Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/9E8BCF0A96B011EF83FF9151C4F9AE02.roa
File: 9E8BCF0A96B011EF83FF9151C4F9AE02.roa (raw, json)
Hash identifier: 5e0GZ0pY6HMEIzBtBRF/e+LWHEYM9nB3899sUbEDNbw=
Subject key identifier: 42:51:7C:A5:98:CB:FF:1F:C3:5B:CA:47:AA:C0:1E:59:3D:EC:1C:49
Certificate issuer: /CN=A91EAB64/serialNumber=20ED0AAB20750B8B27A86DF989A754BF5726DD7E
Certificate serial: 0112
Authority key identifier: 20:ED:0A:AB:20:75:0B:8B:27:A8:6D:F9:89:A7:54:BF:57:26:DD:7E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IO0KqyB1C4snqG35iadUv1cm3X4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/9E8BCF0A96B011EF83FF9151C4F9AE02.roa
Signing time: Wed 30 Oct 2024 11:17:59 +0000
ROA not before: Wed 30 Oct 2024 11:17:59 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 58715
IP address blocks: 103.179.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274 (0x112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAB64, serialNumber=20ED0AAB20750B8B27A86DF989A754BF5726DD7E
Validity
Not Before: Oct 30 11:17:59 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=672215e7-3a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:c7:92:ee:18:19:86:d8:63:7b:c5:7e:84:
2c:4f:0e:cc:9f:09:c2:55:8e:62:e4:d0:6a:4f:6a:
bd:48:fd:a7:b4:c7:ea:a9:c8:12:f6:f3:d3:9a:81:
0d:aa:d5:40:fd:90:34:24:f5:a2:ae:9e:a7:c6:ce:
36:49:7a:35:30:75:22:e6:2e:21:91:8e:62:cf:bb:
7f:ed:93:dc:09:77:7c:f5:50:c8:b0:7d:30:a5:ee:
b3:ec:74:bf:9c:e6:fa:46:ca:13:b8:a9:0d:87:d3:
e9:d1:4b:88:da:59:20:53:84:3e:7f:f0:22:cb:5d:
9c:70:4f:39:4a:39:6c:11:de:0b:2d:16:25:d5:31:
40:fa:60:0d:6a:8c:2c:71:6e:f5:6e:61:6b:bd:95:
df:76:f5:ca:8f:76:06:b1:ef:6e:50:bb:a2:d1:2c:
61:fa:3c:b3:03:b0:28:c8:9c:aa:90:2d:1f:67:8a:
f6:5c:4c:06:41:1e:63:42:d5:5b:91:6c:d2:f9:11:
e5:0b:66:95:18:1b:7d:97:92:68:17:8c:29:86:58:
35:8c:3a:c6:5e:c5:7f:5b:4e:bf:70:cc:31:75:cb:
b5:58:99:20:42:78:c8:e8:a4:67:97:e5:54:48:9f:
83:54:0c:37:b3:b3:0d:58:fd:ce:d7:2f:0c:f0:8c:
b6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:51:7C:A5:98:CB:FF:1F:C3:5B:CA:47:AA:C0:1E:59:3D:EC:1C:49
X509v3 Authority Key Identifier:
keyid:20:ED:0A:AB:20:75:0B:8B:27:A8:6D:F9:89:A7:54:BF:57:26:DD:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IO0KqyB1C4snqG35iadUv1cm3X4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/9E8BCF0A96B011EF83FF9151C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.127.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ac:0b:13:8e:41:50:97:96:d1:98:ca:ba:50:81:35:de:f6:
