Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/DAC02F0C5E8E11EAB819EF35C4F9AE02.roa
File: DAC02F0C5E8E11EAB819EF35C4F9AE02.roa (raw, json)
Hash identifier: NSGTj9tM89C8DcSJKmgMVJR7L6a4CnerFFOoxzN4eZ0=
Subject key identifier: C1:FD:C6:56:17:E9:CD:BD:A2:79:4C:AE:43:D4:F9:D8:2B:77:25:A4
Certificate issuer: /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81
Certificate serial: 172D
Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/DAC02F0C5E8E11EAB819EF35C4F9AE02.roa
Signing time: Mon 28 Mar 2022 14:40:33 +0000
ROA not before: Mon 28 Mar 2022 14:40:33 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 3949
IP address blocks: 116.51.19.0/24 maxlen: 24
116.51.20.0/24 maxlen: 24
116.51.21.0/24 maxlen: 24
116.51.23.192/27 maxlen: 27
116.51.30.192/27 maxlen: 27
116.51.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5933 (0x172d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6D5D, serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81
Validity
Not Before: Mar 28 14:40:33 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=6241c8e1-eaef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:89:13:d5:3a:29:96:42:9b:a1:23:0c:ae:
9e:b8:dd:3e:a5:dd:ac:3b:3d:12:34:49:84:f8:96:
db:e5:b6:2d:27:ba:d8:e8:fb:7d:76:ed:c3:10:01:
fb:0a:51:e4:ad:f6:04:30:34:50:f0:8c:e5:7a:af:
3f:d3:af:3c:91:e4:0f:93:73:3a:cb:ae:34:42:9c:
4d:c4:4e:90:12:18:61:29:2e:c2:d5:55:f3:34:2a:
70:c4:72:d2:ae:0b:a5:29:c7:3a:e1:44:90:7f:f9:
e4:b6:0c:af:86:da:7a:cd:a8:d4:5b:c8:ca:58:bb:
e5:9a:86:c8:48:b3:3d:a7:4d:2d:9d:35:c9:9a:88:
75:28:33:26:59:64:0a:17:5e:31:57:2d:94:8a:7a:
8a:cd:7d:9e:85:a2:60:d4:1e:fb:1f:4e:a9:12:4a:
5e:81:72:70:0f:a9:63:2e:9f:07:f4:0f:bb:9f:4e:
ab:24:a5:d8:a4:8d:dd:6e:ab:82:c7:85:f4:9d:6c:
92:68:bf:46:7a:a8:d9:e9:e6:5f:0b:22:cc:47:29:
7e:34:0f:9e:54:c5:eb:9d:12:b2:79:8c:1b:c3:f5:
35:60:36:85:60:ad:84:37:40:8c:e5:9b:5e:e4:03:
6a:6c:6a:5e:bb:e8:af:4e:63:30:df:87:23:d3:9f:
9a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FD:C6:56:17:E9:CD:BD:A2:79:4C:AE:43:D4:F9:D8:2B:77:25:A4
X509v3 Authority Key Identifier:
keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/DAC02F0C5E8E11EAB819EF35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.51.19.0-116.51.21.255
116.51.23.192/27
116.51.30.192/27
116.51.40.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:cf:03:2b:fd:37:57:e1:65:09:9d:d3:29:c2:1d:65:42:a2:
10:62:cf:de:66:33:2e:c6:96:8c:b3:80:85:46:62:13:db:a8:
4b:f2:d6:56:a9:7e:01:47:83:27:ea:8c:d6:e2:c6:7a:bf:1e:
07:07:0a:8a:d0:e9:5c:94:af:e8:b8:13:22:a9:6a:24:5f:10:
24:30:87:96:2b:41:df:31:35:20:d9:20:4f:b1:c5:09:86:ed:
f2:01:ef:77:11:63:09:a5:66:90:8c:fd:9d:07:62:11:12:ac:
20:30:97:4c:ce:a4:d4:3a:fc:e8:58:83:47:26:aa:33:78:05:
07:3d:27:2e:da:82:25:07:7d:4e:f2:51:92:0c:ca:da:53:1d:
88:aa:69:0f:9d:1f:3e:67:d1:96:49:aa:7f:c3:5a:9f:0b:70:
34:e7:fa:46:ab:34:c4:b8:55:13:ad:21:a4:9b:24:c4:48:40:
b1:fc:1d:67:2c:1c:c4:25:72:4a:1e:f1:18:57:2a:96:1e:92:
29:9b:99:8a:71:5b:e5:9f:76:14:15:18:3c:53:67:e3:9c:d3:
d2:df:d0:9e:15:91:27:b5:d3:8d:a8:62:97:b7:71:28:c0:25:
fa:11:60:1b:70:9b:41:31:4e:a2:d3:c2:b0:8f:90:38:38:ec:
09:ea:f0:ad
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICFy0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD
N0RFQzRCODEwHhcNMjIwMzI4MTQ0MDMzWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQxYzhlMS1lYWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApaiJE9U6KZZCm6EjDK6euN0+pd2sOz0SNEmE+Jbb5bYtJ7rY6Pt9du3DEAH7
ClHkrfYEMDRQ8Izleq8/0688keQPk3M6y640QpxNxE6QEhhhKS7C1VXzNCpwxHLS
rgulKcc64USQf/nktgyvhtp6zajUW8jKWLvlmobISLM9p00tnTXJmoh1KDMmWWQK
F14xVy2UinqKzX2ehaJg1B77H06pEkpegXJwD6ljLp8H9A+7n06rJKXYpI3dbquC
x4X0nWySaL9GeqjZ6eZfCyLMRyl+NA+eVMXrnRKyeYwbw/U1YDaFYK2EN0CM5Zte
5ANqbGpeu+ivTmMw34cj05+adwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFMH9xlYX
6c29onlMrkPU+dgrdyWkMB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE
ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT
NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTZENUQvOURDQjY4RTAxRDg4MTFFMjk0Qjk1NUUxMDhCMDJDRDIvREFDMDJGMEM1
RThFMTFFQUI4MTlFRjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEAHQzEwMEAXQzFAMFBXQzF8ADBQV0Mx7AAwQAdDMoMA0G
CSqGSIb3DQEBCwUAA4IBAQB6zwMr/TdX4WUJndMpwh1lQqIQYs/eZjMuxpaMs4CF
RmIT26hL8tZWqX4BR4Mn6ozW4sZ6vx4HBwqK0OlclK/ouBMiqWokXxAkMIeWK0Hf
MTUg2SBPscUJhu3yAe93EWMJpWaQjP2dB2IREqwgMJdMzqTUOvzoWINHJqozeAUH
PScu2oIlB31O8lGSDMraUx2IqmkPnR8+Z9GWSap/w1qfC3A05/pGqzTEuFUTrSGk
myTESECx/B1nLBzEJXJKHvEYVyqWHpIpm5mKcVvln3YUFRg8U2fjnNPS39CeFZEn
tdONqGKXt3EowCX6EWAbcJtBMU6i08Kwj5A4OOwJ6vCt
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:23:11 2025 by rpki-client