Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/DEBA20283C2411EEACF28154C4F9AE02.roa
File: DEBA20283C2411EEACF28154C4F9AE02.roa (raw, json)
Hash identifier: oP8TetnoG4+B04y3FbJHlRU7gNYJOa5jU9GjyuKw9Sc=
Subject key identifier: 9A:23:C0:52:F0:AF:04:1C:84:44:60:30:F2:55:88:34:6B:A1:0F:25
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0885
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/DEBA20283C2411EEACF28154C4F9AE02.roa
Signing time: Wed 16 Aug 2023 11:05:55 +0000
ROA not before: Wed 16 Aug 2023 11:05:55 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 174
IP address blocks: 111.92.128.0/24 maxlen: 24
111.92.129.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2181 (0x885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Aug 16 11:05:55 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64dcad93-b0ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:98:0f:4a:75:a2:6a:29:8e:34:b8:22:d3:
fa:8e:d9:ad:b5:4c:fa:5f:71:52:7c:6c:b4:fc:ed:
72:d5:39:13:96:66:f4:94:ea:76:af:42:7f:5d:8f:
1b:35:06:4c:f5:b0:4a:b7:c7:d1:03:0b:c9:9d:5b:
66:8d:ae:a8:fa:1f:88:61:14:8f:f8:8c:21:81:61:
33:34:a7:d3:a9:31:7f:11:55:28:12:df:17:3f:57:
a6:cc:4a:46:0d:aa:6a:14:71:5d:32:69:54:6d:8a:
28:a4:dc:77:77:14:97:cd:c6:5c:b5:80:2f:5d:6c:
e8:bb:3d:ea:0c:03:2c:4c:fd:ea:e0:a9:eb:05:e6:
c8:3f:29:76:2c:0a:2a:c9:7a:54:36:35:0e:56:8e:
f2:fd:2a:ac:51:3b:d8:12:b1:40:d7:bb:a7:17:8f:
cb:c4:de:c3:00:7d:6a:ba:aa:5c:2e:3b:73:86:b2:
b0:0b:ac:12:79:c2:61:fc:f8:79:14:2a:c1:7e:27:
ae:3a:c1:30:58:e2:24:b3:d4:c2:41:98:80:a6:74:
b9:1f:1e:6e:91:ac:a5:6e:12:23:e3:b5:2d:33:0c:
f5:b2:76:b0:2d:90:cf:a0:66:7c:68:71:4b:e9:42:
18:ec:3f:9e:44:f3:72:15:4d:68:05:dd:0d:32:c4:
9a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:23:C0:52:F0:AF:04:1C:84:44:60:30:F2:55:88:34:6B:A1:0F:25
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/DEBA20283C2411EEACF28154C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.92.128.0/23
111.92.131.0-111.92.132.255
Signature Algorithm: sha256WithRSAEncryption
5c:5e:8e:9f:c9:80:2f:e6:8f:81:a0:1a:8c:c1:ef:c4:cd:a7:
28:f7:0f:2e:63:bf:47:9c:f1:3d:43:8f:66:0d:7e:2a:4c:30:
66:9d:e2:41:55:e3:c8:cd:97:41:a3:00:8c:c6:01:dc:9d:4d:
a3:a4:89:6a:24:34:ac:db:e6:a6:8f:9b:8d:70:fd:59:00:3e:
e3:30:06:f1:9b:3d:23:3e:2b:0b:27:10:17:04:2c:02:35:5b:
77:a0:4d:79:e1:39:83:31:62:80:16:9b:94:57:59:f3:d7:c7:
36:8e:02:80:6e:e2:de:46:86:4b:0d:f9:7a:c9:0f:90:67:1f:
bf:2a:f7:95:e3:a6:fe:a3:57:5c:22:d6:72:58:8a:0f:31:93:
92:57:a7:6b:4b:c9:be:14:f3:d4:ea:27:44:b8:6e:52:ce:ea:
b5:b6:3a:92:b7:1c:13:7c:07:c5:4c:bf:72:1d:3c:67:96:93:
88:b5:99:5f:f9:16:b8:02:1b:24:25:18:e5:6e:05:14:d5:c9:
c6:92:e1:e9:0f:85:d8:58:74:2d:3c:c7:33:f7:0e:dc:7a:d7:
50:f9:9e:ae:1e:43:58:1f:ff:56:fd:54:2f:62:c5:e2:d4:b8:
47:2a:45:ab:a7:7e:22:d2:fd:50:43:7a:f7:f7:23:81:fd:c2:
fa:d4:95:90
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjMwODE2MTEwNTU1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRjYWQ5My1iMGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArE2YD0p1omopjjS4ItP6jtmttUz6X3FSfGy0/O1y1TkTlmb0lOp2r0J/XY8b
NQZM9bBKt8fRAwvJnVtmja6o+h+IYRSP+IwhgWEzNKfTqTF/EVUoEt8XP1emzEpG
DapqFHFdMmlUbYoopNx3dxSXzcZctYAvXWzouz3qDAMsTP3q4KnrBebIPyl2LAoq
yXpUNjUOVo7y/SqsUTvYErFA17unF4/LxN7DAH1quqpcLjtzhrKwC6wSecJh/Ph5
FCrBfieuOsEwWOIks9TCQZiApnS5Hx5ukaylbhIj47UtMwz1snawLZDPoGZ8aHFL
6UIY7D+eRPNyFU1oBd0NMsSagwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFJojwFLw
rwQchERgMPJViDRroQ8lMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvREVCQTIwMjgz
QzI0MTFFRUFDRjI4MTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAFvXIAwDAMEAG9cgwMEAG9chDANBgkqhkiG9w0BAQsFAAOC
AQEAXF6On8mAL+aPgaAajMHvxM2nKPcPLmO/R5zxPUOPZg1+KkwwZp3iQVXjyM2X
QaMAjMYB3J1No6SJaiQ0rNvmpo+bjXD9WQA+4zAG8Zs9Iz4rCycQFwQsAjVbd6BN
eeE5gzFigBablFdZ89fHNo4CgG7i3kaGSw35eskPkGcfvyr3leOm/qNXXCLWcliK
DzGTklena0vJvhTz1OonRLhuUs7qtbY6krccE3wHxUy/ch08Z5aTiLWZX/kWuAIb
JCUY5W4FFNXJxpLh6Q+F2Fh0LTzHM/cO3HrXUPmerh5DWB//Vv1UL2LF4tS4RypF
q6d+ItL9UEN69/cjgf3C+tSVkA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:18:44 2025 by rpki-client