Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/3B10BD3E961511ED9E799C14C4F9AE02.roa
File: 3B10BD3E961511ED9E799C14C4F9AE02.roa (raw, json)
Hash identifier: 1pwN/p77CSOsb2J2SOnsTcrwIXFKVDzR0VVXBqJ5NAM=
Subject key identifier: 72:BE:80:0E:30:B5:E8:C5:D4:6F:33:42:7D:0C:1A:82:13:F9:EC:F3
Certificate issuer: /CN=A91F8E9B/serialNumber=446792439258182A7A1E4DA4B2C06FAD2AAEE4B9
Certificate serial: 04
Authority key identifier: 44:67:92:43:92:58:18:2A:7A:1E:4D:A4:B2:C0:6F:AD:2A:AE:E4:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RGeSQ5JYGCp6Hk2kssBvrSqu5Lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/3B10BD3E961511ED9E799C14C4F9AE02.roa
Signing time: Tue 17 Jan 2023 03:15:45 +0000
ROA not before: Tue 17 Jan 2023 03:15:45 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 24006
IP address blocks: 202.160.56.0/21 maxlen: 21
2400:b400::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8E9B
Validity
Not Before: Jan 17 03:15:45 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63c612e1-923c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:01:5f:29:74:6c:7d:c8:bd:5f:94:08:b3:2b:
4e:56:53:3e:72:fb:91:4f:98:85:58:f0:a2:19:15:
7f:1e:c5:92:37:90:1a:7b:38:30:5c:50:e1:b7:81:
9b:96:db:e5:44:23:6a:89:76:3d:2f:5b:ca:1f:20:
be:32:85:c3:29:ce:fa:4b:a8:e0:26:51:f1:a2:01:
e8:46:fa:a7:8f:25:1c:26:b6:83:5d:a2:90:f8:6d:
eb:7c:cb:f8:73:6a:b2:7a:66:fd:a0:ed:19:24:c3:
c4:ed:b4:19:4f:48:35:a0:f7:4d:06:17:74:8d:d6:
9f:e5:f7:a5:f3:e8:05:ca:b1:4a:36:d4:44:52:05:
80:71:89:74:ff:e8:f0:72:8e:c1:7c:1f:88:88:9b:
39:07:75:bd:2e:1f:07:e4:29:b8:c7:f2:f5:af:d6:
66:7d:a9:d8:dc:a4:85:a6:f3:d1:44:40:ef:03:f3:
09:d1:23:08:d6:1a:84:c9:f5:0f:64:db:fa:80:b5:
4e:7c:97:31:e6:86:0d:48:19:56:8c:7e:5d:25:7f:
21:18:88:88:94:c5:78:26:29:f7:4a:22:f3:c3:8a:
2f:b7:e2:99:44:e9:bc:35:1a:df:f5:42:6b:6c:94:
34:f2:c8:c3:9f:1b:b1:ea:43:6f:58:0a:1e:9c:53:
2f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BE:80:0E:30:B5:E8:C5:D4:6F:33:42:7D:0C:1A:82:13:F9:EC:F3
X509v3 Authority Key Identifier:
keyid:44:67:92:43:92:58:18:2A:7A:1E:4D:A4:B2:C0:6F:AD:2A:AE:E4:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/RGeSQ5JYGCp6Hk2kssBvrSqu5Lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RGeSQ5JYGCp6Hk2kssBvrSqu5Lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E9B/69EB42C0960E11ED9A4CEA65C4F9AE02/3B10BD3E961511ED9E799C14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.160.56.0/21
IPv6:
2400:b400::/48
Signature Algorithm: sha256WithRSAEncryption
