Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/269E0F5A74BB11EBA6B8716FC4F9AE02.roa
File: 269E0F5A74BB11EBA6B8716FC4F9AE02.roa (raw, json)
Hash identifier: bXdlUp2YiZCHWI9HGRpYf9HxuoaDb44HW6d/ZLWWTQU=
Subject key identifier: C3:5B:84:E9:7A:59:FC:EC:DC:BB:F7:24:FD:91:FB:FD:50:E3:A8:00
Certificate issuer: /CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Certificate serial: 0447
Authority key identifier: BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/269E0F5A74BB11EBA6B8716FC4F9AE02.roa
Signing time: Wed 20 Apr 2022 12:50:11 +0000
ROA not before: Wed 20 Apr 2022 12:50:11 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 10001
IP address blocks: 152.32.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1095 (0x447)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186E8A, serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Validity
Not Before: Apr 20 12:50:11 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=62600182-2254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:43:6a:c7:19:dd:60:55:d0:eb:82:1a:95:67:
18:7d:c4:3e:9f:69:16:4a:60:d4:ff:79:c8:56:3f:
68:04:70:83:3b:bf:aa:b0:6c:8d:2b:b8:48:b5:52:
a6:99:4d:b6:0e:20:14:1b:60:24:0f:c9:43:aa:be:
2f:15:55:12:85:b5:7a:5d:93:58:b2:99:d7:53:b7:
ea:02:f8:4b:98:cc:3e:8d:d2:89:75:df:81:9f:f6:
7e:45:c1:9c:81:38:aa:ac:ba:87:e2:c7:2f:a6:a1:
18:4a:cb:7d:5f:b7:c9:54:cd:ab:cd:c7:3b:ab:76:
59:e1:5f:3a:c3:c2:e4:c6:20:3a:1e:64:9f:87:c1:
e9:97:4b:d3:28:58:18:e7:47:d3:ed:9b:12:d1:f4:
1d:1b:55:9b:31:82:be:ce:9d:36:f1:9f:0a:d5:24:
04:69:97:e5:5d:1a:ae:e8:53:d3:eb:74:8e:39:ec:
31:d7:71:50:5a:1c:69:40:22:7d:b5:7c:34:99:fc:
81:30:64:2b:bd:a0:4f:88:98:ba:76:e2:e6:bf:44:
50:eb:50:4b:a7:1f:23:55:7d:aa:05:2c:86:64:66:
82:9d:17:bd:62:3f:60:e4:f3:fd:2a:06:e1:dc:16:
2e:cd:be:c1:df:66:15:b7:50:2d:4d:5e:4c:0a:1d:
86:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:5B:84:E9:7A:59:FC:EC:DC:BB:F7:24:FD:91:FB:FD:50:E3:A8:00
X509v3 Authority Key Identifier:
keyid:BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/269E0F5A74BB11EBA6B8716FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.32.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d3:16:6f:34:8c:6d:19:de:ae:6b:4b:2d:85:37:b3:c7:62:
d2:c0:e5:47:2d:03:79:ff:65:27:ca:99:4a:fa:11:9c:02:09:
32:8d:00:13:71:5f:0b:9b:89:2d:25:2a:49:33:7f:a1:79:88:
e6:85:40:f4:fe:52:68:54:5f:1a:8d:14:48:fb:d1:b7:c7:7b:
10:1f:fd:69:1a:32:7b:57:c8:6a:b1:6c:b5:66:fd:f5:6f:f3:
98:4e:d0:74:2d:ea:83:76:8d:64:06:51:71:d4:77:31:09:66:
3f:50:bb:56:34:69:cd:eb:0d:c2:ff:a4:29:fc:27:d8:37:38:
92:1a:3f:c7:17:da:37:ee:58:8a:4b:e0:00:50:80:43:61:2f:
c5:b0:44:a9:43:dc:d9:91:94:f4:0c:43:d9:10:88:31:92:45:
07:c9:6d:77:9e:a9:5a:ed:99:d3:43:3b:96:25:3b:f7:cb:cc:
83:cd:41:6e:e1:b4:2c:ba:dd:9a:7d:86:b1:eb:10:fc:17:06:
b5:ef:ad:fb:b9:7f:70:ca:0c:87:e1:0b:62:30:12:ff:8c:6c:
f8:fa:03:5f:5d:0a:8a:d0:55:50:9e:ec:a5:58:bb:3e:3e:31:
72:51:da:ae:3e:36:31:74:e2:5f:41:56:a2:b4:ce:18:fe:7a:
1e:37:d8:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFOEExMTAvBgNVBAUTKEJERDVFOUE3NkYxQUM0QzhFNTE3OTdFQ0U5OUUzRENF
RUNFRTc0OTMwHhcNMjIwNDIwMTI1MDExWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjYwMDE4Mi0yMjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUNqxxndYFXQ64IalWcYfcQ+n2kWSmDU/3nIVj9oBHCDO7+qsGyNK7hItVKm
mU22DiAUG2AkD8lDqr4vFVUShbV6XZNYspnXU7fqAvhLmMw+jdKJdd+Bn/Z+RcGc
gTiqrLqH4scvpqEYSst9X7fJVM2rzcc7q3ZZ4V86w8LkxiA6HmSfh8Hpl0vTKFgY
50fT7ZsS0fQdG1WbMYK+zp028Z8K1SQEaZflXRqu6FPT63SOOewx13FQWhxpQCJ9
tXw0mfyBMGQrvaBPiJi6duLmv0RQ61BLpx8jVX2qBSyGZGaCnRe9Yj9g5PP9Kgbh
3BYuzb7B32YVt1AtTV5MCh2GhwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMNbhOl6
Wfzs3Lv3JP2R+/1Q46gAMB8GA1UdIwQYMBaAFL3V6advGsTI5ReX7OmePc7s7nST
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zMTQ4REM5RTJE
RkYxMUVCODY4QTkxMzVDNEY5QUUwMi92ZFhwcDI4YXhNamxGNWZzNlo0OXp1enVk
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZkWHBwMjhheE1qbEY1ZnM2WjQ5enV6dWRKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvMzE0OERDOUUyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvMjY5RTBGNUE3
NEJCMTFFQkE2Qjg3MTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACYIPIwDQYJKoZIhvcNAQELBQADggEBAF/TFm80jG0Z3q5r
Sy2FN7PHYtLA5UctA3n/ZSfKmUr6EZwCCTKNABNxXwubiS0lKkkzf6F5iOaFQPT+
UmhUXxqNFEj70bfHexAf/WkaMntXyGqxbLVm/fVv85hO0HQt6oN2jWQGUXHUdzEJ
Zj9Qu1Y0ac3rDcL/pCn8J9g3OJIaP8cX2jfuWIpL4ABQgENhL8WwRKlD3NmRlPQM
Q9kQiDGSRQfJbXeeqVrtmdNDO5YlO/fLzIPNQW7htCy63Zp9hrHrEPwXBrXvrfu5
f3DKDIfhC2IwEv+MbPj6A19dCorQVVCe7KVYuz4+MXJR2q4+NjF04l9BVqK0zhj+
eh432FE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:11:45 2025 by rpki-client