Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/8A0713CC004411EE8F32354EC4F9AE02.roa
File: 8A0713CC004411EE8F32354EC4F9AE02.roa (raw, json)
Hash identifier: ivFRM0lJJ7oQ8j09aLJdmsXgFKru8SFyk4SkMkvCpbM=
Subject key identifier: D0:F6:43:DB:08:10:E4:3F:B6:7D:88:4A:1C:D2:12:B4:A5:93:67:0D
Certificate issuer: /CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD
Certificate serial: D3
Authority key identifier: ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/8A0713CC004411EE8F32354EC4F9AE02.roa
Signing time: Mon 01 Jul 2024 06:06:53 +0000
ROA not before: Mon 01 Jul 2024 06:06:53 +0000
ROA not after: Wed 30 Oct 2024 00:00:00 +0000
asID: 17828
IP address blocks: 202.58.128.0/22 maxlen: 22
202.58.131.0/24 maxlen: 24
202.165.192.0/20 maxlen: 20
2001:c60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211 (0xd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA0AA
Validity
Not Before: Jul 1 06:06:53 2024 GMT
Not After : Oct 30 00:00:00 2024 GMT
Subject: CN=6682477d-dd1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5d:44:6a:58:a4:13:00:da:41:8e:23:84:98:
55:f1:99:b3:a5:33:8a:d5:95:1e:64:4b:57:76:1a:
bf:31:58:a6:02:54:80:77:ef:0a:3a:cf:18:76:67:
e0:01:bc:fe:31:5c:ca:d2:b0:1b:2d:77:0f:1a:f6:
79:e9:24:b7:8a:9f:52:08:b2:ba:d7:75:14:a7:1e:
d4:32:f8:cf:ca:1a:ca:0d:73:f5:a2:37:5b:4a:4b:
89:fa:74:0c:2e:98:99:7f:8d:61:52:15:b1:8c:18:
9a:94:b3:9b:8f:15:23:40:8f:6a:ae:8e:99:8c:9b:
54:e4:ae:68:fc:78:a3:a5:23:50:75:72:f9:13:d9:
ee:ac:d7:62:d2:5f:13:0f:29:20:b7:c9:78:19:d7:
e2:a0:b3:ff:2c:e8:0e:0c:90:7b:8b:2f:0c:19:e6:
37:9f:e2:a5:26:da:37:7c:85:ed:a7:59:71:dd:4a:
38:8f:63:9e:d5:bf:24:f1:d5:c5:00:a9:fa:f8:d2:
ad:12:c5:47:e6:51:da:ee:e5:73:9f:46:d2:5a:d6:
86:60:71:84:27:a8:8d:1c:76:d8:5e:7c:ae:fe:fe:
ca:63:34:70:9f:bf:cf:4f:01:19:34:74:a9:a9:8d:
6d:8a:a6:6f:cc:5b:53:c8:15:57:5a:3b:45:c4:4a:
56:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F6:43:DB:08:10:E4:3F:B6:7D:88:4A:1C:D2:12:B4:A5:93:67:0D
X509v3 Authority Key Identifier:
keyid:ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/8A0713CC004411EE8F32354EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.58.128.0/22
202.165.192.0/20
IPv6:
2001:c60::/32
Signature Algorithm: sha256WithRSAEncryption
89:0e:07:bd:27:9a:e8:0e:ef:da:b9:8b:fc:22:c7:9b:45:78:
a3:cc:8a:ab:6c:cc:8c:65:48:88:92:06:7f:86:01:58:a3:40:
25:c9:2a:c2:37:09:08:01:ec:3d:29:d6:73:b7:cd:5d:7d:67:
