Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/DD104F62963E11EE97A2DB14C4F9AE02.roa
File: DD104F62963E11EE97A2DB14C4F9AE02.roa (raw, json)
Hash identifier: uXtKNQs7u8sJ5e2wnkAZsiszSRiHLZiFubWPgnfw/N0=
Subject key identifier: 7C:C7:BA:90:46:FA:C8:83:EC:80:9F:F1:DC:49:85:5C:80:B4:B8:4D
Certificate issuer: /CN=A917E42D/serialNumber=5A7C384B296CFC7F24260F05108D67D60C6EADCE
Certificate serial: 02
Authority key identifier: 5A:7C:38:4B:29:6C:FC:7F:24:26:0F:05:10:8D:67:D6:0C:6E:AD:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wnw4Syls_H8kJg8FEI1n1gxurc4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/DD104F62963E11EE97A2DB14C4F9AE02.roa
Signing time: Sat 09 Dec 2023 02:58:44 +0000
ROA not before: Sat 09 Dec 2023 02:58:44 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 151374
IP address blocks: 121.50.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E42D, serialNumber=5A7C384B296CFC7F24260F05108D67D60C6EADCE
Validity
Not Before: Dec 9 02:58:44 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6573d7e3-7cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:57:05:00:b9:45:a7:95:2c:30:6f:ec:38:56:
d1:7f:06:f4:fe:35:80:e0:f2:ec:32:02:dc:7c:24:
2b:2a:8d:a4:62:63:ec:2f:1a:0a:bb:4b:77:2f:1d:
d8:8c:4f:18:58:62:09:f3:8b:a0:3a:e6:fb:dc:ee:
d2:87:2c:90:96:0f:79:a8:50:cd:2f:18:98:53:6a:
57:a2:25:73:77:28:fc:ff:26:f2:27:63:55:95:f0:
af:59:29:af:f2:a6:22:71:3b:d8:b1:ee:0e:3c:bd:
1d:0e:bf:41:e2:ca:7d:a3:e4:db:08:b8:56:da:66:
c7:77:5e:73:00:d6:ef:e7:01:96:7e:8e:d5:2e:55:
00:ac:8b:9f:25:2b:88:6c:20:b8:9e:36:4a:90:6e:
67:9a:5b:6d:23:1d:89:81:d8:fa:cb:71:bc:ea:1d:
5f:24:4b:68:e0:f2:60:ca:05:bf:43:35:7f:ef:38:
26:34:5d:9c:39:88:ff:fe:25:83:b1:7d:90:6b:40:
e0:8f:ab:9d:8e:32:6d:8d:53:3d:cb:23:51:6a:2c:
dd:2d:37:23:e6:41:18:45:a8:1a:67:fa:e0:b5:e3:
be:44:08:73:dc:50:3d:29:6f:c5:48:0a:b7:29:68:
41:d6:99:1e:02:70:39:97:67:ef:92:6e:a2:5a:6a:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C7:BA:90:46:FA:C8:83:EC:80:9F:F1:DC:49:85:5C:80:B4:B8:4D
X509v3 Authority Key Identifier:
keyid:5A:7C:38:4B:29:6C:FC:7F:24:26:0F:05:10:8D:67:D6:0C:6E:AD:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/Wnw4Syls_H8kJg8FEI1n1gxurc4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wnw4Syls_H8kJg8FEI1n1gxurc4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/DD104F62963E11EE97A2DB14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.50.48.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:80:cd:9c:d9:69:89:2d:d8:29:1a:7f:82:07:47:21:45:8f:
