Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/F94114A60F8211EFBCF6C65FC4F9AE02.roa
File: F94114A60F8211EFBCF6C65FC4F9AE02.roa (raw, json)
Hash identifier: kK/vsakFHJd3yNI+HT/ZKlEKbvk+dwkzp1G+fMFMgqU=
Subject key identifier: 78:C8:D1:F9:3A:3B:36:FE:9D:03:37:CD:66:0A:97:FD:A3:74:02:EF
Certificate issuer: /CN=A914B29B/serialNumber=C4F7F39E62F4C9D78C5E12FDC151AE4E32BC9A42
Certificate serial: 02
Authority key identifier: C4:F7:F3:9E:62:F4:C9:D7:8C:5E:12:FD:C1:51:AE:4E:32:BC:9A:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/F94114A60F8211EFBCF6C65FC4F9AE02.roa
Signing time: Sat 11 May 2024 10:41:07 +0000
ROA not before: Sat 11 May 2024 10:41:07 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 61112
IP address blocks: 103.255.208.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914B29B, serialNumber=C4F7F39E62F4C9D78C5E12FDC151AE4E32BC9A42
Validity
Not Before: May 11 10:41:07 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=663f4b43-f0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:9c:99:db:0e:03:ba:15:5e:c2:12:aa:52:
f0:bd:ce:a3:9c:60:2d:f2:fb:f7:9c:26:23:c9:c5:
23:95:6a:06:1f:a8:1d:91:f9:3a:bc:6d:95:a2:11:
e1:5b:eb:00:c6:3d:72:40:b3:4e:fa:fb:d4:ae:0a:
92:ef:ab:9f:fb:77:52:01:86:89:6b:a8:11:de:a5:
58:f3:77:f0:d2:5b:9f:40:b9:04:34:82:6f:0d:48:
7f:31:2c:1f:1f:a6:60:f9:a7:81:6e:a8:80:f2:f9:
4f:d4:be:27:98:29:40:ab:b5:7a:cf:8c:18:50:2a:
65:f6:79:9a:76:af:80:77:70:10:cc:8e:d9:4a:ef:
06:1e:7c:ef:f8:83:34:ef:17:c5:10:d1:6d:3b:59:
7e:2f:93:e2:41:f9:59:96:05:29:57:24:17:ca:64:
61:e4:a6:ab:3a:3d:da:e0:19:b1:4c:1c:f9:f1:5b:
69:33:35:71:b4:8e:7b:b2:b7:bc:72:9e:9a:b0:63:
88:de:d5:df:ae:9c:cb:b8:ef:7b:e7:b1:17:60:d6:
3c:9f:e2:74:ac:c5:fb:e5:f1:09:39:d3:b4:53:63:
07:14:de:4b:79:8a:cb:bc:67:2c:47:23:95:15:72:
7b:f6:17:34:e7:17:d0:3b:80:7b:f7:d8:93:01:d5:
39:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C8:D1:F9:3A:3B:36:FE:9D:03:37:CD:66:0A:97:FD:A3:74:02:EF
X509v3 Authority Key Identifier:
keyid:C4:F7:F3:9E:62:F4:C9:D7:8C:5E:12:FD:C1:51:AE:4E:32:BC:9A:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/xPfznmL0ydeMXhL9wVGuTjK8mkI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPfznmL0ydeMXhL9wVGuTjK8mkI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B29B/8A3E1D1A0F8211EF8266F05EC4F9AE02/F94114A60F8211EFBCF6C65FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.208.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:78:1b:df:51:3f:24:37:1d:65:08:38:ef:a6:b9:9e:90:b8:
