Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122B85/CCBBABEA9F6411EFA931473CC4F9AE02/A8AFEBE89F6A11EF89095367C4F9AE02.roa
File: A8AFEBE89F6A11EF89095367C4F9AE02.roa (raw, json)
Hash identifier: oDvaXMFE1ES45G6WiAkMxuIPDkIw1crX7ATSsqcotXo=
Subject key identifier: BE:D0:CE:6B:B0:5C:BB:E8:F1:4A:A7:4A:3F:A3:CB:29:87:4D:49:BE
Certificate issuer: /CN=A9122B85/serialNumber=C5564DEC101663BF43D3F2E340394C00766A63E3
Certificate serial: 02
Authority key identifier: C5:56:4D:EC:10:16:63:BF:43:D3:F2:E3:40:39:4C:00:76:6A:63:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xVZN7BAWY79D0_LjQDlMAHZqY-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122B85/CCBBABEA9F6411EFA931473CC4F9AE02/A8AFEBE89F6A11EF89095367C4F9AE02.roa
Signing time: Sun 10 Nov 2024 13:49:52 +0000
ROA not before: Sun 10 Nov 2024 13:49:52 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 147009
IP address blocks: 160.191.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122B85, serialNumber=C5564DEC101663BF43D3F2E340394C00766A63E3
Validity
Not Before: Nov 10 13:49:52 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6730b9ff-77c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7d:6b:ff:9c:9d:48:14:1e:50:84:01:27:cc:
26:f7:c7:0b:33:28:fb:3b:b7:96:62:f7:1e:80:23:
22:16:ef:1d:b3:a6:8a:92:90:41:0f:c6:cd:bc:e2:
4a:2b:47:8a:b3:c1:9d:dc:21:c6:42:b8:3d:1a:5f:
91:a8:da:a1:07:dd:71:3b:be:b9:6b:c3:11:0a:b6:
3d:72:ec:5e:c3:bc:95:80:93:58:d0:cd:bd:66:3b:
2c:2f:e7:fb:18:eb:dc:8e:10:a5:4c:92:ab:e7:db:
ed:95:3c:9d:1f:82:08:b6:3b:23:16:3a:cd:ac:ef:
28:9a:51:45:1f:a6:54:c5:11:2d:3f:68:ef:b6:91:
03:2a:d9:c2:3a:59:41:e6:56:19:64:12:1a:d2:55:
15:4b:35:f9:ea:58:3e:d9:42:4f:1a:75:94:0e:09:
dc:db:56:17:ea:11:09:69:44:c3:0b:b5:80:f8:a5:
23:fe:b4:ce:02:38:8e:53:6c:06:69:bc:9d:79:35:
8e:8f:72:ed:20:8e:94:6a:9f:b5:dc:91:24:27:2d:
c8:41:cc:9c:31:ca:ab:fc:f2:d2:55:b4:e1:fc:fc:
4a:8b:70:12:03:a6:c4:f0:fd:72:c6:ea:80:12:78:
f2:2f:1f:b1:10:73:de:a3:26:2f:9f:7f:2f:40:4b:
67:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D0:CE:6B:B0:5C:BB:E8:F1:4A:A7:4A:3F:A3:CB:29:87:4D:49:BE
X509v3 Authority Key Identifier:
keyid:C5:56:4D:EC:10:16:63:BF:43:D3:F2:E3:40:39:4C:00:76:6A:63:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122B85/CCBBABEA9F6411EFA931473CC4F9AE02/xVZN7BAWY79D0_LjQDlMAHZqY-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xVZN7BAWY79D0_LjQDlMAHZqY-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122B85/CCBBABEA9F6411EFA931473CC4F9AE02/A8AFEBE89F6A11EF89095367C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.212.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:79:74:a0:24:31:20:c5:08:90:72:50:ad:35:69:e2:81:d5:
