Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7D384544794811EE8768602EC4F9AE02.roa
File: 7D384544794811EE8768602EC4F9AE02.roa (raw, json)
Hash identifier: rtPuH9JxRZbECBDJ7mM8ENsX/qJO35yeof/qEHy1Zls=
Subject key identifier: EE:B6:95:B6:42:73:08:3D:85:73:CE:AB:19:FA:AB:D2:CD:B0:6A:1B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7D02
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7D384544794811EE8768602EC4F9AE02.roa
Signing time: Thu 02 Nov 2023 06:24:34 +0000
ROA not before: Thu 02 Nov 2023 06:24:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151717
IP address blocks: 202.158.250.0/24 maxlen: 24
202.158.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32002 (0x7d02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 2 06:24:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=654340a2-014b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f6:c7:a6:98:0a:d5:40:1b:7e:43:cc:35:53:
9c:8a:52:a7:1a:a4:00:dc:9b:7b:c7:2c:aa:4d:4a:
da:fc:6f:8e:93:bc:28:54:c4:6a:6f:9b:96:f2:c5:
3d:df:73:4c:66:b2:a1:a1:38:3a:91:37:cf:8d:0e:
d0:70:71:83:80:22:aa:8e:07:03:18:87:7d:f3:9c:
db:8c:2a:e8:02:79:cd:1c:9f:09:e9:95:a1:b1:04:
69:22:25:27:89:dc:b0:f2:b5:16:bc:b5:2a:78:cb:
4b:5b:0d:d1:62:e5:0a:56:ab:59:45:a6:2a:da:68:
95:af:d5:28:c8:2a:1f:51:a8:06:a8:bf:94:3c:bc:
bf:2d:af:e8:c2:6b:7e:60:0b:99:d9:63:a7:92:fb:
d0:7b:82:f5:12:5b:ab:16:26:fa:9b:49:5b:d7:f4:
6a:d7:29:36:57:d1:b8:de:9f:2e:8d:5e:c9:ed:59:
9e:62:09:c7:7a:35:db:e6:87:46:de:1d:dd:8a:9c:
29:d8:9b:d8:fc:ba:fe:fd:a3:13:19:d1:50:e6:86:
1f:a4:b3:57:dc:39:11:2c:24:42:48:7a:ee:6f:93:
40:94:80:76:5e:b1:11:82:ca:28:d5:ac:ee:9f:63:
f3:86:81:d2:25:53:e9:4d:22:2b:59:b6:b1:79:c8:
71:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B6:95:B6:42:73:08:3D:85:73:CE:AB:19:FA:AB:D2:CD:B0:6A:1B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7D384544794811EE8768602EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.158.250.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:81:6e:5f:aa:01:6e:e7:a1:f2:05:fa:fc:fa:be:ce:94:77:
a9:73:08:9c:34:4f:ac:8b:77:d2:ba:ea:d3:36:12:e0:19:7e:
76:35:2d:f3:0a:ef:86:e9:6b:ff:0d:e5:98:f1:f0:ce:45:bc:
a2:20:08:ee:b1:42:8d:db:3a:01:38:a0:9d:a7:2c:29:9e:73:
7e:6d:04:cb:a1:82:f1:e4:45:fc:eb:41:be:a0:b2:9f:b4:09:
29:96:a5:8d:b7:40:c2:96:21:3d:19:66:60:e5:23:15:d2:34:
18:78:03:98:cb:d7:27:09:72:24:c2:9f:29:b6:96:6e:d6:1d:
c7:33:d2:d8:c2:00:f8:dc:1a:77:8d:b1:77:96:3c:a9:bc:d6:
ac:d4:17:aa:1b:5b:f6:ce:fc:3f:df:a7:bd:c7:89:0f:fa:0b:
dc:99:46:76:77:82:0a:f4:e0:67:22:1e:5b:ec:4a:90:7a:4c:
b1:a4:26:2e:54:5b:c1:1d:24:f8:07:e2:db:05:fe:b8:03:4f:
06:df:bd:68:2d:c8:4e:ec:f7:c0:42:a2:f0:49:5c:90:ca:64:
d1:9c:8f:87:0d:15:73:9b:39:b3:14:91:28:01:84:52:9c:78:
ea:67:06:1f:e7:2f:af:62:88:4e:d2:e7:a0:ec:59:f6:03:59:
64:e4:e4:11
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICfQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTAyMDYyNDM0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQzNDBhMi0wMTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyfbHppgK1UAbfkPMNVOcilKnGqQA3Jt7xyyqTUra/G+Ok7woVMRqb5uW8sU9
33NMZrKhoTg6kTfPjQ7QcHGDgCKqjgcDGId985zbjCroAnnNHJ8J6ZWhsQRpIiUn
idyw8rUWvLUqeMtLWw3RYuUKVqtZRaYq2miVr9UoyCofUagGqL+UPLy/La/owmt+
YAuZ2WOnkvvQe4L1ElurFib6m0lb1/Rq1yk2V9G43p8ujV7J7VmeYgnHejXb5odG
3h3dipwp2JvY/Lr+/aMTGdFQ5oYfpLNX3DkRLCRCSHrub5NAlIB2XrERgsoo1azu
n2PzhoHSJVPpTSIrWbaxechx7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFO62lbZC
cwg9hXPOqxn6q9LNsGobMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0QzODQ1NDQ3
OTQ4MTFFRTg3Njg2MDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHKnvowDQYJKoZIhvcNAQELBQADggEBAE2Bbl+qAW7nofIF
+vz6vs6Ud6lzCJw0T6yLd9K66tM2EuAZfnY1LfMK74bpa/8N5Zjx8M5FvKIgCO6x
Qo3bOgE4oJ2nLCmec35tBMuhgvHkRfzrQb6gsp+0CSmWpY23QMKWIT0ZZmDlIxXS
NBh4A5jL1ycJciTCnym2lm7WHccz0tjCAPjcGneNsXeWPKm81qzUF6obW/bO/D/f
p73HiQ/6C9yZRnZ3ggr04GciHlvsSpB6TLGkJi5UW8EdJPgH4tsF/rgDTwbfvWgt
yE7s98BCovBJXJDKZNGcj4cNFXObObMUkSgBhFKceOpnBh/nL69iiE7S56DsWfYD
WWTk5BE=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:26:42 2025 by rpki-client