Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/B1571EDCDC5411EC90C2B55FC4F9AE02.roa
File: B1571EDCDC5411EC90C2B55FC4F9AE02.roa (raw, json)
Hash identifier: 4GutfT44nw50SfpG+IZQCjJPvbAij2Rsg+CBL+7/9Fo=
Subject key identifier: 63:30:9D:E9:4E:E6:AF:F1:1E:CD:0A:23:57:C0:70:3C:8A:D0:0A:FE
Certificate issuer: /CN=A91E91BC/serialNumber=6D5D50E88B9D65E8AFDA28C2CEA6150127038608
Certificate serial: 0138
Authority key identifier: 6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/B1571EDCDC5411EC90C2B55FC4F9AE02.roa
Signing time: Tue 20 Dec 2022 01:43:40 +0000
ROA not before: Tue 20 Dec 2022 01:43:40 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 7545
IP address blocks: 202.12.87.0/24 maxlen: 24
202.12.88.0/24 maxlen: 24
202.12.89.0/24 maxlen: 24
202.12.90.0/24 maxlen: 24
203.0.12.0/24 maxlen: 24
203.0.13.0/24 maxlen: 24
203.3.124.0/22 maxlen: 22
203.4.226.0/24 maxlen: 24
203.12.236.0/22 maxlen: 22
203.14.152.0/24 maxlen: 24
203.14.154.0/24 maxlen: 24
203.14.155.0/24 maxlen: 24
203.14.156.0/23 maxlen: 23
203.14.158.0/23 maxlen: 23
203.27.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312 (0x138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E91BC
Validity
Not Before: Dec 20 01:43:40 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=63a1134c-489e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:df:6c:2c:49:6a:84:88:cd:22:99:64:6b:a5:
9f:1e:3c:8d:f8:57:e6:27:06:dd:85:8e:6b:a8:d4:
90:f8:cf:c1:a9:04:a0:89:6a:d6:35:4f:be:f1:f9:
8e:02:41:6e:fd:9b:cc:fb:95:ab:18:b6:c5:20:0e:
f7:fa:f7:ec:73:b4:2b:49:1d:36:b7:34:a9:5e:82:
16:56:eb:41:c8:a0:88:5b:5b:ed:35:2b:d0:6b:c7:
82:47:8a:da:ab:34:37:81:f2:4e:91:32:fb:70:5f:
47:e3:17:5d:f0:24:b2:5c:a8:9c:e3:a0:ee:50:38:
12:6f:12:cf:5c:77:c5:76:5d:bd:2c:24:4d:60:ae:
3b:17:a0:ca:a4:c2:b4:47:df:79:9a:9b:75:ab:e1:
b4:3e:ab:01:0e:05:7c:0d:3f:7a:6c:4e:40:fb:f7:
f3:34:e9:5f:cf:29:12:8b:06:7b:42:3f:46:92:96:
27:d2:27:4b:bd:cb:bf:51:7d:f5:85:25:42:6f:92:
56:82:91:be:50:fa:e2:69:6b:85:75:e4:e9:7b:8d:
52:6c:59:df:90:fa:75:ad:39:01:2e:36:c1:1b:bc:
17:61:35:4c:fa:d5:bf:15:07:5b:b0:97:1c:28:c3:
78:e1:31:f1:44:ef:23:87:6d:c7:90:7c:ae:11:8f:
4c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:30:9D:E9:4E:E6:AF:F1:1E:CD:0A:23:57:C0:70:3C:8A:D0:0A:FE
X509v3 Authority Key Identifier:
keyid:6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/bV1Q6IudZeiv2ijCzqYVAScDhgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/B1571EDCDC5411EC90C2B55FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.12.87.0-202.12.90.255
203.0.12.0/23
203.3.124.0/22
203.4.226.0/24
203.12.236.0/22
203.14.152.0/24
