Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C7A9/AFA0E2A481E311EE838DA50AC4F9AE02/4C4696DA81E411EE81225F0CC4F9AE02.roa
File: 4C4696DA81E411EE81225F0CC4F9AE02.roa (raw, json)
Hash identifier: 8oqKPxsJ8flrsUCBVZTJg3zqyS0MhiEN7QDcKmvTsjg=
Subject key identifier: FE:C5:CA:C3:5D:42:8E:B4:8D:F7:91:FF:73:8A:FE:DD:7F:0B:E2:EE
Certificate issuer: /CN=A919C7A9/serialNumber=F7D64161B3A04AD4E59C0173E3B80759282D43C1
Certificate serial: 02
Authority key identifier: F7:D6:41:61:B3:A0:4A:D4:E5:9C:01:73:E3:B8:07:59:28:2D:43:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99ZBYbOgStTlnAFz47gHWSgtQ8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C7A9/AFA0E2A481E311EE838DA50AC4F9AE02/4C4696DA81E411EE81225F0CC4F9AE02.roa
Signing time: Mon 13 Nov 2023 05:20:03 +0000
ROA not before: Mon 13 Nov 2023 05:20:03 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 149250
IP address blocks: 203.175.98.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C7A9
Validity
Not Before: Nov 13 05:20:03 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6551b203-c676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:63:e7:6f:6b:ee:c2:f6:30:a5:13:f0:f3:aa:
3d:62:70:97:30:e8:7d:97:2c:d2:36:b5:ba:8d:3b:
df:a1:8c:7f:c5:a0:ca:4d:4d:e7:71:e8:05:98:2b:
09:c7:d0:a5:a1:42:62:43:92:b1:be:dd:16:0f:ad:
be:4a:ff:d6:22:2b:ef:4f:6d:92:28:98:db:47:9f:
33:ee:53:c4:cb:ba:b7:3f:c9:29:b8:80:dc:46:3d:
6d:a5:db:bd:54:bc:64:3f:41:17:94:a8:63:39:58:
a4:7e:1e:b9:af:92:3a:19:10:6d:cc:8a:20:89:0c:
7a:af:10:57:7f:e0:0a:c5:8f:66:df:b9:cb:bc:1a:
67:ff:3e:3a:a8:bb:cf:66:cb:81:02:e2:c9:5e:3f:
e1:6d:43:9d:b9:da:a0:d0:13:b2:74:b1:8f:38:4a:
3e:ad:70:f7:3f:f4:39:8b:71:06:7b:56:58:d7:01:
04:4d:83:93:90:54:67:32:2f:88:6d:84:d3:d0:4b:
9b:63:8f:f6:fd:da:79:22:7b:01:7b:02:17:82:23:
a9:50:d6:01:ea:da:bc:ab:bc:10:65:7e:c8:0c:98:
c2:89:58:81:84:b3:d1:d8:54:fc:8c:df:ca:2e:74:
53:9d:6d:c4:9c:8c:bb:8c:86:8c:19:18:51:f2:77:
50:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C5:CA:C3:5D:42:8E:B4:8D:F7:91:FF:73:8A:FE:DD:7F:0B:E2:EE
X509v3 Authority Key Identifier:
keyid:F7:D6:41:61:B3:A0:4A:D4:E5:9C:01:73:E3:B8:07:59:28:2D:43:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C7A9/AFA0E2A481E311EE838DA50AC4F9AE02/99ZBYbOgStTlnAFz47gHWSgtQ8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99ZBYbOgStTlnAFz47gHWSgtQ8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C7A9/AFA0E2A481E311EE838DA50AC4F9AE02/4C4696DA81E411EE81225F0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.175.98.0/23
