Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/14B2BE74001B11EE828EDB25C4F9AE02.roa
File: 14B2BE74001B11EE828EDB25C4F9AE02.roa (raw, json)
Hash identifier: 0N3s4Zn4QgPWcB+G23cL3d6tTTPreDd/pCYfIBYH1h0=
Subject key identifier: 49:F7:66:4C:3F:70:83:60:63:B7:D3:E4:14:39:1B:63:2E:3B:0B:6F
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 0202
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/14B2BE74001B11EE828EDB25C4F9AE02.roa
Signing time: Thu 01 Jun 2023 06:54:52 +0000
ROA not before: Thu 01 Jun 2023 06:54:52 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 400509
IP address blocks: 203.32.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 514 (0x202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75, serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Jun 1 06:54:52 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=647840bb-e3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:30:c6:13:3c:72:16:89:d2:48:0d:53:6d:81:
37:e1:2e:69:67:d2:92:0e:b0:41:2d:54:09:1b:80:
0e:c8:9c:a3:64:10:ec:84:f6:7c:b1:d7:86:37:92:
98:53:1e:0b:9c:fe:d4:78:60:e5:ac:49:09:42:6b:
65:a6:3f:9a:72:64:c6:ca:4f:55:4f:9c:73:8e:29:
84:1c:6d:9f:6a:a0:d9:54:29:fe:dc:d2:53:97:39:
54:c1:d1:37:14:16:17:60:13:af:d8:b7:67:1a:ca:
3f:64:bd:f2:ce:6e:a8:49:86:2e:b7:2b:22:6a:5d:
c1:25:4e:78:db:41:20:62:e5:cf:2b:fe:51:ba:4e:
35:e3:ae:05:70:01:a0:e9:fa:5c:2c:6b:38:90:b7:
18:0b:91:e6:d8:6a:1a:e7:a5:38:55:54:82:24:b1:
ea:79:99:7b:8b:d1:fe:10:94:6a:ae:56:18:ef:46:
34:6e:f7:96:67:75:0e:a1:02:20:e6:cd:de:7c:aa:
80:be:f7:b7:b7:1c:61:cc:55:d6:c4:a6:01:8d:ac:
44:51:46:53:3f:cb:e1:4a:95:52:26:6b:3a:d7:01:
27:a8:fc:d4:5c:b8:e4:38:2e:28:d9:0c:76:7d:87:
10:b9:26:8a:b2:b6:56:fe:30:88:ff:99:80:19:86:
17:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F7:66:4C:3F:70:83:60:63:B7:D3:E4:14:39:1B:63:2E:3B:0B:6F
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/14B2BE74001B11EE828EDB25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f3:04:17:cf:f1:e0:25:c5:7d:db:17:70:39:1e:1e:31:b4:
4e:40:fd:62:d7:56:62:5e:1e:f1:b6:be:bd:c5:8d:a1:19:bf:
47:2d:5b:b8:9f:71:74:fd:b7:0d:83:c5:4b:3c:7c:84:6b:21:
52:b6:45:ac:3b:86:84:8a:d6:bd:cf:51:0c:33:ea:51:3c:c5:
0d:b8:60:bc:06:35:34:02:fa:d5:fc:d5:c5:cd:a7:43:c8:bb:
72:6d:fd:f9:82:ac:fd:98:71:47:7f:ef:76:46:05:0d:56:ec:
cd:32:8e:ba:83:e4:3c:05:b2:ca:ab:08:23:e3:49:42:3a:06:
26:bc:ba:db:ce:7b:eb:59:68:bd:13:91:3d:27:f2:af:ba:5d:
d6:93:50:bb:ae:1c:50:bd:7a:bd:ba:f9:7f:0d:ec:d4:41:72:
22:94:1e:b4:b0:31:48:05:61:27:c7:eb:53:67:8e:a4:96:3b:
eb:de:6e:eb:85:54:e5:76:1f:ed:74:6f:1a:7c:a6:13:fd:72:
6f:91:8d:70:52:5b:c5:88:cf:79:23:83:00:c6:39:3b:09:a1:
07:db:be:46:3a:7a:bb:11:01:41:d5:4a:8b:17:d9:f1:ec:4e:
82:cb:1c:d8:02:02:f5:59:d5:18:20:81:86:70:1f:b7:c4:b2:
24:b7:57:06
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAgIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwNjAxMDY1NDUyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4NDBiYi1lM2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7DDGEzxyFonSSA1TbYE34S5pZ9KSDrBBLVQJG4AOyJyjZBDshPZ8sdeGN5KY
Ux4LnP7UeGDlrEkJQmtlpj+acmTGyk9VT5xzjimEHG2faqDZVCn+3NJTlzlUwdE3
FBYXYBOv2LdnGso/ZL3yzm6oSYYutysial3BJU5420EgYuXPK/5Ruk41464FcAGg
6fpcLGs4kLcYC5Hm2Goa56U4VVSCJLHqeZl7i9H+EJRqrlYY70Y0bveWZ3UOoQIg
5s3efKqAvve3txxhzFXWxKYBjaxEUUZTP8vhSpVSJms61wEnqPzUXLjkOC4o2Qx2
fYcQuSaKsrZW/jCI/5mAGYYXeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEn3Zkw/
cINgY7fT5BQ5G2MuOwtvMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMTRCMkJFNzQw
MDFCMTFFRTgyOEVEQjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIAcwDQYJKoZIhvcNAQELBQADggEBACXzBBfP8eAlxX3b
F3A5Hh4xtE5A/WLXVmJeHvG2vr3FjaEZv0ctW7ifcXT9tw2DxUs8fIRrIVK2Raw7
hoSK1r3PUQwz6lE8xQ24YLwGNTQC+tX81cXNp0PIu3Jt/fmCrP2YcUd/73ZGBQ1W
7M0yjrqD5DwFssqrCCPjSUI6Bia8utvOe+tZaL0TkT0n8q+6XdaTULuuHFC9er26
+X8N7NRBciKUHrSwMUgFYSfH61NnjqSWO+vebuuFVOV2H+10bxp8phP9cm+RjXBS
W8WIz3kjgwDGOTsJoQfbvkY6ersRAUHVSosX2fHsToLLHNgCAvVZ1RgggYZwH7fE
siS3VwY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:07:04 2025 by rpki-client