d2:f0:fa:22:6f:47:64:ab:e9:8b:8e:9b:30:ac:63:e8:02:c0:
cc:69:25:09:f0:0e:29:20:bc:c4:4d:70:f6:e5:a3:57:34:c4:
3d:5f:9f:53:c1:08:5d:25:af:40:18:be:0c:33:6e:5c:a0:29:
9d:52:00:f0:95:64:b9:8f:33:e0:06:1c:3d:a0:cc:20:e9:e6:
dd:cb:02:2e:f6:83:e7:dc:2f:f7:80:3a:9e:86:4e:c2:35:0f:
50:5a:2d:13:73:8f:37:b3:b4:2a:9c:3a:75:62:53:47:70:47:
48:0a:b0:8a:60:85:0c:d9:d7:26:6f:d8:1a:12:80:6a:5b:a7:
a0:f2:50:fc:b5:23:a2:a6:08:e8:c9:09:d1:30:7b:29:6e:18:
6c:09:49:af:9c:47:79:7f:e0:0e:9c:3b:e8:6b:e3:0b:ae:fb:
0d:a3:78:02:55:06:8b:61:b7:22:dd:b4:6a:96:9e:c6:2f:7e:
89:fa:4a:7c:94:d5:70:95:5d:e1:73:37:3a:0f:f3:b6:c0:42:
86:e0:0c:33:ec:0b:c1:f4:39:4c:55:a0:b2:28:39:3f:4e:3e:
31:10:c6:2c:bd:61:92:15:c5:88:41:14:47:fa:81:60:56:b7:
8f:fc:b2:ac
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFCNjQxMTAvBgNVBAUTKDIwRUQwQUFCMjA3NTBCOEIyN0E4NkRGOTg5QTc1NEJG
NTcyNkREN0UwHhcNMjQxMDMwMTExNzU5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIyMTVlNy0zYTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzCnHku4YGYbYY3vFfoQsTw7MnwnCVY5i5NBqT2q9SP2ntMfqqcgS9vPTmoEN
qtVA/ZA0JPWirp6nxs42SXo1MHUi5i4hkY5iz7t/7ZPcCXd89VDIsH0wpe6z7HS/
nOb6RsoTuKkNh9Pp0UuI2lkgU4Q+f/Aiy12ccE85SjlsEd4LLRYl1TFA+mANaows
cW71bmFrvZXfdvXKj3YGse9uULui0Sxh+jyzA7AoyJyqkC0fZ4r2XEwGQR5jQtVb
kWzS+RHlC2aVGBt9l5JoF4wphlg1jDrGXsV/W06/cMwxdcu1WJkgQnjI6KRnl+VU
SJ+DVAw3s7MNWP3O1y8M8Iy2hQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEJRfKWY
y/8fw1vKR6rAHlk97BxJMB8GA1UdIwQYMBaAFCDtCqsgdQuLJ6ht+YmnVL9XJt1+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUI2NC85QjQ0RUI3NDhG
MjkxMUVDQjZBNjk5NkNDNEY5QUUwMi9JTzBLcXlCMUM0c25xRzM1aWFkVXYxY20z
WDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lPMEtxeUIxQzRzbnFHMzVpYWRVdjFjbTNYNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFCNjQvOUI0NEVCNzQ4RjI5MTFFQ0I2QTY5OTZDQzRGOUFFMDIvOUU4QkNGMEE5
NkIwMTFFRjgzRkY5MTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABns38wDQYJKoZIhvcNAQELBQADggEBACKsCxOOQVCXltGY
yrpQgTXe9tLw+iJvR2Sr6YuOmzCsY+gCwMxpJQnwDikgvMRNcPblo1c0xD1fn1PB
CF0lr0AYvgwzblygKZ1SAPCVZLmPM+AGHD2gzCDp5t3LAi72g+fcL/eAOp6GTsI1
D1BaLRNzjzeztCqcOnViU0dwR0gKsIpghQzZ1yZv2BoSgGpbp6DyUPy1I6KmCOjJ
CdEweyluGGwJSa+cR3l/4A6cO+hr4wuu+w2jeAJVBothtyLdtGqWnsYvfon6SnyU
1XCVXeFzNzoP87bAQobgDDPsC8H0OUxVoLIoOT9OPjEQxiy9YZIVxYhBFEf6gWBW
t4/8sqw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:49:07 2025 by rpki-client