Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/2297CADC643911EB9D7F624EC4F9AE02.roa
File: 2297CADC643911EB9D7F624EC4F9AE02.roa (raw, json)
Hash identifier: MnSnNg9CRrV76IBl7WYvUb8oWAJJOmncgOplZk5FFJ0=
Subject key identifier: 56:AE:2D:D0:F5:EE:FB:53:BD:B0:8B:67:22:7A:7C:35:87:04:C6:EB
Certificate issuer: /CN=A91EEE1B/serialNumber=85902908828B0331E948D46EDB3825FF603DB986
Certificate serial: 0370
Authority key identifier: 85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/2297CADC643911EB9D7F624EC4F9AE02.roa
Signing time: Fri 15 Apr 2022 03:11:51 +0000
ROA not before: Fri 15 Apr 2022 03:11:51 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 36131
IP address blocks: 45.249.44.0/24 maxlen: 24
45.249.45.0/24 maxlen: 24
103.208.252.0/22 maxlen: 23
103.208.252.0/24 maxlen: 24
103.208.253.0/24 maxlen: 24
103.208.254.0/24 maxlen: 24
103.208.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 880 (0x370)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE1B
Validity
Not Before: Apr 15 03:11:51 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6258e277-be68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c2:ce:7f:20:e8:c7:b3:b1:e8:24:44:ef:ae:
27:a5:9c:22:9b:19:5d:67:38:17:6e:40:51:28:67:
55:9e:85:43:de:61:e8:95:c1:eb:39:6d:c8:6d:63:
bc:89:c4:54:cd:1f:c5:5a:d4:9b:d3:24:70:6a:f3:
4c:a4:c8:ec:2b:71:ca:c4:27:4b:84:93:db:df:21:
01:12:d1:50:0f:30:90:75:eb:24:ce:c9:9b:82:38:
a5:e1:46:9c:4b:36:24:0b:98:ce:b9:0e:4d:8a:29:
29:d8:9d:3d:f8:52:69:65:c8:cc:2a:da:8d:7a:1a:
ea:04:e2:b1:c4:9c:46:10:77:b9:c2:9e:1b:39:2c:
83:35:57:c5:71:c5:cf:c7:c8:7c:0e:6d:a1:45:0a:
f4:6b:63:5e:a5:4f:a3:2b:08:63:f5:a4:53:29:db:
8a:64:4a:f0:53:1d:b6:56:43:aa:8a:6b:16:3a:a3:
b7:11:fa:33:f6:b7:cd:94:d2:07:98:45:c2:8f:17:
01:aa:fd:fd:46:42:e8:1a:45:80:bd:3d:6d:d6:4f:
b6:98:9b:71:7d:39:9a:2a:8b:68:25:49:1c:da:ee:
53:1b:b4:e7:d9:97:1a:36:7d:19:d3:c4:ce:2e:cb:
ea:be:e9:01:00:cb:65:66:8f:e0:77:0b:aa:2b:b3:
56:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:AE:2D:D0:F5:EE:FB:53:BD:B0:8B:67:22:7A:7C:35:87:04:C6:EB
X509v3 Authority Key Identifier:
keyid:85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/hZApCIKLAzHpSNRu2zgl_2A9uYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/2297CADC643911EB9D7F624EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.44.0/23
103.208.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:07:02:3c:ff:76:a0:b4:36:6a:ee:12:14:e9:ff:6e:08:71:
90:04:35:4d:24:ed:6e:c3:5d:c6:b1:dc:2f:bf:78:2d:62:0c:
2e:59:cf:6d:a9:6d:26:b9:41:21:2e:1b:78:c3:4c:97:00:11:
04:97:25:9e:98:2b:63:a8:0b:ea:46:b6:ad:96:bd:30:d4:cb:
61:63:eb:50:a8:57:1e:06:9f:bc:d0:69:a3:58:f9:a0:ac:92:
74:6e:9e:9c:3c:e9:45:82:52:6a:c9:cc:a1:20:42:bd:ec:4a:
9b:13:11:a8:0b:f2:b1:d7:fc:86:3d:9d:42:39:9d:8c:c0:a8:
df:e5:15:04:7f:5c:55:ed:1a:2a:76:ef:67:af:fb:98:69:f3:
39:ab:80:30:a5:44:f3:8a:cf:17:6a:d4:23:1d:49:f7:07:47:
1e:be:e5:ec:a6:35:e9:e6:42:02:c1:51:a3:d0:f3:a5:53:85:
8c:ca:3b:e7:f8:14:96:6a:7c:06:8e:1d:e6:a7:de:04:d3:a8:
5b:48:ac:d4:6f:b9:43:e6:eb:cd:7c:30:55:93:f1:75:85:d0:
d9:3d:02:c2:35:d1:5d:97:5c:55:65:85:38:1d:d5:fc:58:a5:
ac:53:ca:c7:b2:60:a8:1b:01:ce:e4:1e:a2:c5:7e:88:98:33:
dd:3e:2d:c7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA3AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMUIxMTAvBgNVBAUTKDg1OTAyOTA4ODI4QjAzMzFFOTQ4RDQ2RURCMzgyNUZG
NjAzREI5ODYwHhcNMjIwNDE1MDMxMTUxWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU4ZTI3Ny1iZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2MLOfyDox7Ox6CRE764npZwimxldZzgXbkBRKGdVnoVD3mHolcHrOW3IbWO8
icRUzR/FWtSb0yRwavNMpMjsK3HKxCdLhJPb3yEBEtFQDzCQdeskzsmbgjil4Uac
SzYkC5jOuQ5Niikp2J09+FJpZcjMKtqNehrqBOKxxJxGEHe5wp4bOSyDNVfFccXP
x8h8Dm2hRQr0a2NepU+jKwhj9aRTKduKZErwUx22VkOqimsWOqO3Efoz9rfNlNIH
mEXCjxcBqv39RkLoGkWAvT1t1k+2mJtxfTmaKotoJUkc2u5TG7Tn2ZcaNn0Z08TO
LsvqvukBAMtlZo/gdwuqK7NWpwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFauLdD1
7vtTvbCLZyJ6fDWHBMbrMB8GA1UdIwQYMBaAFIWQKQiCiwMx6UjUbts4Jf9gPbmG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUxQi8yMDZERkMyODY0
MzgxMUVCOTQ2ODNCNEVDNEY5QUUwMi9oWkFwQ0lLTEF6SHBTTlJ1MnpnbF8yQTl1
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2haQXBDSUtMQXpIcFNOUnUyemdsXzJBOXVZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMUIvMjA2REZDMjg2NDM4MTFFQjk0NjgzQjRFQzRGOUFFMDIvMjI5N0NBREM2
NDM5MTFFQjlEN0Y2MjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEt+SwDBAJn0PwwDQYJKoZIhvcNAQELBQADggEBAJoHAjz/
dqC0NmruEhTp/24IcZAENU0k7W7DXcax3C+/eC1iDC5Zz22pbSa5QSEuG3jDTJcA
EQSXJZ6YK2OoC+pGtq2WvTDUy2Fj61CoVx4Gn7zQaaNY+aCsknRunpw86UWCUmrJ
zKEgQr3sSpsTEagL8rHX/IY9nUI5nYzAqN/lFQR/XFXtGip272ev+5hp8zmrgDCl
RPOKzxdq1CMdSfcHRx6+5eymNenmQgLBUaPQ86VThYzKO+f4FJZqfAaOHean3gTT
qFtIrNRvuUPm6818MFWT8XWF0Nk9AsI10V2XXFVlhTgd1fxYpaxTyseyYKgbAc7k
HqLFfoiYM90+Lcc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:50 2025 by rpki-client