db:1e:87:06:8d:48:1f:c1:cc:0c:cd:1d:d8:34:b9:68:45:69:
e5:72:97:e5:00:36:a9:bb:d1:d5:cf:58:59:e7:fd:e3:c3:54:
17:1c:72:35:51:75:fc:e5:76:f5:6e:a4:22:7c:b9:3f:df:0f:
a1:94:fa:ff:49:18:13:f3:cc:5d:dd:65:16:01:5d:93:35:e4:
8c:4c:d5:d1:01:ca:57:8c:9e:68:17:f8:4a:13:36:d5:c8:68:
7b:d8:7d:a3:7b:9d:0e:ef:6a:e0:85:b1:27:75:8a:7f:b3:8c:
2c:2d:10:09:3e:d9:2c:c9:e1:77:8b:e3:16:96:7e:6c:6a:28:
31:0d:2f:d1:90:95:d2:19:d1:62:02:52:ec:22:1f:b1:cc:c5:
38:e2:48:4b:9f:de:dd:fc:f5:41:2c:8f:a8:0b:16:c9:95:47:
80:17:97:32:22:bc:e7:f5:f4:17:65:c3:b3:8f:db:de:35:dd:
4b:42:72:0b:d5:96:90:ad:dd:4f:5e:75:be:9c:e6:6e:a3:1a:
44:40:c6:6f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICANMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwQUExMTAvBgNVBAUTKEVEOEY1RDZDOUJGQzE0OEY3QUJCNzA4QzUyOTFEMzg0
NzgxQzYxRkQwHhcNMjQwNzAxMDYwNjUzWhcNMjQxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgyNDc3ZC1kZDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6F1EalikEwDaQY4jhJhV8ZmzpTOK1ZUeZEtXdhq/MVimAlSAd+8KOs8Ydmfg
Abz+MVzK0rAbLXcPGvZ56SS3ip9SCLK613UUpx7UMvjPyhrKDXP1ojdbSkuJ+nQM
LpiZf41hUhWxjBialLObjxUjQI9qro6ZjJtU5K5o/HijpSNQdXL5E9nurNdi0l8T
Dykgt8l4GdfioLP/LOgODJB7iy8MGeY3n+KlJto3fIXtp1lx3Uo4j2Oe1b8k8dXF
AKn6+NKtEsVH5lHa7uVzn0bSWtaGYHGEJ6iNHHbYXnyu/v7KYzRwn7/PTwEZNHSp
qY1tiqZvzFtTyBVXWjtFxEpWcwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFND2Q9sI
EOQ/tn2IShzSErSlk2cNMB8GA1UdIwQYMBaAFO2PXWyb/BSPertwjFKR04R4HGH9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTBBQS84MkJCQjU1MjAw
M0QxMUVFOTYwOEYxNDdDNEY5QUUwMi83WTlkYkp2OEZJOTZ1M0NNVXBIVGhIZ2NZ
ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZOWRiSnY4Rkk5NnUzQ01VcEhUaEhnY1lmMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEwQUEvODJCQkI1NTIwMDNEMTFFRTk2MDhGMTQ3QzRGOUFFMDIvOEEwNzEzQ0Mw
MDQ0MTFFRThGMzIzNTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBALKOoADBATKpcAwDQQCAAIwBwMFACABDGAwDQYJKoZIhvcN
AQELBQADggEBAIkOB70nmugO79q5i/wix5tFeKPMiqtszIxlSIiSBn+GAVijQCXJ
KsI3CQgB7D0p1nO3zV19Z9sehwaNSB/BzAzNHdg0uWhFaeVyl+UANqm70dXPWFnn
/ePDVBcccjVRdfzldvVupCJ8uT/fD6GU+v9JGBPzzF3dZRYBXZM15IxM1dEByleM
nmgX+EoTNtXIaHvYfaN7nQ7vauCFsSd1in+zjCwtEAk+2SzJ4XeL4xaWfmxqKDEN
L9GQldIZ0WICUuwiH7HMxTjiSEuf3t389UEsj6gLFsmVR4AXlzIivOf19Bdlw7OP
29413UtCcgvVlpCt3U9edb6c5m6jGkRAxm8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:56:22 2025 by rpki-client