52:55:0e:45:59:f9:37:89:9b:98:e5:75:32:ee:b0:09:46:9c:
65:bf:60:86:c1:4d:7f:6a:cd:a3:c7:6a:86:f5:08:25:3b:78:
f1:53:51:18:f8:8d:89:d4:f8:d5:86:3b:9b:4d:11:fa:b2:75:
1b:4e:23:6a:86:1f:5b:ba:bb:5d:90:35:b9:6d:aa:17:2e:bd:
8a:85:b1:8b:0e:0d:ee:6c:74:7e:22:12:16:36:b0:5a:cf:23:
20:42:c7:b7:0d:09:6a:6e:ac:ff:a4:e8:5b:ea:70:b1:ca:7f:
c1:28:d1:75:91:18:f6:f2:46:fc:b0:8a:0b:65:32:68:5c:65:
53:47:86:2b:31:fb:23:81:6b:67:1e:d4:3a:fa:92:9f:26:8b:
5a:88:e2:5f:80:61:d9:90:bb:8c:f3:25:38:c6:1e:09:4b:aa:
d2:93:b2:c6:ae:fb:f6:50:41:d1:4f:bd:39:b9:19:03:25:d2:
23:66:68:1e:84:31:e7:a5:e6:4a:90:3a:97:34:1b:29:7b:d3:
2b:a2:4e:83:dc:78:ef:f8:3b:2a:65:7d:6f:52:b7:15:2d:66:
bb:67:85:e3:44:0a:72:20:f4:ce:8a:2e:79:c4:6f:ee:7b:f7:
06:12:d8:0c:51:d0:61:68:ee:f7:e2:1c:83:45:9f:1d:8e:50:
33:ca:ab:6b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
OEU5QjExMC8GA1UEBRMoNDQ2NzkyNDM5MjU4MTgyQTdBMUU0REE0QjJDMDZGQUQy
QUFFRTRCOTAeFw0yMzAxMTcwMzE1NDVaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYzYxMmUxLTkyM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQAV8pdGx9yL1flAizK05WUz5y+5FPmIVY8KIZFX8exZI3kBp7ODBcUOG3gZuW
2+VEI2qJdj0vW8ofIL4yhcMpzvpLqOAmUfGiAehG+qePJRwmtoNdopD4bet8y/hz
arJ6Zv2g7Rkkw8TttBlPSDWg900GF3SN1p/l96Xz6AXKsUo21ERSBYBxiXT/6PBy
jsF8H4iImzkHdb0uHwfkKbjH8vWv1mZ9qdjcpIWm89FEQO8D8wnRIwjWGoTJ9Q9k
2/qAtU58lzHmhg1IGVaMfl0lfyEYiIiUxXgmKfdKIvPDii+34plE6bw1Gt/1Qmts
lDTyyMOfG7HqQ29YCh6cUy8zAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUcr6ADjC1
6MXUbzNCfQwaghP57PMwHwYDVR0jBBgwFoAURGeSQ5JYGCp6Hk2kssBvrSqu5Lkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4RTlCLzY5RUI0MkMwOTYw
RTExRUQ5QTRDRUE2NUM0RjlBRTAyL1JHZVNRNUpZR0NwNkhrMmtzc0J2clNxdTVM
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUkdlU1E1SllHQ3A2SGsya3NzQnZyU3F1NUxrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OEU5Qi82OUVCNDJDMDk2MEUxMUVEOUE0Q0VBNjVDNEY5QUUwMi8zQjEwQkQzRTk2
MTUxMUVEOUU3OTlDMTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEA8qgODAPBAIAAjAJAwcAJAC0AAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBSVQ5FWfk3iZuY5XUy7rAJRpxlv2CGwU1/as2jx2qG9QglO3jxU1EY+I2J
1PjVhjubTRH6snUbTiNqhh9burtdkDW5baoXLr2KhbGLDg3ubHR+IhIWNrBazyMg
Qse3DQlqbqz/pOhb6nCxyn/BKNF1kRj28kb8sIoLZTJoXGVTR4YrMfsjgWtnHtQ6
+pKfJotaiOJfgGHZkLuM8yU4xh4JS6rSk7LGrvv2UEHRT705uRkDJdIjZmgehDHn
peZKkDqXNBspe9Mrok6D3Hjv+DsqZX1vUrcVLWa7Z4XjRApyIPTOii55xG/ue/cG
EtgMUdBhaO734hyDRZ8djlAzyqtr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:36 2025 by rpki-client