Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/51D32F2658C611ECAE51A83EC4F9AE02.roa
File: 51D32F2658C611ECAE51A83EC4F9AE02.roa (raw, json)
Hash identifier: 4Ujpa5xfrm5y8qzNAHRABkbCrhQpECBu8by7SEpIygE=
Subject key identifier: 95:EE:2C:3B:2D:30:D7:EC:8A:76:D2:62:99:8A:73:3A:46:07:47:9A
Certificate issuer: /CN=A91B7BDC/serialNumber=D43B44D5F937F65E8BAB9B7F987A3DC9D2104A32
Certificate serial: 02BD
Authority key identifier: D4:3B:44:D5:F9:37:F6:5E:8B:AB:9B:7F:98:7A:3D:C9:D2:10:4A:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DtE1fk39l6Lq5t_mHo9ydIQSjI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/51D32F2658C611ECAE51A83EC4F9AE02.roa
Signing time: Fri 21 Apr 2023 07:23:59 +0000
ROA not before: Fri 21 Apr 2023 07:23:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132139
IP address blocks: 103.149.62.0/23 maxlen: 23
103.149.62.0/24 maxlen: 24
103.149.63.0/24 maxlen: 24
2405:e440::/32 maxlen: 32
2405:e440::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 701 (0x2bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7BDC, serialNumber=D43B44D5F937F65E8BAB9B7F987A3DC9D2104A32
Validity
Not Before: Apr 21 07:23:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64423a0f-aa3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:3d:8d:8f:76:0a:60:d0:1f:5a:47:e8:2e:
de:7e:d5:8a:d2:07:2a:55:e1:c4:5e:2d:15:44:f5:
87:82:af:a7:b0:36:a8:02:d9:c4:c1:be:db:a5:41:
81:b9:2e:fa:ab:0b:08:f1:00:3e:d3:07:ab:87:c3:
08:a0:f8:d3:c2:55:bf:c0:07:59:53:03:5c:50:7a:
75:10:bf:5a:86:51:d1:e2:d7:b5:31:5e:f6:fc:3c:
66:93:20:96:fb:5e:0e:03:70:f5:cb:81:24:24:b1:
b0:bb:b5:22:1a:35:d9:22:ca:87:58:43:ef:ea:20:
c6:e5:f4:09:f1:fa:2d:1b:5b:b2:7b:f8:40:14:c5:
4e:ab:fd:1d:6f:e1:c7:10:c9:4e:e6:67:72:8c:8c:
04:b5:52:20:51:63:97:31:9c:21:36:b5:80:3d:c5:
39:c7:ef:26:ba:6e:b6:14:26:01:77:40:e9:01:58:
3f:10:ce:7e:cc:ee:0e:c8:dd:e7:a6:e9:60:21:9a:
a2:48:6e:8b:8e:f4:df:d3:03:51:65:21:05:cd:9e:
1b:c8:d8:25:eb:f7:0f:98:24:bc:d5:02:7b:6d:d7:
a5:c5:fc:d9:ef:c5:61:70:6b:06:5b:2c:4a:96:4f:
ec:13:99:db:dc:1c:46:36:ca:6b:93:d7:c3:71:8e:
4d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EE:2C:3B:2D:30:D7:EC:8A:76:D2:62:99:8A:73:3A:46:07:47:9A
X509v3 Authority Key Identifier:
keyid:D4:3B:44:D5:F9:37:F6:5E:8B:AB:9B:7F:98:7A:3D:C9:D2:10:4A:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/1DtE1fk39l6Lq5t_mHo9ydIQSjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DtE1fk39l6Lq5t_mHo9ydIQSjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/51D32F2658C611ECAE51A83EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.62.0/23