203.14.154.0-203.14.159.255
203.27.126.0/24
Signature Algorithm: sha256WithRSAEncryption
60:37:4b:e6:7f:09:2e:ae:48:55:79:58:f5:0c:03:4e:3f:44:
4a:e1:4e:7d:60:93:6d:5f:62:6b:69:c9:2a:fb:37:1e:59:06:
ba:6e:29:44:72:62:b4:c5:0a:cd:93:8e:9d:f2:02:26:bf:6d:
6b:03:ca:01:8f:df:0e:bc:30:a8:d5:61:db:41:4f:97:ca:da:
cd:da:ef:fb:e0:82:0d:d1:51:07:5a:71:7a:b3:10:af:50:32:
70:cd:3b:34:59:a9:1d:b3:40:38:e2:ce:53:8e:ac:0a:a6:72:
7c:fc:eb:1a:7d:ee:5e:ab:d0:ee:72:17:cc:18:3f:40:cc:64:
12:1a:cd:d9:d2:84:8a:c5:9e:c6:20:6e:e0:c3:ca:61:93:fe:
53:83:6d:ff:86:de:5f:b7:be:23:a0:8c:97:fb:ec:5a:a6:36:
97:30:a7:d6:1c:a9:c4:32:be:22:d5:6e:9e:ad:11:bf:0a:78:
f2:60:b5:39:97:22:63:dc:32:76:6f:fe:d7:19:9e:3b:c8:ea:
ec:0b:9c:c2:ea:7e:96:e4:b8:4d:0a:b5:fc:bd:cb:ac:71:d7:
55:c1:e4:2c:59:af:db:7d:15:2e:0c:d8:42:95:f2:7f:83:be:
cc:23:2c:71:7e:7b:e8:2f:00:8a:e6:26:de:a3:05:45:b1:37:
40:7e:6c:bb
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTkxQkMxMTAvBgNVBAUTKDZENUQ1MEU4OEI5RDY1RThBRkRBMjhDMkNFQTYxNTAx
MjcwMzg2MDgwHhcNMjIxMjIwMDE0MzQwWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ExMTM0Yy00ODllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA399sLElqhIjNIplka6WfHjyN+FfmJwbdhY5rqNSQ+M/BqQSgiWrWNU++8fmO
AkFu/ZvM+5WrGLbFIA73+vfsc7QrSR02tzSpXoIWVutByKCIW1vtNSvQa8eCR4ra
qzQ3gfJOkTL7cF9H4xdd8CSyXKic46DuUDgSbxLPXHfFdl29LCRNYK47F6DKpMK0
R995mpt1q+G0PqsBDgV8DT96bE5A+/fzNOlfzykSiwZ7Qj9GkpYn0idLvcu/UX31
hSVCb5JWgpG+UPriaWuFdeTpe41SbFnfkPp1rTkBLjbBG7wXYTVM+tW/FQdbsJcc
KMN44THxRO8jh23HkHyuEY9MrwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFGMwnelO
5q/xHs0KI1fAcDyK0Ar+MB8GA1UdIwQYMBaAFG1dUOiLnWXor9oows6mFQEnA4YI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BRTQ0RDI0QURC
RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9iVjFRNkl1ZFplaXYyaWpDenFZVkFTY0Ro
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JWMVE2SXVkWmVpdjJpakN6cVlWQVNjRGhnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTkxQkMvQUU0NEQyNEFEQkU5MTFFQzk1MTEwNTE1QzRGOUFFMDIvQjE1NzFFRENE
QzU0MTFFQzkwQzJCNTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEAwDAMEAMoMVwMEAMoMWgMEAcsADAMEAssDfAMEAMsE4gMEAssM
7AMEAMsOmDAMAwQByw6aAwQFyw6AAwQAyxt+MA0GCSqGSIb3DQEBCwUAA4IBAQBg
N0vmfwkurkhVeVj1DANOP0RK4U59YJNtX2Jrackq+zceWQa6bilEcmK0xQrNk46d
8gImv21rA8oBj98OvDCo1WHbQU+XytrN2u/74IIN0VEHWnF6sxCvUDJwzTs0Wakd
s0A44s5TjqwKpnJ8/Osafe5eq9DuchfMGD9AzGQSGs3Z0oSKxZ7GIG7gw8phk/5T
g23/ht5ft74joIyX++xapjaXMKfWHKnEMr4i1W6erRG/CnjyYLU5lyJj3DJ2b/7X
GZ47yOrsC5zC6n6W5LhNCrX8vcuscddVweQsWa/bfRUuDNhClfJ/g77MIyxxfnvo
LwCK5ibeowVFsTdAfmy7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:09 2025 by rpki-client