Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4A5937E03D8511EEBB14DB46C4F9AE02.roa
File: 4A5937E03D8511EEBB14DB46C4F9AE02.roa (raw, json)
Hash identifier: 3LtVkIJHtsC9I5ENQ7FDEvzrhY//6dw+frQ1fkBMxxE=
Subject key identifier: 57:2A:50:24:8C:9B:98:05:80:BC:0F:D0:8F:25:09:B7:64:A5:64:08
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04BF
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4A5937E03D8511EEBB14DB46C4F9AE02.roa
Signing time: Tue 05 Sep 2023 00:51:41 +0000
ROA not before: Tue 05 Sep 2023 00:51:41 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55154
IP address blocks: 43.255.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1215 (0x4bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322
Validity
Not Before: Sep 5 00:51:41 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f67b9d-7d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:44:35:e1:58:77:96:80:cd:2b:53:cf:33:a0:
4b:b1:72:33:5a:ee:d3:92:cd:c0:00:3e:32:19:9b:
d1:d4:81:4d:e7:1d:65:46:ca:26:39:95:d2:7c:a5:
aa:e8:dc:9b:88:78:e1:a3:cd:6c:40:68:14:c8:b1:
f2:15:16:ba:98:0a:3a:ca:ef:23:d1:95:87:36:26:
b9:fc:1f:6a:85:45:e5:6f:17:20:54:1e:05:89:a2:
d7:29:ac:13:da:ed:58:0d:76:80:c5:38:9c:bb:9a:
14:7c:6d:69:aa:ca:a5:3c:2e:93:58:fe:f5:91:15:
a6:ba:2b:84:2e:89:29:7b:aa:d8:a2:1e:a9:73:ca:
a3:9c:04:fd:9c:e0:b8:fd:42:2b:3a:91:98:6a:a3:
4d:3b:31:9c:89:2b:9b:26:ef:98:d5:b2:04:90:9b:
c3:80:e4:88:55:81:f1:b2:0a:a5:97:5b:4c:c1:1a:
fb:a0:41:30:cd:34:73:57:ff:9c:9d:c2:d1:3b:34:
52:2b:05:2a:b1:91:66:db:c6:29:c3:75:1b:39:71:
27:c7:b9:d8:f0:bf:3a:7c:b9:25:e8:f7:c8:37:4d:
7f:91:ae:82:c1:5e:75:46:d3:8b:cb:50:3e:a3:4d:
de:bf:1a:56:30:ad:3f:11:80:d7:82:c4:16:a1:00:
41:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:2A:50:24:8C:9B:98:05:80:BC:0F:D0:8F:25:09:B7:64:A5:64:08
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4A5937E03D8511EEBB14DB46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:cb:ee:cb:1a:af:43:5f:a4:5d:ad:49:51:08:d3:9c:08:ac:
ae:9f:f9:68:2d:5b:eb:62:9c:c7:d5:57:c2:92:22:52:cc:03:
d3:25:fc:8d:1c:41:74:b9:89:c0:c7:f3:33:5f:fe:62:68:ef:
24:64:84:9c:7b:09:a8:50:f1:ba:e9:c8:ef:ad:1a:50:ec:0c:
6b:d3:26:0c:c4:6b:96:45:fc:1b:90:2c:24:10:92:e3:67:1c:
4c:b5:83:05:5d:8b:1c:1d:64:3f:8a:6d:00:da:7c:b1:2b:3f:
ce:a8:7b:34:4b:c1:c1:e0:ba:f8:c1:0c:41:89:a1:cf:4d:f2:
de:b8:cd:5e:c7:5d:9b:95:38:fc:7c:14:1c:eb:90:d5:91:d5:
d4:80:8d:af:7d:2d:b9:a5:b4:b0:ce:f1:83:a5:10:44:82:7a:
1b:ae:1a:8c:4e:c2:26:55:21:4a:91:b7:96:0d:52:13:a3:37:
07:56:05:79:fd:a2:e9:ad:f3:d3:a4:12:0a:39:93:4c:65:a0:
60:b7:bd:66:43:83:d1:01:9c:d7:69:18:17:e7:1b:86:f7:e4:
94:32:36:3c:52:31:c7:ef:a1:b8:57:83:97:7f:77:fa:28:6f:
e8:fa:5c:f2:d2:ff:76:2f:ae:3f:f6:1a:f4:80:95:a3:57:9a:
75:00:44:7a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA1MDA1MTQxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2N2I5ZC03ZDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyEQ14Vh3loDNK1PPM6BLsXIzWu7Tks3AAD4yGZvR1IFN5x1lRsomOZXSfKWq
6NybiHjho81sQGgUyLHyFRa6mAo6yu8j0ZWHNia5/B9qhUXlbxcgVB4FiaLXKawT
2u1YDXaAxTicu5oUfG1pqsqlPC6TWP71kRWmuiuELokpe6rYoh6pc8qjnAT9nOC4
/UIrOpGYaqNNOzGciSubJu+Y1bIEkJvDgOSIVYHxsgqll1tMwRr7oEEwzTRzV/+c
ncLROzRSKwUqsZFm28Ypw3UbOXEnx7nY8L86fLkl6PfIN01/ka6CwV51RtOLy1A+
o03evxpWMK0/EYDXgsQWoQBBMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFcqUCSM
m5gFgLwP0I8lCbdkpWQIMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNEE1OTM3RTAz
RDg1MTFFRUJCMTREQjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/3gwDQYJKoZIhvcNAQELBQADggEBAG/L7ssar0NfpF2t
SVEI05wIrK6f+WgtW+tinMfVV8KSIlLMA9Ml/I0cQXS5icDH8zNf/mJo7yRkhJx7
CahQ8brpyO+tGlDsDGvTJgzEa5ZF/BuQLCQQkuNnHEy1gwVdixwdZD+KbQDafLEr
P86oezRLwcHguvjBDEGJoc9N8t64zV7HXZuVOPx8FBzrkNWR1dSAja99LbmltLDO
8YOlEESCehuuGoxOwiZVIUqRt5YNUhOjNwdWBXn9oumt89OkEgo5k0xloGC3vWZD
g9EBnNdpGBfnG4b35JQyNjxSMcfvobhXg5d/d/oob+j6XPLS/3Yvrj/2GvSAlaNX
mnUARHo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:33 2025 by rpki-client