Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32302e302f32342d3234203d3e203134363138.roa
File: 34332e3235322e32302e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: XDDdDDTvhwuUQNA2Wh+VHuXm9Rtlz4RE52q366sMQs0=
Subject key identifier: 54:82:A0:AE:44:AF:9B:1D:7B:9B:B1:7E:BA:C6:4A:E4:A2:FE:4B:54
Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B
Certificate serial: 7562872F348ADDB8DC0852817C1A8D93D2EAE6A6
Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32302e302f32342d3234203d3e203134363138.roa
Signing time: Wed 18 Dec 2024 06:11:39 +0000
ROA not before: Wed 18 Dec 2024 06:06:39 +0000
ROA not after: Wed 17 Dec 2025 06:11:39 +0000
asID: 14618
IP address blocks: 43.252.20.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:62:87:2f:34:8a:dd:b8:dc:08:52:81:7c:1a:8d:93:d2:ea:e6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD5100000
Validity
Not Before: Dec 18 06:06:39 2024 GMT
Not After : Dec 17 06:11:39 2025 GMT
Subject: CN=5482A0AE44AF9B1D7B9BB17EBAC64AE4A2FE4B54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b4:1d:f8:88:c0:79:1c:5e:0c:a6:30:fb:0d:
78:d0:11:6b:85:e6:a2:46:0f:ff:17:6b:00:ff:6c:
db:26:6c:0a:9d:e1:64:0e:46:1d:26:bd:11:b2:aa:
66:1a:35:c1:02:ef:57:0b:22:74:4d:f6:c8:a8:9e:
e5:d3:7b:44:68:2f:c4:4b:43:74:4b:36:d1:88:a3:
0d:04:2c:38:44:9d:08:d3:98:29:44:7d:d0:30:03:
e9:25:92:ef:07:e4:9d:a0:eb:68:84:61:71:77:40:
64:c5:ac:00:0e:12:07:82:9f:c5:6e:b9:e8:f4:5a:
79:b4:63:69:62:b1:8b:0a:e5:e9:95:07:e3:c6:f1:
8f:42:91:7c:fe:2c:d3:21:ba:d0:ab:53:25:f5:9d:
52:b2:8a:a1:cc:bc:28:90:9a:d1:1c:32:ce:ea:98:
fc:6b:01:a2:db:d8:da:0f:e8:1e:74:12:78:ca:02:
40:7a:55:f2:87:5c:b9:85:fe:65:80:26:74:dc:2f:
20:4d:46:70:9b:ab:0c:87:c3:7f:d8:23:69:54:f0:
ec:5b:cf:89:a3:f8:8a:87:76:9e:7f:6d:3a:8b:ff:
0e:b6:5b:51:49:0c:05:56:fd:78:5e:a2:7f:1a:9b:
8f:48:cc:d9:a9:9d:ba:6e:3a:7b:ab:3b:5a:cf:c8:
5f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:82:A0:AE:44:AF:9B:1D:7B:9B:B1:7E:BA:C6:4A:E4:A2:FE:4B:54
X509v3 Authority Key Identifier:
keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32302e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.20.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:20:e7:5d:55:e2:f1:f5:75:17:69:d1:04:55:48:bf:0d:82:
21:b5:06:0b:0a:4b:c5:70:e7:6d:a3:2c:07:1f:f5:2c:02:e5:
1c:d6:1a:8f:7f:2a:f5:c4:c4:71:c8:70:ba:ff:61:6e:34:28:
98:50:6d:71:87:4a:8b:4c:f8:26:b4:39:29:c2:37:f8:fa:84:
c9:c5:bd:af:ed:3f:89:ab:53:7e:a7:d3:6c:76:6d:e3:0a:76:
6f:14:59:ec:4d:f6:f0:56:42:11:e0:6c:19:8c:e4:85:59:1a:
2f:6c:80:38:b1:a8:2c:38:46:39:b4:0e:ef:55:0b:81:18:f4:
b2:26:37:05:b0:ed:e2:cd:98:38:69:ce:e6:25:84:2f:ff:4a:
bc:6a:5d:bf:22:44:ce:be:07:66:0d:63:ad:e7:d1:1b:5a:d5:
93:10:47:8c:42:7b:62:e1:b8:29:44:13:1c:61:e6:c1:69:99:
20:c1:a8:dd:39:f2:d4:46:ae:9a:dd:1e:82:b0:06:91:d4:a7:
17:98:b1:10:f4:49:42:aa:72:f4:bf:e7:56:b3:65:91:40:d3:
09:5f:bc:1e:c3:e2:e4:e0:2e:f4:4d:50:c1:c0:19:03:73:fa:
30:61:f5:f2:fa:26:89:8e:ce:f6:24:c9:e2:a5:c4:44:1c:69:
83:f5:a3:a0
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUdWKHLzSK3bjcCFKBfBqNk9Lq5qYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1
Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI0MTIxODA2MDYzOVoX
DTI1MTIxNzA2MTEzOVowMzExMC8GA1UEAxMoNTQ4MkEwQUU0NEFGOUIxRDdCOUJC
MTdFQkFDNjRBRTRBMkZFNEI1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+0HfiIwHkcXgymMPsNeNARa4XmokYP/xdrAP9s2yZsCp3hZA5GHSa9EbKq
Zho1wQLvVwsidE32yKie5dN7RGgvxEtDdEs20YijDQQsOESdCNOYKUR90DAD6SWS
7wfknaDraIRhcXdAZMWsAA4SB4KfxW656PRaebRjaWKxiwrl6ZUH48bxj0KRfP4s
0yG60KtTJfWdUrKKocy8KJCa0RwyzuqY/GsBotvY2g/oHnQSeMoCQHpV8odcuYX+
ZYAmdNwvIE1GcJurDIfDf9gjaVTw7FvPiaP4iod2nn9tOov/DrZbUUkMBVb9eF6i
fxqbj0jM2amdum46e6s7Ws/IX+0CAwEAAaOCAg8wggILMB0GA1UdDgQWBBRUgqCu
RK+bHXubsX66xkrkov5LVDAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c
ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw
RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp
UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH
MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1
MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMwMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzEzNDM2MzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv8FDANBgkqhkiG9w0BAQsFAAOCAQEA
HCDnXVXi8fV1F2nRBFVIvw2CIbUGCwpLxXDnbaMsBx/1LALlHNYaj38q9cTEcchw
uv9hbjQomFBtcYdKi0z4JrQ5KcI3+PqEycW9r+0/iatTfqfTbHZt4wp2bxRZ7E32
8FZCEeBsGYzkhVkaL2yAOLGoLDhGObQO71ULgRj0siY3BbDt4s2YOGnO5iWEL/9K
vGpdvyJEzr4HZg1jrefRG1rVkxBHjEJ7YuG4KUQTHGHmwWmZIMGo3Tny1Eaumt0e
grAGkdSnF5ixEPRJQqpy9L/nVrNlkUDTCV+8HsPi5OAu9E1QwcAZA3P6MGH18vom
iY7O9iTJ4qXERBxpg/WjoA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:58:38 2025 by rpki-client