Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/937CBAAEAC4411EEB037CE54C4F9AE02.roa
File: 937CBAAEAC4411EEB037CE54C4F9AE02.roa (raw, json)
Hash identifier: EQF3zmcJqwzKgnREMMVTN1tfATMOZnl2U+5Hp/akxyI=
Subject key identifier: E1:3A:CE:17:0B:29:D2:7E:18:FA:23:9E:11:FB:D8:E6:08:1F:76:06
Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial: 0334
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/937CBAAEAC4411EEB037CE54C4F9AE02.roa
Signing time: Sat 06 Jan 2024 03:35:03 +0000
ROA not before: Sat 06 Jan 2024 03:35:03 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 215938
IP address blocks: 204.52.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 820 (0x334)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEB81
Validity
Not Before: Jan 6 03:35:03 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6598ca66-ad9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bf:b8:fa:46:42:bf:7a:e8:a3:d6:af:bf:fb:
ec:d4:20:d9:91:91:31:56:af:91:ed:58:df:7b:74:
67:be:b0:76:71:6f:58:83:e2:12:47:0d:44:8f:3e:
07:7a:09:e7:fe:3a:aa:8f:75:bf:fd:be:a1:44:dc:
e9:6c:fc:e0:6b:22:6d:81:b0:63:3a:cb:58:99:4d:
bd:8b:d5:7e:fa:fb:bb:5c:c6:bc:d0:8c:60:64:ef:
61:55:f6:37:f4:33:aa:a6:f8:d2:0d:40:36:9a:23:
32:ed:c4:68:e2:93:0a:fb:2b:19:a5:81:8f:55:46:
c0:fc:1e:70:d2:a0:01:d9:1c:4d:a2:06:15:8d:3f:
eb:c4:48:f1:e9:e1:ab:b4:fb:d8:59:02:1d:71:31:
7c:2f:e6:f1:62:a2:54:b7:64:42:dd:7a:97:39:49:
20:29:85:5e:28:fa:ad:be:db:90:0b:d5:2f:3a:f3:
2d:96:b2:33:10:2d:f6:3d:35:58:28:61:a5:a6:a6:
1f:29:fc:e4:f1:c4:49:d6:d3:70:96:d3:81:07:f5:
95:f6:27:a4:6f:98:89:64:48:0d:80:ab:91:57:7d:
92:f0:50:ca:1b:80:00:d1:1f:fc:8f:f2:52:d4:67:
74:5e:55:d3:60:f4:32:20:9c:98:70:8b:ca:41:a7:
99:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3A:CE:17:0B:29:D2:7E:18:FA:23:9E:11:FB:D8:E6:08:1F:76:06
X509v3 Authority Key Identifier:
keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/937CBAAEAC4411EEB037CE54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
204.52.191.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d6:4f:48:72:95:e6:54:43:47:fd:7a:d4:47:c8:33:b8:b8:
c1:23:71:87:2a:bf:99:36:11:aa:81:61:c8:0e:8b:52:3a:09:
b5:81:2e:b9:bd:59:94:a1:f6:07:44:10:f5:74:b0:dd:da:33:
aa:05:1b:6c:47:cf:bb:93:b3:52:6c:61:83:ca:dc:10:fd:32:
0e:8c:78:8f:1a:bb:db:58:1b:0e:dd:9c:c9:14:04:d1:8a:06:
cd:04:86:00:ee:c6:b3:fa:99:2a:ce:5d:45:64:ea:a9:b8:1a:
bf:4d:16:92:8e:20:da:80:fc:5c:6f:1b:47:6b:6d:91:e7:91:
e3:7f:72:92:60:6a:52:dd:2e:d4:c1:97:a0:e8:fa:03:24:2f:
82:16:a3:af:93:9e:cb:38:c0:ce:c5:3c:70:2f:45:cb:cf:72:
e6:3f:4b:62:24:b2:09:70:e6:ad:9d:6e:45:0c:c2:4f:36:be:
2f:8a:c1:f9:3a:8f:c4:02:46:e3:2c:02:e5:4f:d7:5c:1a:40:
66:1c:12:1e:b8:88:7a:7a:68:79:c6:1b:d6:a3:f6:9f:3f:95:
ad:87:89:1b:02:58:2a:28:b1:ed:aa:13:17:94:4c:7b:91:30:
6d:4d:ab:40:30:a8:78:3a:20:e0:10:d8:a6:79:99:69:30:aa:
d2:1c:6d:b6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAzQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC
RUQ1RDk4OTIwHhcNMjQwMTA2MDMzNTAzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk4Y2E2Ni1hZDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3r+4+kZCv3roo9avv/vs1CDZkZExVq+R7Vjfe3RnvrB2cW9Yg+ISRw1Ejz4H
egnn/jqqj3W//b6hRNzpbPzgayJtgbBjOstYmU29i9V++vu7XMa80IxgZO9hVfY3
9DOqpvjSDUA2miMy7cRo4pMK+ysZpYGPVUbA/B5w0qAB2RxNogYVjT/rxEjx6eGr
tPvYWQIdcTF8L+bxYqJUt2RC3XqXOUkgKYVeKPqtvtuQC9UvOvMtlrIzEC32PTVY
KGGlpqYfKfzk8cRJ1tNwltOBB/WV9iekb5iJZEgNgKuRV32S8FDKG4AA0R/8j/JS
1Gd0XlXTYPQyIJyYcIvKQaeZQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOE6zhcL
KdJ+GPojnhH72OYIH3YGMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw
RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCODEvQ0Y5NjYzQzY3MEY3MTFFQ0IzMThFNDNBQzRGOUFFMDIvOTM3Q0JBQUVB
QzQ0MTFFRUIwMzdDRTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADMNL8wDQYJKoZIhvcNAQELBQADggEBAKHWT0hyleZUQ0f9
etRHyDO4uMEjcYcqv5k2EaqBYcgOi1I6CbWBLrm9WZSh9gdEEPV0sN3aM6oFG2xH
z7uTs1JsYYPK3BD9Mg6MeI8au9tYGw7dnMkUBNGKBs0EhgDuxrP6mSrOXUVk6qm4
Gr9NFpKOINqA/FxvG0drbZHnkeN/cpJgalLdLtTBl6Do+gMkL4IWo6+Tnss4wM7F
PHAvRcvPcuY/S2Iksglw5q2dbkUMwk82vi+Kwfk6j8QCRuMsAuVP11waQGYcEh64
iHp6aHnGG9aj9p8/la2HiRsCWCoose2qExeUTHuRMG1Nq0AwqHg6IOAQ2KZ5mWkw
qtIcbbY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:50:07 2025 by rpki-client