Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/1F8A1C62D3FF11EEAF42A836C4F9AE02.roa
File: 1F8A1C62D3FF11EEAF42A836C4F9AE02.roa (raw, json)
Hash identifier: Ucnhmh2cGzPW3yLj/bvC6rZoU3AqadgGqStAx86EHyU=
Subject key identifier: EF:6D:46:D3:A5:E2:FE:1C:7F:45:D2:C6:BB:41:43:98:8E:A0:B7:03
Certificate issuer: /CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Certificate serial: 037C
Authority key identifier: 50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/1F8A1C62D3FF11EEAF42A836C4F9AE02.roa
Signing time: Thu 29 Feb 2024 08:48:32 +0000
ROA not before: Thu 29 Feb 2024 08:48:32 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 152151
IP address blocks: 103.152.117.0/24 maxlen: 24
103.152.117.0/26 maxlen: 26
103.152.117.64/26 maxlen: 26
103.152.117.128/26 maxlen: 26
103.152.117.192/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 892 (0x37c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE06
Validity
Not Before: Feb 29 08:48:32 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65e044df-8bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:93:67:c9:a4:7f:9f:1e:ef:79:b8:87:9e:37:
3b:32:69:b3:60:99:35:a7:49:5f:c9:88:96:71:51:
a3:2d:bd:db:10:6c:46:1f:98:c0:9a:f6:c6:a9:ab:
cb:ea:06:49:75:22:bb:d9:98:6d:0f:9c:92:f0:25:
d0:14:72:ff:01:dd:d9:fb:7e:51:5c:d6:cb:da:2c:
62:45:17:bc:7b:89:46:b3:1a:42:4b:cf:bb:ba:b4:
5a:04:60:3a:2a:c0:19:85:50:cc:15:13:c7:f8:35:
af:e3:ba:a2:46:3f:e6:a1:d2:cc:15:91:2e:5e:9f:
d9:2a:7b:d2:28:fa:0b:f4:a5:f4:6e:5c:59:2c:25:
4c:b7:d3:c4:31:9b:dc:d4:f3:77:83:3e:b7:fd:77:
78:6f:1e:fc:a8:3a:e6:de:e1:64:01:bc:c6:6e:81:
fb:5f:6b:d6:24:5b:cc:61:a4:4c:7b:a7:ff:eb:a6:
aa:7c:06:7c:79:f2:f3:c2:1a:02:76:99:6f:aa:0e:
bf:bf:70:9b:8b:73:4a:e8:83:3b:9b:6c:84:f5:94:
fa:0a:13:91:7a:79:e8:08:4d:4f:42:4a:39:ae:0c:
9d:0e:35:74:0a:aa:5d:96:f5:a5:1e:bb:6f:45:60:
0c:bd:bb:45:06:aa:98:c7:cd:a4:b8:e6:3b:ff:2c:
6d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6D:46:D3:A5:E2:FE:1C:7F:45:D2:C6:BB:41:43:98:8E:A0:B7:03
X509v3 Authority Key Identifier:
keyid:50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/UHOVHlwVgmk6hwcu5UjGVIWwWiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/1F8A1C62D3FF11EEAF42A836C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.117.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:1c:63:b3:45:18:bd:87:57:36:92:2b:58:9c:04:b9:0c:f2:
1f:5f:ae:4c:55:ff:91:bc:a4:9a:2c:27:62:b7:6c:52:78:bc:
ee:85:f1:55:39:e6:fc:40:a1:9b:57:37:51:ba:1e:eb:67:f8:
d4:69:16:e9:cc:92:5e:ea:e2:bf:a8:6d:0f:9d:48:31:c4:8a:
e4:12:eb:c1:1e:8b:dc:97:87:47:93:51:dd:59:cb:70:c5:d1:
85:4a:f1:ee:f8:e7:47:d2:19:48:ea:36:55:42:43:a7:b6:b8:
39:08:8a:ae:c3:71:96:49:e1:ae:35:1b:b5:41:7d:7f:de:82:
6a:14:ad:35:e0:fc:5c:a5:cc:7f:6b:78:14:12:76:c7:51:a5:
61:59:a6:cc:7a:0f:a5:bf:d4:dc:54:d4:6e:03:4c:f0:a4:60:
89:ae:5f:d9:3f:4b:5f:a5:b6:80:af:36:8b:9b:a5:86:64:69:
1e:b8:95:9d:e4:67:d0:1c:82:52:2c:5e:6d:3b:71:6d:e2:e0:
5b:ed:e4:20:26:bb:ed:1d:a5:39:75:77:64:57:3c:69:86:14:
df:16:1b:38:f7:2f:77:1d:22:61:a5:34:16:98:42:55:37:c7:
2f:38:38:e4:72:cf:62:42:a2:5d:a8:fe:48:7d:34:e9:6a:b7:
9d:6e:42:d8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMDYxMTAvBgNVBAUTKDUwNzM5NTFFNUMxNTgyNjkzQTg3MDcyRUU1NDhDNjU0
ODVCMDVBMkMwHhcNMjQwMjI5MDg0ODMyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUwNDRkZi04YmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ZNnyaR/nx7vebiHnjc7MmmzYJk1p0lfyYiWcVGjLb3bEGxGH5jAmvbGqavL
6gZJdSK72ZhtD5yS8CXQFHL/Ad3Z+35RXNbL2ixiRRe8e4lGsxpCS8+7urRaBGA6
KsAZhVDMFRPH+DWv47qiRj/modLMFZEuXp/ZKnvSKPoL9KX0blxZLCVMt9PEMZvc
1PN3gz63/Xd4bx78qDrm3uFkAbzGboH7X2vWJFvMYaRMe6f/66aqfAZ8efLzwhoC
dplvqg6/v3Cbi3NK6IM7m2yE9ZT6ChORennoCE1PQko5rgydDjV0CqpdlvWlHrtv
RWAMvbtFBqqYx82kuOY7/yxtXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFO9tRtOl
4v4cf0XSxrtBQ5iOoLcDMB8GA1UdIwQYMBaAFFBzlR5cFYJpOocHLuVIxlSFsFos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUwNi8wNTU5RUVBRTVD
QkUxMUVDQjI3M0RDN0NDNEY5QUUwMi9VSE9WSGx3VmdtazZod2N1NVVqR1ZJV3dX
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VIT1ZIbHdWZ21rNmh3Y3U1VWpHVklXd1dpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMDYvMDU1OUVFQUU1Q0JFMTFFQ0IyNzNEQzdDQzRGOUFFMDIvMUY4QTFDNjJE
M0ZGMTFFRUFGNDJBODM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmHUwDQYJKoZIhvcNAQELBQADggEBAAscY7NFGL2HVzaS
K1icBLkM8h9frkxV/5G8pJosJ2K3bFJ4vO6F8VU55vxAoZtXN1G6Hutn+NRpFunM
kl7q4r+obQ+dSDHEiuQS68Eei9yXh0eTUd1Zy3DF0YVK8e7450fSGUjqNlVCQ6e2
uDkIiq7DcZZJ4a41G7VBfX/egmoUrTXg/FylzH9reBQSdsdRpWFZpsx6D6W/1NxU
1G4DTPCkYImuX9k/S1+ltoCvNoubpYZkaR64lZ3kZ9AcglIsXm07cW3i4Fvt5CAm
u+0dpTl1d2RXPGmGFN8WGzj3L3cdImGlNBaYQlU3xy84OORyz2JCol2o/kh9NOlq
t51uQtg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:15 2025 by rpki-client