Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/1A7BFA76BC9911ECAEB5A32CC4F9AE02.roa
File: 1A7BFA76BC9911ECAEB5A32CC4F9AE02.roa (raw, json)
Hash identifier: y92FeD5c2APpesVY0i6NwUaBfCjGWOLH/4rhbsb5Huc=
Subject key identifier: 2C:1C:3D:04:01:99:E4:C9:CC:5F:CD:78:99:72:C9:AF:06:AD:70:82
Certificate issuer: /CN=A91EEE1B/serialNumber=85902908828B0331E948D46EDB3825FF603DB986
Certificate serial: 0374
Authority key identifier: 85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/1A7BFA76BC9911ECAEB5A32CC4F9AE02.roa
Signing time: Fri 15 Apr 2022 08:50:30 +0000
ROA not before: Fri 15 Apr 2022 08:50:30 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 36131
IP address blocks: 45.249.44.0/24 maxlen: 24
103.208.252.0/22 maxlen: 23
103.208.252.0/24 maxlen: 24
103.208.253.0/24 maxlen: 24
103.208.254.0/24 maxlen: 24
103.208.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884 (0x374)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE1B
Validity
Not Before: Apr 15 08:50:30 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=625931d6-321f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:21:8a:0a:98:58:87:f0:c2:16:39:bf:8b:
ce:5c:4e:7c:94:86:28:d9:cc:7c:c6:64:8d:d4:d9:
85:76:aa:96:cd:7f:32:b0:57:b1:e6:0d:18:3d:f6:
15:37:1b:12:44:78:91:ba:54:92:09:d5:fb:56:35:
75:a9:24:70:25:a3:51:dd:9f:d2:5a:2c:8a:70:89:
32:4c:af:5b:a4:7d:5a:1a:22:48:b4:53:78:43:aa:
c5:89:a1:c8:07:82:63:b9:8e:fa:2c:17:f1:1b:31:
a5:df:b0:cd:95:ba:cc:61:be:0b:63:03:1e:26:c8:
89:61:a2:e8:74:98:03:ab:24:0e:30:24:89:43:71:
9a:58:95:b2:32:ea:a8:8f:0d:96:ed:e3:ef:ce:24:
11:db:2c:9a:4d:ca:1c:f3:f6:67:58:73:12:9f:7e:
2b:fa:8f:26:2f:58:1d:7c:3c:a3:22:24:71:15:ac:
ef:26:98:7f:87:7e:29:0c:5a:2b:4f:32:1e:2d:6d:
85:1e:4c:03:4b:e0:29:e9:83:5e:c5:5a:2e:91:90:
06:e8:c5:a3:46:af:68:b5:ce:b2:d0:81:29:d3:d8:
2e:be:23:b7:d7:37:35:c1:90:d2:5c:18:02:f3:fb:
fb:d6:ce:ae:1d:a8:39:f2:86:06:f7:6f:c1:b4:7e:
d8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1C:3D:04:01:99:E4:C9:CC:5F:CD:78:99:72:C9:AF:06:AD:70:82
X509v3 Authority Key Identifier:
keyid:85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/hZApCIKLAzHpSNRu2zgl_2A9uYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/1A7BFA76BC9911ECAEB5A32CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.44.0/24
103.208.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:18:09:8b:e5:40:81:d8:4c:0c:3b:1d:3b:8b:1a:6e:df:5f:
ba:44:67:9f:e8:89:f6:fe:d0:d1:20:8e:06:a8:96:20:06:10:
4d:67:bb:a1:56:1a:a1:22:68:3e:f1:3d:a1:4f:d1:78:01:27:
d3:5c:e5:a8:1b:f4:3e:60:7b:f5:f9:51:b8:90:89:09:77:eb:
29:8e:00:91:cb:92:38:bd:53:d2:0b:46:27:1b:02:d1:63:87:
eb:bb:05:f8:9f:46:5f:65:23:d2:79:a4:f8:83:6d:14:69:4e:
ce:b6:a6:14:c4:45:b1:a0:ab:b3:72:58:bf:bd:62:45:67:3a:
0b:c7:5a:3a:93:ef:c6:8d:9f:b8:06:dc:1f:9f:d4:12:47:d1:
4c:d3:2c:2b:48:90:5e:96:2b:6d:21:65:2a:f2:ce:27:8a:e0:
6b:0a:53:06:ba:8f:3f:ec:1d:e0:c5:6a:cd:2b:93:09:8d:9e:
37:58:e9:fa:f0:fa:e7:ef:2e:98:13:9b:aa:22:84:d6:05:dd:
1d:95:c7:d0:86:df:ac:c6:7f:87:97:73:3c:30:be:b9:ec:a5:
4e:3a:f0:ce:aa:f8:4f:c0:fb:e4:56:52:c1:f2:7e:14:75:8a:
23:c5:89:4b:de:9b:0a:89:1e:bc:7f:44:c8:d2:6e:c1:8f:36:
56:d3:95:6f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA3QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMUIxMTAvBgNVBAUTKDg1OTAyOTA4ODI4QjAzMzFFOTQ4RDQ2RURCMzgyNUZG
NjAzREI5ODYwHhcNMjIwNDE1MDg1MDMwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU5MzFkNi0zMjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtuwhigqYWIfwwhY5v4vOXE58lIYo2cx8xmSN1NmFdqqWzX8ysFex5g0YPfYV
NxsSRHiRulSSCdX7VjV1qSRwJaNR3Z/SWiyKcIkyTK9bpH1aGiJItFN4Q6rFiaHI
B4JjuY76LBfxGzGl37DNlbrMYb4LYwMeJsiJYaLodJgDqyQOMCSJQ3GaWJWyMuqo
jw2W7ePvziQR2yyaTcoc8/ZnWHMSn34r+o8mL1gdfDyjIiRxFazvJph/h34pDFor
TzIeLW2FHkwDS+Ap6YNexVoukZAG6MWjRq9otc6y0IEp09guviO31zc1wZDSXBgC
8/v71s6uHag58oYG92/BtH7Y3QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCwcPQQB
meTJzF/NeJlyya8GrXCCMB8GA1UdIwQYMBaAFIWQKQiCiwMx6UjUbts4Jf9gPbmG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUxQi8yMDZERkMyODY0
MzgxMUVCOTQ2ODNCNEVDNEY5QUUwMi9oWkFwQ0lLTEF6SHBTTlJ1MnpnbF8yQTl1
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2haQXBDSUtMQXpIcFNOUnUyemdsXzJBOXVZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMUIvMjA2REZDMjg2NDM4MTFFQjk0NjgzQjRFQzRGOUFFMDIvMUE3QkZBNzZC
Qzk5MTFFQ0FFQjVBMzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAt+SwDBAJn0PwwDQYJKoZIhvcNAQELBQADggEBADwYCYvl
QIHYTAw7HTuLGm7fX7pEZ5/oifb+0NEgjgaoliAGEE1nu6FWGqEiaD7xPaFP0XgB
J9Nc5agb9D5ge/X5UbiQiQl36ymOAJHLkji9U9ILRicbAtFjh+u7BfifRl9lI9J5
pPiDbRRpTs62phTERbGgq7NyWL+9YkVnOgvHWjqT78aNn7gG3B+f1BJH0UzTLCtI
kF6WK20hZSryzieK4GsKUwa6jz/sHeDFas0rkwmNnjdY6frw+ufvLpgTm6oihNYF
3R2Vx9CG36zGf4eXczwwvrnspU468M6q+E/A++RWUsHyfhR1iiPFiUvemwqJHrx/
RMjSbsGPNlbTlW8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:39 2025 by rpki-client