79:ca:8d:00:9d:9b:dd:65:d8:50:1e:22:9a:63:aa:3c:43:a6:
b4:1e:63:99:34:44:9b:59:d5:84:dc:87:7c:0c:17:d2:f1:1e:
16:e7:4a:0c:79:87:5f:f5:69:09:c6:d4:b9:fa:e5:3e:7d:5d:
76:10:c7:b0:96:9a:85:b8:8f:02:be:7b:42:da:c4:4d:ef:98:
1e:06:99:3a:ea:d5:c7:1d:fc:e2:6a:59:75:ad:aa:b9:55:be:
05:d3:96:4f:45:ab:cf:75:bf:53:af:af:eb:f7:c8:fc:8c:eb:
0d:ed:04:d3:4b:ec:9d:7f:60:44:67:01:63:9f:fa:d8:a9:62:
29:56:e1:fc:5c:cd:c1:1b:dc:e1:3f:8c:f3:27:4e:6e:1a:65:
41:f4:f9:25:05:14:33:e0:c7:ef:9e:f9:32:6a:2e:96:d5:84:
f0:93:0c:48:10:c7:95:93:9a:d9:3a:7e:7c:01:1c:e6:30:0f:
20:f8:ef:9f:46:4c:69:ca:cc:41:3d:19:55:c8:99:49:07:98:
ca:1f:f8:b5:50:6a:4c:61:30:f3:c1:49:7d:59:81:19:89:dd:
0a:a5:9a:fe:de:1d:0d:23:97:a4:50:b4:82:b2:cb:e0:a0:6c:
ae:72:e6:85
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MkI4NTExMC8GA1UEBRMoQzU1NjRERUMxMDE2NjNCRjQzRDNGMkUzNDAzOTRDMDA3
NjZBNjNFMzAeFw0yNDExMTAxMzQ5NTJaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MzBiOWZmLTc3YzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCefWv/nJ1IFB5QhAEnzCb3xwszKPs7t5Zi9x6AIyIW7x2zpoqSkEEPxs284kor
R4qzwZ3cIcZCuD0aX5Go2qEH3XE7vrlrwxEKtj1y7F7DvJWAk1jQzb1mOywv5/sY
69yOEKVMkqvn2+2VPJ0fggi2OyMWOs2s7yiaUUUfplTFES0/aO+2kQMq2cI6WUHm
VhlkEhrSVRVLNfnqWD7ZQk8adZQOCdzbVhfqEQlpRMMLtYD4pSP+tM4COI5TbAZp
vJ15NY6Pcu0gjpRqn7XckSQnLchBzJwxyqv88tJVtOH8/EqLcBIDpsTw/XLG6oAS
ePIvH7EQc96jJi+ffy9AS2ehAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvtDOa7Bc
u+jxSqdKP6PLKYdNSb4wHwYDVR0jBBgwFoAUxVZN7BAWY79D0/LjQDlMAHZqY+Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIyQjg1L0NDQkJBQkVBOUY2
NDExRUZBOTMxNDczQ0M0RjlBRTAyL3hWWk43QkFXWTc5RDBfTGpRRGxNQUhacVkt
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveFZaTjdCQVdZNzlEMF9MalFEbE1BSFpxWS1NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MkI4NS9DQ0JCQUJFQTlGNjQxMUVGQTkzMTQ3M0NDNEY5QUUwMi9BOEFGRUJFODlG
NkExMUVGODkwOTUzNjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC/1DANBgkqhkiG9w0BAQsFAAOCAQEAa3l0oCQxIMUIkHJQ
rTVp4oHVecqNAJ2b3WXYUB4immOqPEOmtB5jmTREm1nVhNyHfAwX0vEeFudKDHmH
X/VpCcbUufrlPn1ddhDHsJaahbiPAr57QtrETe+YHgaZOurVxx384mpZda2quVW+
BdOWT0Wrz3W/U6+v6/fI/IzrDe0E00vsnX9gRGcBY5/62KliKVbh/FzNwRvc4T+M
8ydObhplQfT5JQUUM+DH7575MmoultWE8JMMSBDHlZOa2Tp+fAEc5jAPIPjvn0ZM
acrMQT0ZVciZSQeYyh/4tVBqTGEw88FJfVmBGYndCqWa/t4dDSOXpFC0grLL4KBs
rnLmhQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:41:24 2025 by rpki-client