Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/14C388188F2B11EE8A2EF554C4F9AE02.roa
File: 14C388188F2B11EE8A2EF554C4F9AE02.roa (raw, json)
Hash identifier: sElwIBZVyoQ+v5qmi9P1ye8qFEUsy256uSnCuKT4djI=
Subject key identifier: E9:44:C0:3A:C3:9F:50:85:DC:D2:4A:94:12:7F:B3:7E:4F:CF:65:DA
Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial: 032B
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/14C388188F2B11EE8A2EF554C4F9AE02.roa
Signing time: Wed 27 Dec 2023 02:14:41 +0000
ROA not before: Wed 27 Dec 2023 02:14:41 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 47757
IP address blocks: 204.52.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 811 (0x32b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEB81
Validity
Not Before: Dec 27 02:14:41 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658b8890-5ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:cc:2b:bb:0c:79:f1:f6:c0:35:e4:28:dc:
36:3b:22:0a:24:4d:70:c8:94:c2:45:83:2d:b3:b7:
bf:98:c6:ab:59:2f:2e:03:5d:cd:3c:51:a9:03:35:
f3:45:ed:a0:a8:dd:aa:27:0f:6b:0e:b6:ef:28:83:
bf:33:7e:ed:79:1e:86:90:be:6d:7a:fd:8e:b3:7e:
de:f2:d2:32:3b:d3:f5:08:2b:ba:50:3a:c5:ec:8e:
33:93:ba:6b:99:23:e7:ff:d8:37:50:cc:2e:6c:3f:
84:94:78:b1:6c:da:fa:e8:fe:f7:b7:50:d9:67:a9:
e5:ba:34:ca:e2:e7:5f:81:b9:ae:a3:1d:9e:45:ef:
0c:e3:3a:88:3f:9c:e9:fa:cc:8e:d9:96:92:a8:00:
91:8b:d8:1e:de:91:2e:34:b2:4d:02:31:db:d2:17:
22:01:9b:dc:81:cf:9a:02:04:a0:9e:62:e0:19:1a:
83:38:3a:31:9d:ca:a7:99:da:f2:4a:0f:02:05:be:
24:2c:2a:6e:78:b8:2c:c5:d7:1c:5e:04:46:3b:d6:
62:7e:9c:48:1d:fe:63:62:40:c6:16:dd:26:ab:8b:
c2:70:3d:9b:7e:49:b2:bd:0e:95:cc:3e:02:8e:c4:
1c:01:9c:fe:9f:7e:7a:3e:8b:ad:aa:e0:9d:5d:66:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:44:C0:3A:C3:9F:50:85:DC:D2:4A:94:12:7F:B3:7E:4F:CF:65:DA
X509v3 Authority Key Identifier:
keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/14C388188F2B11EE8A2EF554C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
204.52.191.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:f3:26:4c:20:c2:27:42:ef:4c:6f:68:b2:96:36:c9:ae:67:
c0:3b:31:63:c3:d0:0d:fb:17:01:36:f0:0e:43:61:98:7d:23:
b7:53:b6:aa:ed:1e:55:63:ad:eb:5c:34:0a:4b:32:44:0c:8f:
1c:0b:99:6c:cc:21:1c:37:43:11:90:e8:0f:f4:57:42:0b:3f:
25:bb:39:3a:21:21:db:d1:3f:1b:b3:b7:24:95:fa:78:6f:e8:
61:43:42:6b:51:69:c0:ba:85:42:4a:97:b5:55:41:92:8b:03:
63:3c:a2:40:9c:db:37:67:14:20:5c:6a:cc:7d:cf:89:27:6b:
11:e8:c6:c7:15:b2:73:ab:be:70:3a:52:e1:ff:1f:f3:91:14:
a0:3c:b8:b6:6b:56:00:37:3a:c0:bf:1b:85:65:29:7b:b3:3a:
c4:ad:2c:f1:fb:06:f6:d2:b8:76:f4:34:70:97:90:8d:7f:30:
66:bf:64:91:13:1a:84:dc:c4:a8:c1:f5:67:24:81:d7:17:63:
bc:9d:3f:04:92:4e:43:c0:9f:46:62:ac:11:d2:1c:13:69:76:
c1:20:62:6c:64:7e:dc:8f:2e:54:88:8c:23:68:0a:50:b0:99:
0e:d8:b7:08:43:08:95:85:bf:67:34:2f:1e:0d:2a:56:45:e7:
06:a4:8e:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAyswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC
RUQ1RDk4OTIwHhcNMjMxMjI3MDIxNDQxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThiODg5MC01Y2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzHMK7sMefH2wDXkKNw2OyIKJE1wyJTCRYMts7e/mMarWS8uA13NPFGpAzXz
Re2gqN2qJw9rDrbvKIO/M37teR6GkL5tev2Os37e8tIyO9P1CCu6UDrF7I4zk7pr
mSPn/9g3UMwubD+ElHixbNr66P73t1DZZ6nlujTK4udfgbmuox2eRe8M4zqIP5zp
+syO2ZaSqACRi9ge3pEuNLJNAjHb0hciAZvcgc+aAgSgnmLgGRqDODoxncqnmdry
Sg8CBb4kLCpueLgsxdccXgRGO9ZifpxIHf5jYkDGFt0mq4vCcD2bfkmyvQ6VzD4C
jsQcAZz+n356PoutquCdXWbgPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOlEwDrD
n1CF3NJKlBJ/s35Pz2XaMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw
RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCODEvQ0Y5NjYzQzY3MEY3MTFFQ0IzMThFNDNBQzRGOUFFMDIvMTRDMzg4MTg4
RjJCMTFFRThBMkVGNTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADMNL8wDQYJKoZIhvcNAQELBQADggEBAA/zJkwgwidC70xv
aLKWNsmuZ8A7MWPD0A37FwE28A5DYZh9I7dTtqrtHlVjretcNApLMkQMjxwLmWzM
IRw3QxGQ6A/0V0ILPyW7OTohIdvRPxuztySV+nhv6GFDQmtRacC6hUJKl7VVQZKL
A2M8okCc2zdnFCBcasx9z4knaxHoxscVsnOrvnA6UuH/H/ORFKA8uLZrVgA3OsC/
G4VlKXuzOsStLPH7BvbSuHb0NHCXkI1/MGa/ZJETGoTcxKjB9WckgdcXY7ydPwSS
TkPAn0ZirBHSHBNpdsEgYmxkftyPLlSIjCNoClCwmQ7YtwhDCJWFv2c0Lx4NKlZF
5wakjmk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:50:04 2025 by rpki-client