IPv6:
2405:e440::/32
Signature Algorithm: sha256WithRSAEncryption
13:23:55:3f:f5:5d:23:51:c0:bf:a5:0a:ed:1f:c4:ad:ac:54:
41:1a:5d:22:a4:16:30:1c:9b:1b:d0:c8:b0:30:d6:b1:88:12:
e2:bb:15:c6:47:42:9e:d8:1d:03:29:98:0c:be:eb:e6:91:ff:
ce:b3:8f:84:ae:39:a4:79:a8:0e:b6:50:de:ec:05:34:1b:ab:
26:87:29:8e:50:52:43:fb:cc:7e:c6:37:d8:e0:80:a8:ff:78:
4d:c0:50:2d:85:e2:11:fd:b9:34:c9:04:70:ea:26:b3:0d:17:
12:8e:86:71:56:7c:09:1f:38:aa:ca:d4:64:fa:1b:9f:4f:4d:
66:3b:5a:9b:c3:b7:14:5d:96:9c:7a:f6:30:5a:a2:fe:f6:75:
bd:66:10:43:8f:c3:bb:fb:9c:0f:df:54:80:22:41:8a:23:45:
ff:25:14:bf:10:98:d6:82:f3:fe:97:2e:4c:00:5e:3f:47:ae:
3f:98:f5:fd:61:4f:61:74:9e:b8:51:69:99:8f:c1:32:98:93:
07:f8:86:8a:bc:46:d8:b1:4b:20:e4:3f:aa:89:42:93:70:36:
cf:7f:40:e2:fe:ff:49:38:37:58:89:91:42:39:dc:b9:1c:62:
fe:26:0d:13:4f:cb:a7:28:48:ff:7e:4f:72:d7:77:1c:bd:0d:
d7:a2:fd:2f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjdCREMxMTAvBgNVBAUTKEQ0M0I0NEQ1RjkzN0Y2NUU4QkFCOUI3Rjk4N0EzREM5
RDIxMDRBMzIwHhcNMjMwNDIxMDcyMzU5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQyM2EwZi1hYTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuLY9jY92CmDQH1pH6C7eftWK0gcqVeHEXi0VRPWHgq+nsDaoAtnEwb7bpUGB
uS76qwsI8QA+0werh8MIoPjTwlW/wAdZUwNcUHp1EL9ahlHR4te1MV72/DxmkyCW
+14OA3D1y4EkJLGwu7UiGjXZIsqHWEPv6iDG5fQJ8fotG1uye/hAFMVOq/0db+HH
EMlO5mdyjIwEtVIgUWOXMZwhNrWAPcU5x+8mum62FCYBd0DpAVg/EM5+zO4OyN3n
pulgIZqiSG6LjvTf0wNRZSEFzZ4byNgl6/cPmCS81QJ7bdelxfzZ78VhcGsGWyxK
lk/sE5nb3BxGNsprk9fDcY5NgwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJXuLDst
MNfsinbSYpmKczpGB0eaMB8GA1UdIwQYMBaAFNQ7RNX5N/Zei6ubf5h6PcnSEEoy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0JEQy82ODFDOEY0NjU4
QkUxMUVDOEFFRDVGMkNDNEY5QUUwMi8xRHRFMWZrMzlsNkxxNXRfbUhvOXlkSVFT
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFEdEUxZmszOWw2THE1dF9tSG85eWRJUVNqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjdCREMvNjgxQzhGNDY1OEJFMTFFQzhBRUQ1RjJDQzRGOUFFMDIvNTFEMzJGMjY1
OEM2MTFFQ0FFNTFBODNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnlT4wDQQCAAIwBwMFACQF5EAwDQYJKoZIhvcNAQELBQAD
ggEBABMjVT/1XSNRwL+lCu0fxK2sVEEaXSKkFjAcmxvQyLAw1rGIEuK7FcZHQp7Y
HQMpmAy+6+aR/86zj4SuOaR5qA62UN7sBTQbqyaHKY5QUkP7zH7GN9jggKj/eE3A
UC2F4hH9uTTJBHDqJrMNFxKOhnFWfAkfOKrK1GT6G59PTWY7WpvDtxRdlpx69jBa
ov72db1mEEOPw7v7nA/fVIAiQYojRf8lFL8QmNaC8/6XLkwAXj9Hrj+Y9f1hT2F0
nrhRaZmPwTKYkwf4hoq8RtixSyDkP6qJQpNwNs9/QOL+/0k4N1iJkUI53LkcYv4m
DRNPy6coSP9+T3LXdxy9Ddei/S8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:11:35 2025 by rpki-client