Signature Algorithm: sha256WithRSAEncryption
29:a6:86:b6:a0:35:92:bf:94:00:5e:e4:19:b8:ea:56:94:04:
d9:41:f3:f2:66:f1:35:6d:74:aa:a5:06:e8:65:cb:3b:49:81:
18:1d:08:22:11:5c:94:5c:1d:78:76:ef:e3:ae:00:10:6e:bd:
22:bc:16:3f:a3:aa:3b:d4:8f:ee:9c:34:b6:18:ad:d0:7e:ce:
a2:5d:45:44:ae:3c:b0:57:4a:64:21:0f:a4:e0:76:bd:80:bd:
d8:f2:97:7a:61:4d:89:d9:06:b2:e1:b6:77:8d:fd:05:78:11:
bd:c4:3e:54:e6:20:1b:21:6c:9e:90:c3:b8:1f:37:ff:5d:04:
e8:78:fc:a7:06:61:49:ae:42:60:68:c2:a4:3a:75:ab:05:ee:
e0:60:b3:11:e8:a7:b3:d5:f3:2e:61:d2:b7:9b:15:e3:8f:57:
f0:c0:70:f7:a0:4c:c8:03:b5:e9:29:9a:c9:c3:3a:6e:d9:91:
66:88:a0:20:44:c9:17:62:e2:43:6f:f0:15:84:2d:d0:55:e1:
79:6b:3b:f6:73:0a:cf:36:ab:06:58:57:af:c8:ec:29:32:b8:
ff:9d:9c:2e:31:09:ac:49:38:a5:98:da:85:d5:41:04:9f:ab:
48:5b:38:80:b3:ea:3c:7e:9e:59:84:a0:25:d0:79:7c:1e:45:
83:3a:46:85
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
QzdBOTExMC8GA1UEBRMoRjdENjQxNjFCM0EwNEFENEU1OUMwMTczRTNCODA3NTky
ODJENDNDMTAeFw0yMzExMTMwNTIwMDNaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NTFiMjAzLWM2NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkY+dva+7C9jClE/Dzqj1icJcw6H2XLNI2tbqNO9+hjH/FoMpNTedx6AWYKwnH
0KWhQmJDkrG+3RYPrb5K/9YiK+9PbZIomNtHnzPuU8TLurc/ySm4gNxGPW2l271U
vGQ/QReUqGM5WKR+HrmvkjoZEG3MiiCJDHqvEFd/4ArFj2bfucu8Gmf/Pjqou89m
y4EC4sleP+FtQ5252qDQE7J0sY84Sj6tcPc/9DmLcQZ7VljXAQRNg5OQVGcyL4ht
hNPQS5tjj/b92nkiewF7AheCI6lQ1gHq2ryrvBBlfsgMmMKJWIGEs9HYVPyM38ou
dFOdbcScjLuMhowZGFHyd1A5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/sXKw11C
jrSN95H/c4r+3X8L4u4wHwYDVR0jBBgwFoAU99ZBYbOgStTlnAFz47gHWSgtQ8Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlDN0E5L0FGQTBFMkE0ODFF
MzExRUU4MzhEQTUwQUM0RjlBRTAyLzk5WkJZYk9nU3RUbG5BRno0N2dIV1NndFE4
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOTlaQlliT2dTdFRsbkFGejQ3Z0hXU2d0UThFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QzdBOS9BRkEwRTJBNDgxRTMxMUVFODM4REE1MEFDNEY5QUUwMi80QzQ2OTZEQTgx
RTQxMUVFODEyMjVGMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcuvYjANBgkqhkiG9w0BAQsFAAOCAQEAKaaGtqA1kr+UAF7k
GbjqVpQE2UHz8mbxNW10qqUG6GXLO0mBGB0IIhFclFwdeHbv464AEG69IrwWP6Oq
O9SP7pw0thit0H7Ool1FRK48sFdKZCEPpOB2vYC92PKXemFNidkGsuG2d439BXgR
vcQ+VOYgGyFsnpDDuB83/10E6Hj8pwZhSa5CYGjCpDp1qwXu4GCzEeins9XzLmHS
t5sV449X8MBw96BMyAO16SmaycM6btmRZoigIETJF2LiQ2/wFYQt0FXheWs79nMK
zzarBlhXr8jsKTK4/52cLjEJrEk4pZjahdVBBJ+rSFs4gLPqPH6eWYSgJdB5fB5F
gzpGhQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:33:06 2025 by rpki-client