Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/FDFCD92EC02D11EF970F7040C4F9AE02.roa
File: FDFCD92EC02D11EF970F7040C4F9AE02.roa (raw, json)
Hash identifier: EjNtRrGSTpalQpv2R0bMEZ5KiMY0jTaHbEqn/XddORI=
Subject key identifier: E2:F4:F7:C5:94:98:3E:84:24:20:10:8F:5F:85:A3:00:4B:DE:A8:92
Certificate issuer: /CN=A91EAB64/serialNumber=20ED0AAB20750B8B27A86DF989A754BF5726DD7E
Certificate serial: 0138
Authority key identifier: 20:ED:0A:AB:20:75:0B:8B:27:A8:6D:F9:89:A7:54:BF:57:26:DD:7E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IO0KqyB1C4snqG35iadUv1cm3X4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/FDFCD92EC02D11EF970F7040C4F9AE02.roa
Signing time: Sun 22 Dec 2024 06:28:44 +0000
ROA not before: Sun 22 Dec 2024 06:28:44 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 131474
IP address blocks: 103.179.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312 (0x138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAB64, serialNumber=20ED0AAB20750B8B27A86DF989A754BF5726DD7E
Validity
Not Before: Dec 22 06:28:44 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6767b19c-01b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fc:43:ee:ed:34:21:bf:be:66:cc:41:25:0c:
a6:d1:65:fa:42:22:de:d0:d8:87:03:08:a2:bd:7e:
72:f9:39:d2:f3:ab:56:22:55:3c:20:21:65:45:6b:
f5:aa:72:ca:23:0c:a2:7a:e8:ac:ed:49:5d:85:01:
1a:32:53:1c:41:2e:e3:bf:46:2a:d3:a3:42:25:05:
a9:47:f5:6c:bc:83:26:a4:d3:73:69:d8:a6:77:0b:
9c:f8:9d:ca:fa:1e:cf:9a:ad:7a:29:3f:e0:a7:30:
30:ab:4c:93:c9:81:eb:00:04:07:84:54:d2:d2:83:
df:c0:5f:f0:6a:8f:eb:2f:f7:5a:48:f2:35:42:dc:
f3:ce:0e:91:ba:c7:84:63:87:84:3a:6f:4c:27:50:
6a:20:58:ee:0d:1e:d1:6e:78:a5:ae:99:ea:52:ba:
f8:09:62:dc:a8:88:ac:14:a4:ba:3b:13:f6:b6:d2:
15:51:85:51:20:3b:8c:11:0f:e8:23:99:77:a7:43:
19:b4:31:54:10:dc:78:e9:b5:da:16:0a:4e:34:21:
d5:a8:23:82:b1:1b:34:63:d6:66:39:d1:37:80:a3:
a8:df:69:cf:f3:e5:27:14:4f:a0:9e:45:4e:13:ce:
5a:a4:28:3a:8a:7a:f5:da:5a:52:32:6f:d4:34:c1:
05:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F4:F7:C5:94:98:3E:84:24:20:10:8F:5F:85:A3:00:4B:DE:A8:92
X509v3 Authority Key Identifier:
keyid:20:ED:0A:AB:20:75:0B:8B:27:A8:6D:F9:89:A7:54:BF:57:26:DD:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/IO0KqyB1C4snqG35iadUv1cm3X4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IO0KqyB1C4snqG35iadUv1cm3X4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAB64/9B44EB748F2911ECB6A6996CC4F9AE02/FDFCD92EC02D11EF970F7040C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.127.0/24