02:64:fa:37:f9:04:2f:00:0d:32:e0:c0:be:9f:ec:fd:88:d6:
8a:b2:9d:05:0f:d5:17:83:ee:f3:ba:f4:c7:4e:c3:b3:3a:3a:
ca:a7:da:44:3a:5a:17:bc:23:5a:85:03:03:da:ed:b1:2b:0f:
3d:56:df:83:4f:fb:4b:73:f7:43:bc:25:8c:27:8c:7f:8f:02:
9b:9d:c5:51:35:12:9a:f6:4e:29:05:f5:34:b3:7f:1c:f5:06:
5d:4f:4f:40:a1:6e:d3:8a:f1:88:ba:83:65:74:63:2d:59:79:
de:0a:83:b8:3b:0a:54:02:de:07:53:70:d9:9e:f9:0f:e6:7a:
09:c9:0e:9e:07:69:0a:82:ec:4b:b2:c8:10:8e:84:8f:6e:ab:
b1:38:c3:a3:d9:eb:77:9d:eb:62:7a:fe:84:2e:3f:6f:1b:4d:
4e:41:0e:1d:26:ba:e4:1e:f3:1d:9f:89:9a:28:15:8f:53:6e:
58:a1:93:ba:20:d9:54:20:76:bc:96:f6:13:7f:73:a5:5d:93:
49:1f:8a:ef:b8:45:78:f3:74:de:01:d6:57:a3:a3:4a:a4:56:
cf:8b:30:ee:d1:99:22:90:5d:d2:72:3e:18:66:38:6e:2b:8c:
7b:e6:52:4b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RTQyRDExMC8GA1UEBRMoNUE3QzM4NEIyOTZDRkM3RjI0MjYwRjA1MTA4RDY3RDYw
QzZFQURDRTAeFw0yMzEyMDkwMjU4NDRaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzNkN2UzLTdjYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7VwUAuUWnlSwwb+w4VtF/BvT+NYDg8uwyAtx8JCsqjaRiY+wvGgq7S3cvHdiM
TxhYYgnzi6A65vvc7tKHLJCWD3moUM0vGJhTaleiJXN3KPz/JvInY1WV8K9ZKa/y
piJxO9ix7g48vR0Ov0Hiyn2j5NsIuFbaZsd3XnMA1u/nAZZ+jtUuVQCsi58lK4hs
ILieNkqQbmeaW20jHYmB2PrLcbzqHV8kS2jg8mDKBb9DNX/vOCY0XZw5iP/+JYOx
fZBrQOCPq52OMm2NUz3LI1FqLN0tNyPmQRhFqBpn+uC1475ECHPcUD0pb8VICrcp
aEHWmR4CcDmXZ++SbqJaauEhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfMe6kEb6
yIPsgJ/x3EmFXIC0uE0wHwYDVR0jBBgwFoAUWnw4Syls/H8kJg8FEI1n1gxurc4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFNDJELzY2MzE1Q0MwOTYz
MzExRUVBM0FBQzQxOEM0RjlBRTAyL1dudzRTeWxzX0g4a0pnOEZFSTFuMWd4dXJj
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV253NFN5bHNfSDhrSmc4RkVJMW4xZ3h1cmM0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTQyRC82NjMxNUNDMDk2MzMxMUVFQTNBQUM0MThDNEY5QUUwMi9ERDEwNEY2Mjk2
M0UxMUVFOTdBMkRCMTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA3kyMDANBgkqhkiG9w0BAQsFAAOCAQEAboDNnNlpiS3YKRp/
ggdHIUWPAmT6N/kELwANMuDAvp/s/YjWirKdBQ/VF4Pu87r0x07Dszo6yqfaRDpa
F7wjWoUDA9rtsSsPPVbfg0/7S3P3Q7wljCeMf48Cm53FUTUSmvZOKQX1NLN/HPUG
XU9PQKFu04rxiLqDZXRjLVl53gqDuDsKVALeB1Nw2Z75D+Z6CckOngdpCoLsS7LI
EI6Ej26rsTjDo9nrd53rYnr+hC4/bxtNTkEOHSa65B7zHZ+JmigVj1NuWKGTuiDZ
VCB2vJb2E39zpV2TSR+K77hFePN03gHWV6OjSqRWz4sw7tGZIpBd0nI+GGY4biuM
e+ZSSw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:26:38 2025 by rpki-client