79:82:63:a0:ef:07:4e:4a:44:d8:69:13:84:1b:dd:31:17:2c:
71:d9:aa:ff:ec:15:b7:cf:64:32:96:b2:30:31:31:2c:9d:bd:
ce:76:e0:9e:bd:25:0f:ba:f3:15:c0:fc:fa:c6:06:06:83:f2:
53:0a:5e:26:9b:60:e1:13:3d:aa:b3:21:b9:06:32:23:99:ad:
0a:66:5d:62:22:7b:f9:b8:71:8c:a8:7f:e3:f9:9b:b3:49:a2:
60:b1:d8:0a:49:7b:e7:fe:55:1c:9e:a3:0d:ae:d2:1a:87:65:
b7:8a:7b:3c:b3:04:68:a0:cc:41:50:05:47:a7:49:71:24:f6:
36:06:4a:73:7c:fc:6f:81:72:4b:d9:af:a0:65:47:c5:12:f0:
2e:19:7e:97:05:70:05:ec:bb:81:63:21:8a:28:5d:fa:c1:48:
ac:0b:c0:be:d8:40:f0:8e:83:95:73:96:fe:f2:53:3f:db:ab:
a5:16:cc:c5:4c:03:17:48:b7:ce:de:93:19:b6:61:c8:99:c3:
ff:fe:c9:a5:32:59:3d:c7:9b:b6:3a:8f:77:83:be:ce:2b:2a:
a6:f5:cb:6f:90:90:fd:37:c2:df:ad:42:9a:4f:57:7b:4f:ce:
ff:fa:94:66
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QjI5QjExMC8GA1UEBRMoQzRGN0YzOUU2MkY0QzlENzhDNUUxMkZEQzE1MUFFNEUz
MkJDOUE0MjAeFw0yNDA1MTExMDQxMDdaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2M2Y0YjQzLWYwYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqK5yZ2w4DuhVewhKqUvC9zqOcYC3y+/ecJiPJxSOVagYfqB2R+Tq8bZWiEeFb
6wDGPXJAs076+9SuCpLvq5/7d1IBholrqBHepVjzd/DSW59AuQQ0gm8NSH8xLB8f
pmD5p4FuqIDy+U/UvieYKUCrtXrPjBhQKmX2eZp2r4B3cBDMjtlK7wYefO/4gzTv
F8UQ0W07WX4vk+JB+VmWBSlXJBfKZGHkpqs6PdrgGbFMHPnxW2kzNXG0jnuyt7xy
npqwY4je1d+unMu473vnsRdg1jyf4nSsxfvl8Qk507RTYwcU3kt5isu8ZyxHI5UV
cnv2FzTnF9A7gHv32JMB1TmxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUeMjR+To7
Nv6dAzfNZgqX/aN0Au8wHwYDVR0jBBgwFoAUxPfznmL0ydeMXhL9wVGuTjK8mkIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCMjlCLzhBM0UxRDFBMEY4
MjExRUY4MjY2RjA1RUM0RjlBRTAyL3hQZnpubUwweWRlTVhoTDl3Vkd1VGpLOG1r
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveFBmem5tTDB5ZGVNWGhMOXdWR3VUaks4bWtJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QjI5Qi84QTNFMUQxQTBGODIxMUVGODI2NkYwNUVDNEY5QUUwMi9GOTQxMTRBNjBG
ODIxMUVGQkNGNkM2NUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWf/0DANBgkqhkiG9w0BAQsFAAOCAQEAmngb31E/JDcdZQg4
76a5npC4eYJjoO8HTkpE2GkThBvdMRcscdmq/+wVt89kMpayMDExLJ29znbgnr0l
D7rzFcD8+sYGBoPyUwpeJptg4RM9qrMhuQYyI5mtCmZdYiJ7+bhxjKh/4/mbs0mi
YLHYCkl75/5VHJ6jDa7SGodlt4p7PLMEaKDMQVAFR6dJcST2NgZKc3z8b4FyS9mv
oGVHxRLwLhl+lwVwBey7gWMhiihd+sFIrAvAvthA8I6DlXOW/vJTP9urpRbMxUwD
F0i3zt6TGbZhyJnD//7JpTJZPcebtjqPd4O+zisqpvXLb5CQ/TfC361Cmk9Xe0/O
//qUZg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:43:22 2025 by rpki-client