Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/414FA4D2CF6C11ECA9A4D264C4F9AE02.roa
File: 414FA4D2CF6C11ECA9A4D264C4F9AE02.roa (raw, json)
Hash identifier: YEc4SR8PA9cbvzxFnB6zbxv7hJXNA1vDZWhsbO+jBAI=
Subject key identifier: 0F:DE:77:47:40:B7:0B:59:E2:DF:64:7C:E1:B5:BF:80:1C:1F:9D:9F
Certificate issuer: /CN=A91C3B8A/serialNumber=4550C69051BAA18AF112DC76B5F5DF9E6B7940D5
Certificate serial: 0987
Authority key identifier: 45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/414FA4D2CF6C11ECA9A4D264C4F9AE02.roa
Signing time: Wed 07 Dec 2022 08:07:03 +0000
ROA not before: Wed 07 Dec 2022 08:07:03 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 56111
IP address blocks: 27.121.108.0/22 maxlen: 22
27.121.108.0/24 maxlen: 24
27.121.109.0/24 maxlen: 24
27.121.110.0/24 maxlen: 24
27.121.111.0/24 maxlen: 24
103.229.196.0/23 maxlen: 23
103.229.196.0/24 maxlen: 24
103.229.197.0/24 maxlen: 24
116.193.156.0/24 maxlen: 24
2402:5700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2439 (0x987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C3B8A
Validity
Not Before: Dec 7 08:07:03 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=639049a7-99fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a1:c7:5b:df:d5:53:8c:f0:c6:2b:9f:32:15:
4e:90:45:b3:dc:7f:3f:7c:2f:82:fb:93:aa:e4:36:
65:ac:35:7d:27:ae:7b:09:c5:dd:d4:45:19:06:66:
d4:9b:07:1a:fa:d8:f8:fb:f1:c6:87:0c:99:09:f4:
01:5c:26:7e:fd:01:a5:6b:9c:97:01:1d:b4:1d:58:
e1:1f:e0:d6:f6:fa:d4:ce:fd:ef:3d:cd:32:37:e6:
fb:8c:c3:a7:33:19:99:47:30:4f:3b:25:b2:05:34:
25:a8:e6:19:c2:b0:03:91:41:31:c4:2e:5c:e0:10:
de:b9:66:f8:55:f5:bd:f0:5d:08:fb:08:82:db:96:
40:b2:f0:e9:18:19:df:a5:7b:b4:f5:cf:50:f7:09:
c2:02:8f:7c:bf:55:67:49:47:16:61:b6:fe:2d:0c:
58:01:37:bf:c1:9c:41:84:e1:35:a2:87:95:ea:42:
d7:95:12:0e:72:56:4f:cb:c5:da:4c:c6:65:d1:70:
02:ac:17:b5:d5:01:c6:fb:08:ed:b8:18:c7:de:9d:
68:3d:d8:37:fb:84:f1:d7:b0:ce:c5:e5:f1:fe:b1:
30:71:32:11:da:72:bb:e9:84:44:a3:4b:6c:99:1e:
3c:91:be:56:88:f4:f5:33:0f:3b:d3:1c:5e:a9:ba:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DE:77:47:40:B7:0B:59:E2:DF:64:7C:E1:B5:BF:80:1C:1F:9D:9F
X509v3 Authority Key Identifier:
keyid:45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/414FA4D2CF6C11ECA9A4D264C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.121.108.0/22
103.229.196.0/23
116.193.156.0/24
IPv6:
2402:5700::/32
Signature Algorithm: sha256WithRSAEncryption
