Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/9/3230332e302e38302e302f32342d3234203d3e2039393133.roa
File: 3230332e302e38302e302f32342d3234203d3e2039393133.roa (raw, json)
Hash identifier: 5CEE0bOW0MgpOlLO8lN9+nz4tABxvncSgkR6y2kvmq4=
Subject key identifier: 25:CF:4F:F0:FE:E2:74:41:D2:98:E1:C1:E1:38:05:92:0F:85:FB:33
Certificate issuer: /CN=A919B0BE0000/serialNumber=33F4082166A89FFF6F326AE09B44BFBEF1629FEB
Certificate serial: 314BA42868BBDE3244A389BB1175DF438C961FF8
Authority key identifier: 33:F4:08:21:66:A8:9F:FF:6F:32:6A:E0:9B:44:BF:BE:F1:62:9F:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M_QIIWaon_9vMmrgm0S_vvFin-s.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91905300000/9/3230332e302e38302e302f32342d3234203d3e2039393133.roa
Signing time: Mon 19 May 2025 06:53:13 +0000
ROA not before: Mon 19 May 2025 06:48:13 +0000
ROA not after: Mon 18 May 2026 06:53:13 +0000
asID: 9913
IP address blocks: 203.0.80.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:4b:a4:28:68:bb:de:32:44:a3:89:bb:11:75:df:43:8c:96:1f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919B0BE0000, serialNumber=33F4082166A89FFF6F326AE09B44BFBEF1629FEB
Validity
Not Before: May 19 06:48:13 2025 GMT
Not After : May 18 06:53:13 2026 GMT
Subject: CN=25CF4FF0FEE27441D298E1C1E13805920F85FB33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c4:77:66:e6:22:5b:b6:36:7e:a4:9d:49:98:
58:b9:ca:1d:99:69:97:c7:72:a5:d4:ac:21:46:ca:
fa:45:e8:18:67:24:50:05:a8:81:c1:a5:a7:4e:d9:
9f:ab:cc:4e:1d:61:e1:ef:f8:86:76:78:63:f0:e8:
29:9d:ac:ab:24:2d:ac:50:ad:b2:c1:23:2f:10:a7:
0e:f1:f0:90:b2:29:da:25:e1:da:c6:ac:47:74:d6:
70:06:79:61:9d:e9:3d:4e:db:d9:33:c0:25:a4:ca:
4e:da:7b:74:5b:38:b6:02:66:7d:86:99:37:99:5f:
f7:1d:c1:b6:b0:37:08:0f:21:05:f6:ba:17:b0:81:
71:fb:04:0f:b0:00:09:b5:0d:ac:e0:f6:9f:da:c7:
b9:66:2e:31:da:20:1d:88:27:b6:25:e7:84:6d:0a:
f1:74:1b:9a:80:88:bd:38:39:0f:6c:bc:77:f7:5b:
d6:13:39:5e:70:d5:3c:af:0a:0a:b4:7a:d9:cd:e4:
77:3b:79:86:8c:47:00:43:a6:14:15:81:e6:66:1b:
80:c5:fd:b9:3a:97:e9:9f:50:7c:5c:24:45:74:97:
4b:31:06:f2:d0:21:10:ac:2d:e1:cd:1b:89:93:53:
ac:4f:9a:e7:0a:a5:0f:1c:a0:b9:c4:2f:dd:6c:e3:
e1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CF:4F:F0:FE:E2:74:41:D2:98:E1:C1:E1:38:05:92:0F:85:FB:33
X509v3 Authority Key Identifier:
keyid:33:F4:08:21:66:A8:9F:FF:6F:32:6A:E0:9B:44:BF:BE:F1:62:9F:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91905300000/9/33F4082166A89FFF6F326AE09B44BFBEF1629FEB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M_QIIWaon_9vMmrgm0S_vvFin-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/9/3230332e302e38302e302f32342d3234203d3e2039393133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.0.80.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:85:b5:f9:bb:49:b6:0a:80:58:ab:3d:da:89:c7:94:c2:70:
1b:22:2f:8c:da:58:da:82:2d:55:e1:07:3b:f5:09:35:a3:00:
aa:4d:a1:cb:0f:a3:e0:f1:ac:8f:db:87:ff:04:a3:a0:60:44:
68:8c:8d:4f:95:0c:be:77:67:25:fb:5c:1c:47:58:ff:7a:5c:
fa:c5:ec:ee:f2:2a:b7:f8:4d:d1:5d:b0:0c:23:f8:dd:96:98:
b5:a5:d3:99:86:6e:63:3f:33:38:da:b2:4d:90:34:9a:6b:e5:
31:8e:79:c7:b5:f2:93:70:93:c1:3d:9b:fa:58:25:de:eb:da:
46:f7:fd:35:2d:51:60:9e:d2:f8:e8:99:96:28:a9:99:89:58:
6f:d0:bc:e4:59:a2:94:e4:87:b2:f6:6c:b8:60:86:62:1f:5f:
39:0f:6f:fb:9f:d5:2c:4b:de:4e:b6:ed:5c:ec:76:3a:60:26:
16:21:8c:4e:2b:05:da:91:ab:1f:05:dd:f3:1a:bc:ba:33:50:
ad:4c:20:8e:fd:78:7e:61:cd:cd:60:3c:4d:bf:91:59:41:a3:
04:fa:4d:e3:29:45:4a:04:da:54:e5:39:64:7f:52:b0:0c:b3:
30:56:d3:b7:c7:85:9a:96:73:8e:9f:14:f7:16:d3:22:95:cb:
c3:2e:6a:1c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUMUukKGi73jJEo4m7EXXfQ4yWH/gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxOUIwQkUwMDAwMTEwLwYDVQQFEygzM0Y0MDgyMTY2
QTg5RkZGNkYzMjZBRTA5QjQ0QkZCRUYxNjI5RkVCMB4XDTI1MDUxOTA2NDgxM1oX
DTI2MDUxODA2NTMxM1owMzExMC8GA1UEAxMoMjVDRjRGRjBGRUUyNzQ0MUQyOThF
MUMxRTEzODA1OTIwRjg1RkIzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJHEd2bmIlu2Nn6knUmYWLnKHZlpl8dypdSsIUbK+kXoGGckUAWogcGlp07Z
n6vMTh1h4e/4hnZ4Y/DoKZ2sqyQtrFCtssEjLxCnDvHwkLIp2iXh2sasR3TWcAZ5
YZ3pPU7b2TPAJaTKTtp7dFs4tgJmfYaZN5lf9x3BtrA3CA8hBfa6F7CBcfsED7AA
CbUNrOD2n9rHuWYuMdogHYgntiXnhG0K8XQbmoCIvTg5D2y8d/db1hM5XnDVPK8K
CrR62c3kdzt5hoxHAEOmFBWB5mYbgMX9uTqX6Z9QfFwkRXSXSzEG8tAhEKwt4c0b
iZNTrE+a5wqlDxygucQv3Wzj4R0CAwEAAaOCAgswggIHMB0GA1UdDgQWBBQlz0/w
/uJ0QdKY4cHhOAWSD4X7MzAfBgNVHSMEGDAWgBQz9AghZqif/28yauCbRL++8WKf
6zAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvOS8zM0Y0MDgy
MTY2QTg5RkZGNkYzMjZBRTA5QjQ0QkZCRUYxNjI5RkVCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9NX1FJSVdhb25f
OXZNbXJnbTBTX3Z2RmluLXMuY2VyMIGFBggrBgEFBQcBCwR5MHcwdQYIKwYBBQUH
MAuGaXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxOTA1
MzAwMDAwLzkvMzIzMDMzMmUzMDJlMzgzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2Uy
MDM5MzkzMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAywBQMA0GCSqGSIb3DQEBCwUAA4IBAQAMhbX5
u0m2CoBYqz3aiceUwnAbIi+M2ljagi1V4Qc79Qk1owCqTaHLD6Pg8ayP24f/BKOg
YERojI1PlQy+d2cl+1wcR1j/elz6xezu8iq3+E3RXbAMI/jdlpi1pdOZhm5jPzM4
2rJNkDSaa+UxjnnHtfKTcJPBPZv6WCXe69pG9/01LVFgntL46JmWKKmZiVhv0Lzk
WaKU5Iey9my4YIZiH185D2/7n9UsS95Otu1c7HY6YCYWIYxOKwXakasfBd3zGry6
M1CtTCCO/Xh+Yc3NYDxNv5FZQaME+k3jKUVKBNpU5Tlkf1KwDLMwVtO3x4WalnOO
nxT3FtMilcvDLmoc
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:12:32 2025 by rpki-client