Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/231297E8BE1811EFA9DC5158C4F9AE02.roa
File: 231297E8BE1811EFA9DC5158C4F9AE02.roa (raw, json)
Hash identifier: hvayaFMdEVsqbJznIohmNpJgkWC6tr3j82lRDuR9ak0=
Subject key identifier: 2C:BE:92:71:CE:06:E6:14:4A:50:19:BC:AF:31:23:DA:A4:D8:AA:B8
Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Certificate serial: 0CDF
Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/231297E8BE1811EFA9DC5158C4F9AE02.roa
Signing time: Thu 19 Dec 2024 14:47:15 +0000
ROA not before: Thu 19 Dec 2024 14:47:15 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 62425
IP address blocks: 59.152.62.0/24 maxlen: 24
59.152.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3295 (0xcdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D17F2, serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9
Validity
Not Before: Dec 19 14:47:15 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=676431f3-b850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ed:7a:72:55:21:21:7d:42:8a:72:d6:a8:dc:
af:52:67:cd:72:31:43:ba:f3:a4:eb:8c:be:31:23:
c3:56:e4:78:5d:ef:0f:6c:25:a2:a2:49:bd:75:09:
d6:86:43:07:b5:ff:f1:ed:33:f3:e9:c8:73:78:94:
da:5b:42:7f:37:62:95:a2:3d:82:66:06:b0:ec:fb:
9f:0e:cc:54:34:3f:aa:6f:66:42:65:63:3a:ac:41:
8e:50:b6:20:0e:c0:d2:5f:0f:26:e1:f3:ce:ae:80:
8c:a7:4e:1b:18:c1:25:54:c0:e5:e1:c4:a0:24:fb:
53:3b:be:7a:0d:44:82:d6:1c:db:63:6c:29:08:be:
d1:02:53:91:64:5f:bf:f5:a4:3d:cd:4f:4b:b9:83:
88:e0:ca:22:c5:ab:15:ff:7e:b6:45:f1:17:cf:12:
5e:f2:2e:31:e6:c7:b2:77:4c:52:2a:da:6c:fa:64:
3b:02:32:d2:cc:8c:70:26:82:e1:0e:4c:53:51:49:
86:be:81:67:ba:15:4e:06:0b:af:b6:ad:b8:d3:0a:
1b:8f:72:77:8e:9d:5f:b6:57:58:8e:87:ea:06:bc:
5e:65:cd:9d:95:f8:39:cd:0d:4d:fb:3c:94:bf:a7:
dd:ce:39:5d:a7:cf:7d:ae:25:16:5b:dd:40:84:69:
44:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:BE:92:71:CE:06:E6:14:4A:50:19:BC:AF:31:23:DA:A4:D8:AA:B8
X509v3 Authority Key Identifier:
keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/231297E8BE1811EFA9DC5158C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.62.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:47:5b:03:81:d0:13:13:57:2b:df:7b:09:bc:d2:61:c0:c3:
87:49:91:bf:ac:25:86:8e:d3:11:10:21:1c:60:7c:f9:76:7d:
87:b9:68:27:be:d6:f8:9a:61:83:cd:28:4a:23:76:fe:87:e3:
c0:a9:c3:9c:38:46:0f:d2:1f:a9:56:7e:67:20:f0:83:b9:3e:
45:23:98:c2:da:5a:5c:a5:58:f1:7c:6e:98:f4:8b:7e:ad:02:
0a:74:94:e7:2d:41:6a:16:7b:01:b1:a7:ed:2d:c0:d7:53:a6:
ae:68:c2:58:cb:bc:6f:ee:23:80:39:53:e3:c3:8d:c8:16:81:
56:35:04:39:be:31:c0:13:fc:b8:18:b1:31:d7:ca:0e:ee:33:
2e:79:ea:9a:a8:24:2d:cf:f1:b7:d3:47:a2:16:a2:ee:45:b0:
56:65:9b:aa:18:4a:d9:7e:f9:01:86:fc:fb:55:24:ff:eb:01:
3e:a6:18:f6:51:ea:90:5e:18:aa:53:74:4a:9f:70:37:b7:d0:
98:b2:13:22:29:c9:e3:1d:43:92:80:a1:e9:f7:95:7b:98:22:
2a:78:59:83:72:48:91:bf:a7:83:20:01:4f:ce:c4:67:1d:f4:
44:c2:7f:ea:a5:4d:ee:67:85:2c:4f:5e:1e:72:3a:e4:1c:96:
50:87:d4:97
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3
RTFGOEQwQzkwHhcNMjQxMjE5MTQ0NzE1WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY0MzFmMy1iODUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuu16clUhIX1CinLWqNyvUmfNcjFDuvOk64y+MSPDVuR4Xe8PbCWiokm9dQnW
hkMHtf/x7TPz6chzeJTaW0J/N2KVoj2CZgaw7PufDsxUND+qb2ZCZWM6rEGOULYg
DsDSXw8m4fPOroCMp04bGMElVMDl4cSgJPtTO756DUSC1hzbY2wpCL7RAlORZF+/
9aQ9zU9LuYOI4MoixasV/362RfEXzxJe8i4x5seyd0xSKtps+mQ7AjLSzIxwJoLh
DkxTUUmGvoFnuhVOBguvtq240wobj3J3jp1ftldYjofqBrxeZc2dlfg5zQ1N+zyU
v6fdzjldp899riUWW91AhGlEiwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCy+knHO
BuYUSlAZvK8xI9qk2Kq4MB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE
RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw
TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvMjMxMjk3RThC
RTE4MTFFRkE5REM1MTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAE7mD4wDQYJKoZIhvcNAQELBQADggEBAE9HWwOB0BMTVyvf
ewm80mHAw4dJkb+sJYaO0xEQIRxgfPl2fYe5aCe+1viaYYPNKEojdv6H48Cpw5w4
Rg/SH6lWfmcg8IO5PkUjmMLaWlylWPF8bpj0i36tAgp0lOctQWoWewGxp+0twNdT
pq5owljLvG/uI4A5U+PDjcgWgVY1BDm+McAT/LgYsTHXyg7uMy556pqoJC3P8bfT
R6IWou5FsFZlm6oYStl++QGG/PtVJP/rAT6mGPZR6pBeGKpTdEqfcDe30JiyEyIp
yeMdQ5KAoen3lXuYIip4WYNySJG/p4MgAU/OxGcd9ETCf+qlTe5nhSxPXh5yOuQc
llCH1Jc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:38:27 2025 by rpki-client