58:a9:b3:5a:05:3a:ee:fe:94:6e:fc:7c:2f:05:3e:26:2e:c3:
3f:23:1c:3a:e0:3a:cf:d4:d8:c0:46:49:68:d8:39:6b:bd:ce:
09:5a:4e:f3:06:61:f0:5b:c0:9d:fd:9e:59:0d:55:9f:8d:e2:
7f:ac:00:94:bb:b1:ac:a7:40:93:d6:3e:65:8b:fc:99:37:f6:
34:e5:b1:26:94:cc:9f:b9:e8:fc:6d:9f:a3:a9:03:e5:d6:f9:
07:e1:37:56:f7:2a:7a:c9:51:a3:28:ce:50:cb:73:3f:81:80:
4f:27:18:28:72:ec:cf:9b:44:1f:d1:2a:4a:71:59:f3:ea:e7:
0e:80:1c:8a:89:03:73:97:a9:2f:08:40:db:00:7f:aa:12:07:
b9:e3:33:a0:8d:89:bc:de:62:10:b0:64:5e:0c:56:77:07:4a:
31:aa:14:58:8e:37:b3:f3:ad:f1:12:06:50:a1:65:c4:db:56:
95:97:00:4f:3a:49:fd:3b:dd:f1:3a:97:a2:3b:52:a1:17:85:
cd:bc:aa:d8:35:6f:0b:97:41:d7:9d:dc:07:3a:5d:b3:6e:b1:
fa:a0:f1:a1:65:a6:e8:69:b3:49:b3:db:b1:d0:1c:4b:e8:13:
b8:ff:b2:68:19:77:89:ac:e1:ed:c8:2a:29:51:64:52:2d:6c:
84:a5:56:36
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzNCOEExMTAvBgNVBAUTKDQ1NTBDNjkwNTFCQUExOEFGMTEyREM3NkI1RjVERjlF
NkI3OTQwRDUwHhcNMjIxMjA3MDgwNzAzWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkwNDlhNy05OWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzaHHW9/VU4zwxiufMhVOkEWz3H8/fC+C+5Oq5DZlrDV9J657CcXd1EUZBmbU
mwca+tj4+/HGhwyZCfQBXCZ+/QGla5yXAR20HVjhH+DW9vrUzv3vPc0yN+b7jMOn
MxmZRzBPOyWyBTQlqOYZwrADkUExxC5c4BDeuWb4VfW98F0I+wiC25ZAsvDpGBnf
pXu09c9Q9wnCAo98v1VnSUcWYbb+LQxYATe/wZxBhOE1ooeV6kLXlRIOclZPy8Xa
TMZl0XACrBe11QHG+wjtuBjH3p1oPdg3+4Tx17DOxeXx/rEwcTIR2nK76YREo0ts
mR48kb5WiPT1Mw870xxeqbpdxQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFA/ed0dA
twtZ4t9kfOG1v4AcH52fMB8GA1UdIwQYMBaAFEVQxpBRuqGK8RLcdrX1355reUDV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0I4QS8wOEM0MzkyNDM4
NEQxMUVBQTRGNTVCNzNDNEY5QUUwMi9SVkRHa0ZHNm9ZcnhFdHgydGZYZm5tdDVR
TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JWREdrRkc2b1lyeEV0eDJ0Zlhmbm10NVFOVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzNCOEEvMDhDNDM5MjQzODREMTFFQUE0RjU1QjczQzRGOUFFMDIvNDE0RkE0RDJD
RjZDMTFFQ0E5QTREMjY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIbeWwDBAFn5cQDBAB0wZwwDQQCAAIwBwMFACQCVwAwDQYJ
KoZIhvcNAQELBQADggEBAFips1oFOu7+lG78fC8FPiYuwz8jHDrgOs/U2MBGSWjY
OWu9zglaTvMGYfBbwJ39nlkNVZ+N4n+sAJS7saynQJPWPmWL/Jk39jTlsSaUzJ+5
6Pxtn6OpA+XW+QfhN1b3KnrJUaMozlDLcz+BgE8nGChy7M+bRB/RKkpxWfPq5w6A
HIqJA3OXqS8IQNsAf6oSB7njM6CNibzeYhCwZF4MVncHSjGqFFiON7PzrfESBlCh
ZcTbVpWXAE86Sf073fE6l6I7UqEXhc28qtg1bwuXQded3Ac6XbNusfqg8aFlpuhp
s0mz27HQHEvoE7j/smgZd4ms4e3IKilRZFItbISlVjY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:51 2025 by rpki-client