Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/B274FC2E0F6811EEB4A51726C4F9AE02.roa
File: B274FC2E0F6811EEB4A51726C4F9AE02.roa (raw, json)
Hash identifier: xT8qdVP2MP8Ox16zjkZRgJtNT2NI8n8d0MZF5JhVyq0=
Subject key identifier: 3D:A0:D0:10:4A:FC:56:B4:1F:CE:6A:B6:87:34:12:EB:34:60:FA:D3
Certificate issuer: /CN=A91215B3/serialNumber=914850C4B8A513B2F8E4EDC4B5578707776372AE
Certificate serial: 69
Authority key identifier: 91:48:50:C4:B8:A5:13:B2:F8:E4:ED:C4:B5:57:87:07:77:63:72:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kUhQxLilE7L45O3EtVeHB3djcq4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/B274FC2E0F6811EEB4A51726C4F9AE02.roa
Signing time: Wed 27 Dec 2023 05:56:54 +0000
ROA not before: Wed 27 Dec 2023 05:56:54 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 133551
IP address blocks: 103.48.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105 (0x69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91215B3
Validity
Not Before: Dec 27 05:56:54 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658bbca6-7436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:02:58:c5:cf:cf:00:5c:f1:7b:cc:cd:f6:87:
8e:58:a5:a9:78:63:16:a7:7a:93:81:f2:69:89:89:
36:51:2b:1c:5c:b2:7e:4e:76:2a:d2:3c:6b:9e:20:
86:45:e0:42:7b:79:5a:0e:a3:6e:ba:24:a1:02:6a:
1c:20:c8:0d:f2:d1:6b:d3:b7:ed:bc:34:d3:5f:79:
ad:c7:02:9f:b7:78:60:b6:21:8d:3e:8b:ad:36:19:
28:05:14:54:2d:6c:83:95:76:56:9a:2e:85:1c:d3:
aa:ee:f7:3b:d1:08:0f:1c:73:4a:7a:4c:31:ee:9c:
a8:02:cb:ac:dc:bb:53:7d:c6:c3:6f:f7:ef:7b:da:
32:2f:e9:a7:f2:f6:b2:10:c4:ad:3b:fc:8c:3b:06:
d2:b9:94:ef:3e:6c:82:76:75:e3:e9:ba:2a:ff:a0:
68:18:03:62:18:32:6b:90:ff:a0:d7:1a:f5:bd:d1:
22:ab:c7:4e:ae:c6:e6:69:2f:05:76:c5:3a:80:cc:
ee:5a:b9:bd:c3:95:f2:ad:97:a4:75:48:7f:50:2f:
26:2c:51:90:46:00:12:c4:51:17:25:b8:2b:10:4b:
ab:06:73:cf:83:cc:70:7e:a3:3c:4c:18:7e:99:a4:
f8:92:0c:b0:88:73:93:17:e7:51:67:2f:c5:e6:20:
c3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:D0:10:4A:FC:56:B4:1F:CE:6A:B6:87:34:12:EB:34:60:FA:D3
X509v3 Authority Key Identifier:
keyid:91:48:50:C4:B8:A5:13:B2:F8:E4:ED:C4:B5:57:87:07:77:63:72:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/kUhQxLilE7L45O3EtVeHB3djcq4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kUhQxLilE7L45O3EtVeHB3djcq4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/B274FC2E0F6811EEB4A51726C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.1.0/24
Signature Algorithm: sha256WithRSAEncryption
