Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/68ACC8067AD011EDBB0E666BC4F9AE02.roa
File: 68ACC8067AD011EDBB0E666BC4F9AE02.roa (raw, json)
Hash identifier: o3aLLK/IFRLhgIqf0Al2deLje+BfEmfqWXkVfwBfV2s=
Subject key identifier: 96:A4:C7:5E:88:8C:8A:28:4A:07:01:C6:0E:BF:5E:16:02:7F:29:85
Certificate issuer: /CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Certificate serial: 07
Authority key identifier: 02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/68ACC8067AD011EDBB0E666BC4F9AE02.roa
Signing time: Tue 13 Dec 2022 10:25:05 +0000
ROA not before: Tue 13 Dec 2022 10:25:05 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 38264
IP address blocks: 103.52.34.0/24 maxlen: 24
103.52.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0848
Validity
Not Before: Dec 13 10:25:05 2022 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63985300-a004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:74:05:b6:9b:07:73:33:27:37:d3:94:a0:3d:
d1:ef:a4:b2:00:ea:80:a7:7e:2b:3e:65:44:03:e9:
6c:2e:7b:43:a1:d4:8f:6c:d1:d9:41:15:12:f1:17:
a7:1c:6b:35:96:61:29:02:c9:f6:3a:82:e4:d1:41:
d0:e3:f1:59:c3:6d:76:49:e9:b8:25:d8:84:49:9a:
9b:96:09:41:cd:60:ad:a8:c7:89:a3:01:77:c0:dc:
47:d5:a5:1e:3b:af:2f:d1:54:63:7a:cd:db:fd:a3:
40:82:06:ae:72:6c:d4:a5:1a:f1:f6:32:ff:80:92:
19:bf:da:c9:f6:15:df:0f:65:04:1d:5c:0b:f8:26:
f2:e0:d2:76:77:7a:ed:96:8c:72:e9:d3:25:cc:8b:
57:c2:86:1c:54:4a:20:5b:a5:da:21:8e:23:a6:89:
2c:fc:7b:63:cd:82:19:f1:ef:ab:ad:2f:e5:ea:a6:
02:f6:05:6d:c0:c3:23:05:aa:3a:72:04:78:85:d2:
14:b7:87:fd:c4:3d:89:91:1c:9c:50:d1:5c:66:ff:
d9:e6:78:60:3b:ac:3f:e0:a2:e9:6a:aa:13:29:bb:
bf:b9:02:85:72:a3:fc:bd:5d:88:f7:be:72:5c:3c:
52:16:1d:91:88:ba:28:f7:97:19:bc:63:5b:19:33:
b4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A4:C7:5E:88:8C:8A:28:4A:07:01:C6:0E:BF:5E:16:02:7F:29:85
X509v3 Authority Key Identifier:
keyid:02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/AkIpyBrDU1oh1g4twyqbiL1q2B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/68ACC8067AD011EDBB0E666BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.52.34.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:b8:c6:07:07:b8:13:16:b8:d6:32:0b:bf:98:92:de:93:b9:
3f:8d:c4:9e:fd:b4:83:f2:35:07:35:6e:3b:dd:bc:3d:3d:7a:
a8:b7:06:65:05:21:b0:07:a8:0d:7e:c5:23:6e:46:68:e5:1b:
81:46:19:fc:48:a8:62:5a:18:ad:7b:f0:86:df:ab:f9:0e:3b:
49:8f:13:02:05:f8:96:0c:6c:2e:99:b2:d2:22:77:cf:ca:e0:
af:e8:36:04:38:2c:58:03:37:50:42:4e:6a:78:86:8b:68:7d:
15:21:14:56:f9:42:fb:38:ad:0d:4b:e4:48:90:b2:b5:8b:af:
98:45:2a:d5:d2:bb:78:d4:d3:eb:16:97:b8:d0:27:76:bb:78:
5b:09:ea:a7:cc:6c:d9:91:ed:21:0c:4b:df:6b:00:90:1b:6b:
5f:1e:6d:97:bf:a6:07:c2:f6:d2:ce:98:17:75:56:a4:d3:95:
8d:f3:7a:6b:1d:bd:ee:1d:78:13:d2:4f:31:0c:42:1e:48:79:
ce:af:4e:e0:8d:00:b6:0f:17:32:f0:6d:04:c0:76:6a:0d:a8:
51:b1:87:1d:36:3f:47:e2:f9:d7:f1:c6:c1:af:65:9a:6d:3e:
35:cc:af:c0:f9:2d:a7:0b:6d:e7:65:36:39:3e:59:07:e5:68:
76:45:d9:f3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MDg0ODExMC8GA1UEBRMoMDI0MjI5QzgxQUMzNTM1QTIxRDYwRTJEQzMyQTlCODhC
RDZBRDgxRjAeFw0yMjEyMTMxMDI1MDVaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTg1MzAwLWEwMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6dAW2mwdzMyc305SgPdHvpLIA6oCnfis+ZUQD6Wwue0Oh1I9s0dlBFRLxF6cc
azWWYSkCyfY6guTRQdDj8VnDbXZJ6bgl2IRJmpuWCUHNYK2ox4mjAXfA3EfVpR47
ry/RVGN6zdv9o0CCBq5ybNSlGvH2Mv+Akhm/2sn2Fd8PZQQdXAv4JvLg0nZ3eu2W
jHLp0yXMi1fChhxUSiBbpdohjiOmiSz8e2PNghnx76utL+XqpgL2BW3AwyMFqjpy
BHiF0hS3h/3EPYmRHJxQ0Vxm/9nmeGA7rD/goulqqhMpu7+5AoVyo/y9XYj3vnJc
PFIWHZGIuij3lxm8Y1sZM7StAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUlqTHXoiM
iihKBwHGDr9eFgJ/KYUwHwYDVR0jBBgwFoAUAkIpyBrDU1oh1g4twyqbiL1q2B8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwODQ4LzY0RDhCMURFNzdF
NDExRUQ5N0Y1OTM0REM0RjlBRTAyL0FrSXB5QnJEVTFvaDFnNHR3eXFiaUwxcTJC
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQWtJcHlCckRVMW9oMWc0dHd5cWJpTDFxMkI4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MDg0OC82NEQ4QjFERTc3RTQxMUVEOTdGNTkzNERDNEY5QUUwMi82OEFDQzgwNjdB
RDAxMUVEQkIwRTY2NkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWc0IjANBgkqhkiG9w0BAQsFAAOCAQEAybjGBwe4Exa41jIL
v5iS3pO5P43Env20g/I1BzVuO928PT16qLcGZQUhsAeoDX7FI25GaOUbgUYZ/Eio
YloYrXvwht+r+Q47SY8TAgX4lgxsLpmy0iJ3z8rgr+g2BDgsWAM3UEJOaniGi2h9
FSEUVvlC+zitDUvkSJCytYuvmEUq1dK7eNTT6xaXuNAndrt4Wwnqp8xs2ZHtIQxL
32sAkBtrXx5tl7+mB8L20s6YF3VWpNOVjfN6ax297h14E9JPMQxCHkh5zq9O4I0A
tg8XMvBtBMB2ag2oUbGHHTY/R+L51/HGwa9lmm0+NcyvwPktpwtt52U2OT5ZB+Vo
dkXZ8w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:21:01 2025 by rpki-client