Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/6E823DC2C91811EFA7279387C4F9AE02.roa
File: 6E823DC2C91811EFA7279387C4F9AE02.roa (raw, json)
Hash identifier: bPRNQrkaWo9aS23ocOp+RGPREmsK5Mb64DLO7yXggyw=
Subject key identifier: 13:12:BC:3E:F1:5C:C9:CF:44:BE:1E:3E:C8:AD:BB:23:76:24:92:93
Certificate issuer: /CN=A914C002/serialNumber=924A2017564ADAFB2236A20FBF73ADA1B96BFF33
Certificate serial: C8
Authority key identifier: 92:4A:20:17:56:4A:DA:FB:22:36:A2:0F:BF:73:AD:A1:B9:6B:FF:33
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkogF1ZK2vsiNqIPv3Otoblr_zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/6E823DC2C91811EFA7279387C4F9AE02.roa
Signing time: Thu 02 Jan 2025 14:47:04 +0000
ROA not before: Thu 02 Jan 2025 14:47:04 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 137030
IP address blocks: 157.10.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200 (0xc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C002, serialNumber=924A2017564ADAFB2236A20FBF73ADA1B96BFF33
Validity
Not Before: Jan 2 14:47:04 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6776a6e8-1393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:da:8e:43:a6:92:b3:2d:97:72:31:00:b0:58:
21:09:c6:e5:85:ea:89:21:30:8e:2f:5c:e3:3c:47:
d5:f7:7e:ea:73:3d:16:b7:44:4e:52:7d:0e:ae:ec:
80:04:de:20:6e:f1:48:24:72:52:59:5d:fa:5d:d6:
dd:60:79:38:c4:aa:c6:27:1a:75:4a:20:ae:fd:fb:
f8:31:c5:f9:b9:70:a0:0d:d8:f0:ef:3f:56:4d:39:
09:28:dc:cd:fa:dc:97:b3:1c:19:0d:fd:61:90:cb:
6a:e7:a9:9d:a4:21:6f:84:4d:74:79:67:68:96:68:
a4:17:68:d4:40:f0:7c:1f:4e:62:4c:76:fa:39:51:
fa:22:a4:dc:02:38:d7:98:e3:c0:67:6e:36:86:86:
b2:f8:2b:85:dc:ef:d8:05:60:83:f2:e1:69:0c:5a:
08:0e:b7:f4:ad:04:ff:28:a7:d8:2e:63:63:ae:96:
33:2d:46:14:86:f5:1a:4a:96:cb:e6:a1:ac:95:ca:
3f:76:0a:9a:35:43:1c:bb:63:ff:61:f6:ca:53:38:
60:a8:c6:76:75:3d:a3:52:1a:3a:f0:1d:10:92:9c:
22:ef:cf:52:56:c1:64:5c:10:34:d6:2c:a5:54:b2:
d3:ee:18:2e:a9:e5:e0:ba:22:5e:74:bf:f4:f6:99:
8c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:12:BC:3E:F1:5C:C9:CF:44:BE:1E:3E:C8:AD:BB:23:76:24:92:93
X509v3 Authority Key Identifier:
keyid:92:4A:20:17:56:4A:DA:FB:22:36:A2:0F:BF:73:AD:A1:B9:6B:FF:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/kkogF1ZK2vsiNqIPv3Otoblr_zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkogF1ZK2vsiNqIPv3Otoblr_zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/6E823DC2C91811EFA7279387C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.29.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a7:06:2d:9d:4a:ca:c1:45:0b:1f:8a:fe:59:44:aa:44:af:
33:69:3a:f9:8c:70:4a:34:10:1f:8c:d1:6f:83:40:59:6c:85:
30:ac:dd:3e:dd:7b:a0:7a:8b:0b:17:e6:41:55:78:70:3c:ae:
43:2c:ee:93:36:53:f2:7b:15:65:14:28:f6:63:a4:a1:75:e0:
93:9d:8a:d8:e1:33:f5:0f:d9:9a:f9:59:78:bf:c0:e9:eb:e9:
cf:97:78:38:d2:b7:0d:c7:1e:f4:6c:8e:56:a3:11:72:0c:6c:
29:02:64:7f:b3:9e:5f:85:54:8a:ae:b6:24:27:e3:f8:8d:ee:
2f:b2:f4:78:09:49:2a:57:7c:e8:93:28:3c:e8:f7:a6:af:5c:
18:69:04:cb:1c:4c:db:dd:27:2e:74:64:2e:66:89:de:36:a8:
54:4b:8a:b4:6a:c2:b3:46:ab:07:51:4a:ee:f8:e3:cf:a9:c8:
b0:12:02:e2:15:74:c7:dd:28:4a:da:94:b0:d0:e0:5c:31:1b:
ac:59:e1:7d:fb:25:a9:16:b2:1f:81:29:00:10:32:99:68:77:
5f:1c:02:ad:45:05:b7:b8:d9:3f:43:67:16:be:ad:37:4e:03:
31:69:6b:60:99:82:01:9b:33:7c:1a:8d:4f:93:9f:2a:15:8e:
22:27:61:7d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMwMDIxMTAvBgNVBAUTKDkyNEEyMDE3NTY0QURBRkIyMjM2QTIwRkJGNzNBREEx
Qjk2QkZGMzMwHhcNMjUwMTAyMTQ0NzA0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc2YTZlOC0xMzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu9qOQ6aSsy2XcjEAsFghCcblheqJITCOL1zjPEfV937qcz0Wt0ROUn0OruyA
BN4gbvFIJHJSWV36XdbdYHk4xKrGJxp1SiCu/fv4McX5uXCgDdjw7z9WTTkJKNzN
+tyXsxwZDf1hkMtq56mdpCFvhE10eWdolmikF2jUQPB8H05iTHb6OVH6IqTcAjjX
mOPAZ242hoay+CuF3O/YBWCD8uFpDFoIDrf0rQT/KKfYLmNjrpYzLUYUhvUaSpbL
5qGslco/dgqaNUMcu2P/YfbKUzhgqMZ2dT2jUho68B0Qkpwi789SVsFkXBA01iyl
VLLT7hguqeXguiJedL/09pmMUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBMSvD7x
XMnPRL4ePsituyN2JJKTMB8GA1UdIwQYMBaAFJJKIBdWStr7IjaiD79zraG5a/8z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzAwMi9DMDFEMEMwQ0E5
MjUxMUVFQUM0QkRCNTdDNEY5QUUwMi9ra29nRjFaSzJ2c2lOcUlQdjNPdG9ibHJf
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2trb2dGMVpLMnZzaU5xSVB2M090b2Jscl96TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMwMDIvQzAxRDBDMENBOTI1MTFFRUFDNEJEQjU3QzRGOUFFMDIvNkU4MjNEQzJD
OTE4MTFFRkE3Mjc5Mzg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdCh0wDQYJKoZIhvcNAQELBQADggEBAEqnBi2dSsrBRQsf
iv5ZRKpErzNpOvmMcEo0EB+M0W+DQFlshTCs3T7de6B6iwsX5kFVeHA8rkMs7pM2
U/J7FWUUKPZjpKF14JOditjhM/UP2Zr5WXi/wOnr6c+XeDjStw3HHvRsjlajEXIM
bCkCZH+znl+FVIqutiQn4/iN7i+y9HgJSSpXfOiTKDzo96avXBhpBMscTNvdJy50
ZC5mid42qFRLirRqwrNGqwdRSu7448+pyLASAuIVdMfdKEralLDQ4FwxG6xZ4X37
JakWsh+BKQAQMplod18cAq1FBbe42T9DZxa+rTdOAzFpa2CZggGbM3wajU+TnyoV
jiInYX0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:35:53 2025 by rpki-client