Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136392e302f32342d3234203d3e203337393930.roa
File: 3230332e342e3136392e302f32342d3234203d3e203337393930.roa (raw, json)
Hash identifier: aiTwY7exOIWYXIKbSyXz+xb7jVL186qs815q9Rt7CIg=
Subject key identifier: EC:CF:C0:8C:49:24:4F:37:16:3D:94:88:45:84:1C:F6:5A:05:29:35
Certificate issuer: /CN=A911AC370000/serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Certificate serial: 3A9F73A03D7855DB4D9C73E6F8DD627374F8CB1D
Authority key identifier: B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136392e302f32342d3234203d3e203337393930.roa
Signing time: Fri 23 May 2025 02:43:04 +0000
ROA not before: Fri 23 May 2025 02:38:04 +0000
ROA not after: Fri 22 May 2026 02:43:04 +0000
asID: 37990
IP address blocks: 203.4.169.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:9f:73:a0:3d:78:55:db:4d:9c:73:e6:f8:dd:62:73:74:f8:cb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AC370000, serialNumber=B18F989967D30F2509E3D29707C5F85B5F6BDB6F
Validity
Not Before: May 23 02:38:04 2025 GMT
Not After : May 22 02:43:04 2026 GMT
Subject: CN=ECCFC08C49244F37163D948845841CF65A052935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1c:86:f1:22:0e:42:b4:d6:1e:ff:7b:98:5f:
f0:99:56:12:e0:a3:95:97:da:96:0a:b5:f7:33:31:
0d:12:00:68:00:73:06:80:4c:84:99:06:f1:91:98:
a4:91:1d:7e:ae:c4:45:21:78:19:27:df:e0:fb:b1:
01:18:46:a9:f0:75:fb:30:7b:31:cc:92:da:a1:e5:
07:0a:57:0f:33:5d:9f:a2:51:a2:0e:08:4e:ff:ce:
12:19:57:df:c2:9b:71:17:31:f3:9b:63:6a:c2:ca:
9a:02:d3:c4:ff:e6:de:12:8b:db:ce:09:b8:d9:cc:
e7:14:b7:75:58:55:ac:56:36:ba:0f:0b:07:73:a1:
b4:d5:a9:60:b4:09:a4:e2:c9:a1:52:77:62:bb:c5:
49:d5:f4:ba:60:b0:66:23:ca:62:fa:91:c7:ce:44:
ef:46:1c:7f:d0:a6:85:76:60:1d:a7:03:9e:40:f4:
2c:bc:4d:fd:91:02:cb:7c:a5:d1:11:56:0f:ef:4a:
13:31:55:0c:06:93:17:95:bb:15:ff:0f:03:71:63:
ae:34:62:1e:73:c7:12:12:b2:1b:b4:c8:d8:c1:f3:
73:94:46:b0:10:6a:bf:c7:7d:ed:e5:b6:f8:39:11:
e7:0e:3f:48:bc:94:fa:3b:b4:1c:51:c3:c6:fa:b4:
3e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CF:C0:8C:49:24:4F:37:16:3D:94:88:45:84:1C:F6:5A:05:29:35
X509v3 Authority Key Identifier:
keyid:B1:8F:98:99:67:D3:0F:25:09:E3:D2:97:07:C5:F8:5B:5F:6B:DB:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/B18F989967D30F2509E3D29707C5F85B5F6BDB6F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sY-YmWfTDyUJ49KXB8X4W19r228.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/3/3230332e342e3136392e302f32342d3234203d3e203337393930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.4.169.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0e:59:8b:0c:4a:99:b7:ac:ca:84:a5:c4:a4:80:77:00:1a:
4f:fa:86:f6:d0:a4:be:14:4d:33:3f:cc:16:b5:0a:61:a6:7b:
f6:b1:c0:fe:f6:7b:85:a3:79:55:31:cc:13:91:a7:14:55:66:
27:68:b6:27:e8:de:45:e0:e8:6c:ac:66:ed:7e:da:c1:cb:8a:
28:c7:09:3a:09:eb:89:af:86:63:da:4b:ef:12:37:74:ce:53:
3f:46:0c:3a:8c:66:8a:3d:12:8f:4b:60:03:1b:4e:db:f8:07:
51:7c:60:cb:6e:c8:40:2a:8f:c8:60:5b:d4:ad:dd:23:98:21:
b9:67:ea:34:0b:1d:ad:24:0d:43:d1:9b:67:18:1b:e8:c2:87:
b9:04:19:2a:d7:59:5b:99:4a:d4:be:c4:4c:3c:60:9d:8d:3f:
0f:9e:55:9b:93:85:62:88:15:cb:49:5e:71:0f:ba:13:1b:07:
27:07:a1:82:9d:ff:90:a0:21:43:3f:6a:84:c5:0a:54:3c:b5:
ea:88:0d:15:68:74:99:4e:d3:1c:18:ed:4b:37:77:b1:14:b2:
d6:d1:f3:43:fd:86:40:2f:48:de:87:26:da:6f:40:f3:11:3a:
69:de:5e:21:fb:86:68:a1:14:c6:d0:91:e7:6b:8c:3b:46:11:
bb:e5:e9:96
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUOp9zoD14VdtNnHPm+N1ic3T4yx0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMUFDMzcwMDAwMTEwLwYDVQQFEyhCMThGOTg5OTY3
RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGMB4XDTI1MDUyMzAyMzgwNFoX
DTI2MDUyMjAyNDMwNFowMzExMC8GA1UEAxMoRUNDRkMwOEM0OTI0NEYzNzE2M0Q5
NDg4NDU4NDFDRjY1QTA1MjkzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8chvEiDkK01h7/e5hf8JlWEuCjlZfalgq19zMxDRIAaABzBoBMhJkG8ZGY
pJEdfq7ERSF4GSff4PuxARhGqfB1+zB7McyS2qHlBwpXDzNdn6JRog4ITv/OEhlX
38KbcRcx85tjasLKmgLTxP/m3hKL284JuNnM5xS3dVhVrFY2ug8LB3OhtNWpYLQJ
pOLJoVJ3YrvFSdX0umCwZiPKYvqRx85E70Ycf9CmhXZgHacDnkD0LLxN/ZECy3yl
0RFWD+9KEzFVDAaTF5W7Ff8PA3FjrjRiHnPHEhKyG7TI2MHzc5RGsBBqv8d97eW2
+DkR5w4/SLyU+ju0HFHDxvq0PqcCAwEAAaOCAg8wggILMB0GA1UdDgQWBBTsz8CM
SSRPNxY9lIhFhBz2WgUpNTAfBgNVHSMEGDAWgBSxj5iZZ9MPJQnj0pcHxfhbX2vb
bzAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvMy9CMThGOTg5
OTY3RDMwRjI1MDlFM0QyOTcwN0M1Rjg1QjVGNkJEQjZGLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9zWS1ZbVdmVER5
VUo0OUtYQjhYNFcxOXIyMjguY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH
MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzMvMzIzMDMzMmUzNDJlMzEzNjM5MmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzMzNzM5MzkzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMsEqTANBgkqhkiG9w0BAQsFAAOCAQEA
Zg5ZiwxKmbesyoSlxKSAdwAaT/qG9tCkvhRNMz/MFrUKYaZ79rHA/vZ7haN5VTHM
E5GnFFVmJ2i2J+jeReDobKxm7X7awcuKKMcJOgnria+GY9pL7xI3dM5TP0YMOoxm
ij0Sj0tgAxtO2/gHUXxgy27IQCqPyGBb1K3dI5ghuWfqNAsdrSQNQ9GbZxgb6MKH
uQQZKtdZW5lK1L7ETDxgnY0/D55Vm5OFYogVy0lecQ+6ExsHJwehgp3/kKAhQz9q
hMUKVDy16ogNFWh0mU7THBjtSzd3sRSy1tHzQ/2GQC9I3ocm2m9A8xE6ad5eIfuG
aKEUxtCR52uMO0YRu+Xplg==
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:06:02 2025 by rpki-client