzNTMzMzMzNDM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoLt8MA0GCSqGSIb3DQEB
CwUAA4IBAQAfSRn2k5IixtltuMPhbb+rolnbkeMN9FcI4FZP3B9MTMN0Ta1KE8qc
iUpUz+dw26PwG2xT1rsv56/cxAmC5n01eBXSnr/g9+QCqXJI3iM16qwBv0yIHMrp
avqq83YAOvLL3PGOPEM6uH+/62XoPBP1yyC5erY2rSaVL3J0qjbW/50FStQQMkcX
avUWaVndUcN6ZQubv/1UM9pHLEyZ1Gt9q0yZsTdqVmTJ4uyw5mqh5GOrjtsxi+FX
FxeA/h7N4wHXA5E7kWKlOfXANNIj00OITIlp1CHi5XdvI5KsnAPPlaXKjYUI8AUX
DfZJoq83H5QZ2BdpiIOF7xZtFE4pVLAE
-----END CERTIFICATE-----
Generated at Sun Sep 7 19:06:26 2025 by rpki-client