Signature Algorithm: sha256WithRSAEncryption
43:fc:e7:98:0d:a2:4a:10:4d:69:cc:58:80:f8:0d:de:66:80:
b5:06:26:9d:3c:0f:14:ad:d3:d0:d2:87:0e:2b:82:fe:6e:a6:
16:92:bc:29:63:d0:b4:34:9f:14:e1:f0:be:9f:da:d3:fb:04:
06:b5:39:80:d7:ac:eb:fc:22:79:6e:75:51:d6:75:8e:fe:7a:
0f:b9:a2:57:3c:af:df:46:38:8a:fd:0d:80:6d:06:d6:1e:ab:
1b:ad:a6:e0:5f:0b:94:99:81:00:b0:36:dc:95:18:07:6b:9f:
aa:ad:8c:ad:6f:5a:1c:8b:f9:f9:8d:99:33:4f:79:b6:7c:40:
40:b0:88:3f:39:df:f9:65:60:25:70:74:ba:89:99:cc:a0:54:
ac:c3:bd:01:63:97:e5:df:1d:ca:8f:26:0d:12:10:dc:e4:c5:
cb:10:33:5e:01:81:22:ee:2c:0e:2b:32:c2:44:10:06:aa:54:
30:f8:f3:87:80:6a:b6:ff:4a:29:8d:72:44:14:93:3e:94:37:
0e:43:54:bd:bd:d1:67:62:b3:63:a1:39:49:30:26:a2:39:74:
12:d5:f4:b7:a2:e4:c5:52:66:3b:92:47:34:16:3e:f9:e5:d5:
77:c0:43:3a:f4:51:de:fa:65:a2:bb:97:5f:b9:d3:ae:a0:37:
03:33:70:a2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFCNjQxMTAvBgNVBAUTKDIwRUQwQUFCMjA3NTBCOEIyN0E4NkRGOTg5QTc1NEJG
NTcyNkREN0UwHhcNMjQxMjIyMDYyODQ0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY3YjE5Yy0wMWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzvxD7u00Ib++ZsxBJQym0WX6QiLe0NiHAwiivX5y+TnS86tWIlU8ICFlRWv1
qnLKIwyieuis7UldhQEaMlMcQS7jv0Yq06NCJQWpR/VsvIMmpNNzadimdwuc+J3K
+h7Pmq16KT/gpzAwq0yTyYHrAAQHhFTS0oPfwF/wao/rL/daSPI1Qtzzzg6RuseE
Y4eEOm9MJ1BqIFjuDR7RbnilrpnqUrr4CWLcqIisFKS6OxP2ttIVUYVRIDuMEQ/o
I5l3p0MZtDFUENx46bXaFgpONCHVqCOCsRs0Y9ZmOdE3gKOo32nP8+UnFE+gnkVO
E85apCg6inr12lpSMm/UNMEFgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOL098WU
mD6EJCAQj1+FowBL3qiSMB8GA1UdIwQYMBaAFCDtCqsgdQuLJ6ht+YmnVL9XJt1+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUI2NC85QjQ0RUI3NDhG
MjkxMUVDQjZBNjk5NkNDNEY5QUUwMi9JTzBLcXlCMUM0c25xRzM1aWFkVXYxY20z
WDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lPMEtxeUIxQzRzbnFHMzVpYWRVdjFjbTNYNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFCNjQvOUI0NEVCNzQ4RjI5MTFFQ0I2QTY5OTZDQzRGOUFFMDIvRkRGQ0Q5MkVD
MDJEMTFFRjk3MEY3MDQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABns38wDQYJKoZIhvcNAQELBQADggEBAEP855gNokoQTWnM
WID4Dd5mgLUGJp08DxSt09DShw4rgv5uphaSvClj0LQ0nxTh8L6f2tP7BAa1OYDX
rOv8InludVHWdY7+eg+5olc8r99GOIr9DYBtBtYeqxutpuBfC5SZgQCwNtyVGAdr
n6qtjK1vWhyL+fmNmTNPebZ8QECwiD853/llYCVwdLqJmcygVKzDvQFjl+XfHcqP
Jg0SENzkxcsQM14BgSLuLA4rMsJEEAaqVDD484eAarb/SimNckQUkz6UNw5DVL29
0Wdis2OhOUkwJqI5dBLV9Lei5MVSZjuSRzQWPvnl1XfAQzr0Ud76ZaK7l1+5066g
NwMzcKI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:09:29 2025 by rpki-client