Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/7C5507DE01D411EE9AB2054DC4F9AE02.roa
File: 7C5507DE01D411EE9AB2054DC4F9AE02.roa (raw, json)
Hash identifier: AHpl6HoSp34zJT3fkZblvMhqT2BKLTJ3xt+0cCMuruE=
Subject key identifier: F9:7B:FD:46:3D:CD:6E:5B:64:39:EF:41:65:0A:44:91:4B:16:13:BD
Certificate issuer: /CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918
Certificate serial: 0761
Authority key identifier: A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/7C5507DE01D411EE9AB2054DC4F9AE02.roa
Signing time: Sat 03 Jun 2023 06:04:23 +0000
ROA not before: Sat 03 Jun 2023 06:04:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59239
IP address blocks: 114.129.12.0/22 maxlen: 22
114.129.12.0/23 maxlen: 23
114.129.12.0/24 maxlen: 24
114.129.13.0/24 maxlen: 24
114.129.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1889 (0x761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0BDE
Validity
Not Before: Jun 3 06:04:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=647ad7e6-907c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:73:5e:3b:16:85:44:39:19:ca:72:ff:35:11:
df:c0:fc:cc:25:f8:fe:bb:10:a9:c6:60:31:3c:84:
6c:92:10:10:3d:0c:cc:21:3d:fc:38:a9:43:2a:a5:
07:f0:70:2a:bf:91:3a:53:36:b1:58:82:01:60:cc:
9a:c5:da:80:dd:bd:96:8e:48:98:9c:19:ee:11:3c:
22:67:33:55:d3:13:42:6d:13:3f:b9:4f:42:d6:34:
31:e8:08:b3:fe:a1:29:b3:8d:3f:df:50:8b:5e:19:
8c:42:e4:28:bb:27:48:ef:f5:5e:84:e5:9a:be:f4:
22:dc:46:88:f0:36:ea:ed:91:66:e7:b6:75:b8:e5:
d1:6a:8a:a7:6c:8c:4e:00:30:1d:af:78:01:95:92:
e3:2c:2d:e3:bf:8c:54:69:86:5c:5f:82:44:65:33:
58:ea:b7:70:0e:e2:1a:89:6a:00:0a:eb:c6:25:92:
fd:a5:1e:50:b6:de:47:2a:5c:62:58:bd:c0:b6:a4:
16:8f:94:a4:8e:a1:ed:fb:19:e6:36:ae:b2:65:4d:
3c:87:3a:f6:69:fe:36:14:1e:6f:11:7f:1f:1b:ab:
45:90:f0:44:ea:11:7c:30:da:0e:53:ef:f5:a3:6f:
99:32:b2:b2:03:0b:f7:ae:65:96:32:d5:2a:21:bd:
3b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7B:FD:46:3D:CD:6E:5B:64:39:EF:41:65:0A:44:91:4B:16:13:BD
X509v3 Authority Key Identifier:
keyid:A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/7C5507DE01D411EE9AB2054DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.129.12.0/22
Signature Algorithm: sha256WithRSAEncryption
11:60:ec:e5:c4:8d:8c:13:f1:6f:0d:82:5a:5f:82:13:f7:7c:
7d:d9:f9:74:1b:8a:6f:bb:a0:85:65:39:da:be:10:34:8f:86:
e8:6f:5b:53:1d:ab:b4:8e:84:23:4d:c9:df:39:a3:9f:c1:2e:
a1:94:6f:8e:58:bb:d9:ea:b5:bc:ac:0f:89:e8:87:9b:e6:4d:
9c:9d:8b:23:2d:5e:b5:73:73:02:3d:a9:e8:d9:4d:f1:8e:df:
fc:dc:9c:1f:0b:95:70:84:5d:10:08:59:5d:48:bd:20:3b:3d:
e2:a9:04:47:bb:31:9b:44:d6:4c:e2:30:6c:9f:0d:cd:32:65:
07:6f:13:b0:ee:6a:76:71:1e:3c:84:ad:34:d2:b4:b4:96:87:
83:1a:fb:d7:08:be:c3:cd:3d:2e:bb:ca:3b:2a:ed:87:57:88:
bd:70:bb:11:b1:76:d1:98:fb:48:14:bd:4a:cf:00:d5:e4:30:
f7:a1:26:b7:ae:48:5b:ec:76:84:c4:c4:7d:89:7e:81:fb:86:
3c:04:3f:25:6a:a3:83:d1:67:25:a3:6a:2a:5e:53:2a:2c:dd:
c6:f6:42:3b:33:9a:b0:b6:e8:50:ad:3b:c8:dc:9d:a0:10:a8:
22:ef:1c:15:60:16:81:a1:b1:2b:f7:00:ed:b3:d4:95:f3:95:
c1:a9:5b:74
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBCREUxMTAvBgNVBAUTKEE0QjUwQkVDRDhCQkEyODU1ODcxMjhENTkxOTI4M0RC
RTE2OTA5MTgwHhcNMjMwNjAzMDYwNDIzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhZDdlNi05MDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3NeOxaFRDkZynL/NRHfwPzMJfj+uxCpxmAxPIRskhAQPQzMIT38OKlDKqUH
8HAqv5E6UzaxWIIBYMyaxdqA3b2WjkiYnBnuETwiZzNV0xNCbRM/uU9C1jQx6Aiz
/qEps40/31CLXhmMQuQouydI7/VehOWavvQi3EaI8Dbq7ZFm57Z1uOXRaoqnbIxO
ADAdr3gBlZLjLC3jv4xUaYZcX4JEZTNY6rdwDuIaiWoACuvGJZL9pR5Qtt5HKlxi
WL3AtqQWj5SkjqHt+xnmNq6yZU08hzr2af42FB5vEX8fG6tFkPBE6hF8MNoOU+/1
o2+ZMrKyAwv3rmWWMtUqIb07uwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPl7/UY9
zW5bZDnvQWUKRJFLFhO9MB8GA1UdIwQYMBaAFKS1C+zYu6KFWHEo1ZGSg9vhaQkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJERS83RTVBQzNFMDg5
NzExMUVBOTI0MDJBMEFDNEY5QUUwMi9wTFVMN05pN29vVlljU2pWa1pLRDItRnBD
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BMVUw3Tmk3b29WWWNTalZrWktEMi1GcENSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBCREUvN0U1QUMzRTA4OTcxMTFFQTkyNDAyQTBBQzRGOUFFMDIvN0M1NTA3REUw
MUQ0MTFFRTlBQjIwNTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJygQwwDQYJKoZIhvcNAQELBQADggEBABFg7OXEjYwT8W8N
glpfghP3fH3Z+XQbim+7oIVlOdq+EDSPhuhvW1Mdq7SOhCNNyd85o5/BLqGUb45Y
u9nqtbysD4noh5vmTZydiyMtXrVzcwI9qejZTfGO3/zcnB8LlXCEXRAIWV1IvSA7
PeKpBEe7MZtE1kziMGyfDc0yZQdvE7DuanZxHjyErTTStLSWh4Ma+9cIvsPNPS67
yjsq7YdXiL1wuxGxdtGY+0gUvUrPANXkMPehJreuSFvsdoTExH2JfoH7hjwEPyVq
o4PRZyWjaipeUyos3cb2QjszmrC26FCtO8jcnaAQqCLvHBVgFoGhsSv3AO2z1JXz
lcGpW3Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:38 2025 by rpki-client