38:4c:fc:c2:47:27:e2:a6:cb:cf:4b:b1:e4:69:fa:27:ea:17:
a7:5a:09:60:ff:f5:05:50:db:12:3d:08:53:92:9c:e8:ce:eb:
0e:c7:66:fe:d4:48:e6:8e:3c:20:27:76:5d:87:14:37:5e:f3:
de:d9:93:6e:5a:68:31:54:15:02:c9:04:7a:85:2e:04:34:1a:
4f:52:e7:d3:75:18:82:2f:7f:44:08:00:6a:3c:35:68:9e:36:
90:74:71:a4:0e:2b:de:10:16:c5:a0:92:d8:69:a0:db:44:1d:
a6:ab:2c:6f:c7:8e:01:10:fc:2f:88:98:67:28:4c:1e:91:e9:
70:6b:58:e1:84:e9:de:0e:88:76:64:ed:24:4e:2a:3a:2e:3b:
01:02:11:42:a9:64:84:12:ae:d0:63:f1:66:37:f6:d8:94:a9:
3f:dd:3e:0d:db:6b:66:ee:18:d8:ba:f3:74:29:ce:29:8b:21:
ab:b9:41:ff:f7:fb:76:65:ad:ab:8f:42:a8:aa:18:a1:cb:da:
d4:1d:83:a9:85:02:e2:4b:0e:46:26:ec:0a:2d:23:82:e9:c7:
2b:17:68:bc:6c:c1:f8:46:97:b2:35:dd:64:65:c2:69:98:6d:
f2:27:ae:5a:a4:a2:8d:8c:aa:eb:06:e9:29:2c:aa:fb:ad:ea:
9b:87:bb:d8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBaTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MTVCMzExMC8GA1UEBRMoOTE0ODUwQzRCOEE1MTNCMkY4RTRFREM0QjU1Nzg3MDc3
NzYzNzJBRTAeFw0yMzEyMjcwNTU2NTRaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OGJiY2E2LTc0MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQAljFz88AXPF7zM32h45Ypal4YxanepOB8mmJiTZRKxxcsn5OdirSPGueIIZF
4EJ7eVoOo266JKECahwgyA3y0WvTt+28NNNfea3HAp+3eGC2IY0+i602GSgFFFQt
bIOVdlaaLoUc06ru9zvRCA8cc0p6TDHunKgCy6zcu1N9xsNv9+972jIv6afy9rIQ
xK07/Iw7BtK5lO8+bIJ2dePpuir/oGgYA2IYMmuQ/6DXGvW90SKrx06uxuZpLwV2
xTqAzO5aub3DlfKtl6R1SH9QLyYsUZBGABLEURcluCsQS6sGc8+DzHB+ozxMGH6Z
pPiSDLCIc5MX51FnL8XmIMMNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUPaDQEEr8
VrQfzmq2hzQS6zRg+tMwHwYDVR0jBBgwFoAUkUhQxLilE7L45O3EtVeHB3djcq4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIxNUIzL0U2RjY4RjA2MEI0
QjExRUVBQjlBQUQ3OUM0RjlBRTAyL2tVaFF4TGlsRTdMNDVPM0V0VmVIQjNkamNx
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva1VoUXhMaWxFN0w0NU8zRXRWZUhCM2RqY3E0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MTVCMy9FNkY2OEYwNjBCNEIxMUVFQUI5QUFENzlDNEY5QUUwMi9CMjc0RkMyRTBG
NjgxMUVFQjRBNTE3MjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcwATANBgkqhkiG9w0BAQsFAAOCAQEAOEz8wkcn4qbLz0ux
5Gn6J+oXp1oJYP/1BVDbEj0IU5Kc6M7rDsdm/tRI5o48ICd2XYcUN17z3tmTblpo
MVQVAskEeoUuBDQaT1Ln03UYgi9/RAgAajw1aJ42kHRxpA4r3hAWxaCS2Gmg20Qd
pqssb8eOARD8L4iYZyhMHpHpcGtY4YTp3g6IdmTtJE4qOi47AQIRQqlkhBKu0GPx
Zjf22JSpP90+DdtrZu4Y2LrzdCnOKYshq7lB//f7dmWtq49CqKoYocva1B2DqYUC
4ksORibsCi0jgunHKxdovGzB+EaXsjXdZGXCaZht8ieuWqSijYyq6wbpKSyq+63q
m4e72A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:33:11 2025 by rpki-client