Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/BC8C46340C4E11EF85EEFC1FC4F9AE02.roa
File: BC8C46340C4E11EF85EEFC1FC4F9AE02.roa (raw, json)
Hash identifier: RqfIVHDo+vWxTBgAefCMUTG768+dL5ovQmx3EodWUO8=
Subject key identifier: 6D:6D:27:D6:B0:FB:56:D8:CE:3A:1B:09:03:74:D3:4B:00:56:5B:A9
Certificate issuer: /CN=A91993A0/serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Certificate serial: 1B
Authority key identifier: BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/BC8C46340C4E11EF85EEFC1FC4F9AE02.roa
Signing time: Tue 07 May 2024 08:49:38 +0000
ROA not before: Tue 07 May 2024 08:49:38 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 10103
IP address blocks: 202.70.160.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27 (0x1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91993A0, serialNumber=BCB7CF4430BB98EA04851C340726E588150E139D
Validity
Not Before: May 7 08:49:38 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6639eb22-6160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:95:00:1b:74:52:be:a3:10:a8:4b:01:d1:e3:
2d:e5:7a:1a:f9:cb:e5:20:8b:c1:d1:e8:3e:c2:b2:
43:33:66:72:de:19:14:44:a4:15:a0:05:65:17:13:
87:6a:e2:eb:db:2f:d2:89:ae:16:ae:a9:0a:59:10:
85:8d:a9:e5:0a:c6:92:4a:5c:0b:11:42:8f:1d:88:
7f:28:a4:2b:d9:3d:70:ca:16:1d:92:41:f3:c7:23:
b5:ce:70:9b:7b:49:c0:dc:9d:ff:4c:7f:0d:4f:94:
16:51:39:39:74:c7:71:89:43:ea:72:fa:bd:4e:d5:
fa:a9:b0:6f:0b:ae:0e:f0:fe:9a:c0:b0:2b:1b:05:
ca:09:16:3b:36:2c:ff:a2:61:2b:9e:29:bd:19:de:
42:e9:7f:3c:d5:b3:53:4b:ed:69:10:c1:23:1b:33:
b0:48:19:d2:2f:22:77:0e:ea:6f:e6:3d:9f:f7:fa:
0c:e3:f4:ab:ed:82:2c:70:0a:26:35:49:49:82:a0:
4f:9f:3e:36:30:e4:f3:33:dc:c4:e7:49:74:ac:57:
98:4f:1b:18:f7:09:9e:86:69:a5:27:6f:ac:0f:15:
c2:ef:e1:13:73:f8:80:a5:38:c0:74:4b:40:29:61:
c6:62:89:a0:f2:5d:47:bb:ca:be:7d:7a:c7:57:1a:
ac:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6D:27:D6:B0:FB:56:D8:CE:3A:1B:09:03:74:D3:4B:00:56:5B:A9
X509v3 Authority Key Identifier:
keyid:BC:B7:CF:44:30:BB:98:EA:04:85:1C:34:07:26:E5:88:15:0E:13:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/vLfPRDC7mOoEhRw0BybliBUOE50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vLfPRDC7mOoEhRw0BybliBUOE50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91993A0/A5955E560C4511EF9E7E051DC4F9AE02/BC8C46340C4E11EF85EEFC1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.70.160.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:77:31:99:2c:94:34:b7:d9:5f:19:eb:04:13:a8:f6:ba:9d:
fe:96:89:8d:04:f1:38:2b:87:7a:4e:8e:50:e3:12:31:fa:6e:
6f:47:03:8f:bc:70:8f:19:e4:3b:eb:03:46:d5:41:b8:b0:80:
d6:97:da:fa:e3:6e:18:47:11:c3:58:b5:4d:7f:91:ed:cc:f3:
3b:94:df:18:ad:ef:cb:09:3d:d4:0e:2b:d5:ef:80:02:2f:a8:
23:68:2b:f9:47:c5:bf:d3:e3:87:0b:2b:8e:cf:45:7a:44:2e:
04:8f:00:8c:35:ec:d1:44:bc:f7:78:2f:d6:4b:08:42:4c:e6:
44:1d:32:5d:13:cd:f5:7c:2d:ef:f1:cf:e7:d8:e8:dc:8c:3d:
1a:ed:35:78:c9:73:3c:7e:e6:9c:4e:91:07:fe:e7:e0:7f:9d:
5f:88:9c:91:79:ac:b3:dc:28:75:e5:ed:6b:4c:76:e1:e4:ce:
49:92:d4:a3:14:af:eb:86:70:48:9f:35:07:1e:0a:44:2d:8a:
65:cf:ac:ef:23:fa:60:3b:37:3c:7a:87:0a:d4:5b:ed:49:a2:
17:e4:3a:00:00:51:10:63:f7:d0:16:4b:3d:e9:c0:04:94:80:
c1:55:e7:ce:a4:76:58:7c:a7:08:6b:79:fd:21:4f:df:f6:00:
2e:fe:37:02
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
OTNBMDExMC8GA1UEBRMoQkNCN0NGNDQzMEJCOThFQTA0ODUxQzM0MDcyNkU1ODgx
NTBFMTM5RDAeFw0yNDA1MDcwODQ5MzhaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzllYjIyLTYxNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDilQAbdFK+oxCoSwHR4y3lehr5y+Ugi8HR6D7CskMzZnLeGRREpBWgBWUXE4dq
4uvbL9KJrhauqQpZEIWNqeUKxpJKXAsRQo8diH8opCvZPXDKFh2SQfPHI7XOcJt7
ScDcnf9Mfw1PlBZROTl0x3GJQ+py+r1O1fqpsG8Lrg7w/prAsCsbBcoJFjs2LP+i
YSueKb0Z3kLpfzzVs1NL7WkQwSMbM7BIGdIvIncO6m/mPZ/3+gzj9KvtgixwCiY1
SUmCoE+fPjYw5PMz3MTnSXSsV5hPGxj3CZ6GaaUnb6wPFcLv4RNz+IClOMB0S0Ap
YcZiiaDyXUe7yr59esdXGqwlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUbW0n1rD7
VtjOOhsJA3TTSwBWW6kwHwYDVR0jBBgwFoAUvLfPRDC7mOoEhRw0BybliBUOE50w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5M0EwL0E1OTU1RTU2MEM0
NTExRUY5RTdFMDUxREM0RjlBRTAyL3ZMZlBSREM3bU9vRWhSdzBCeWJsaUJVT0U1
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdkxmUFJEQzdtT29FaFJ3MEJ5YmxpQlVPRTUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OTNBMC9BNTk1NUU1NjBDNDUxMUVGOUU3RTA1MURDNEY5QUUwMi9CQzhDNDYzNDBD
NEUxMUVGODVFRUZDMUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMpGoDANBgkqhkiG9w0BAQsFAAOCAQEAjncxmSyUNLfZXxnr
BBOo9rqd/paJjQTxOCuHek6OUOMSMfpub0cDj7xwjxnkO+sDRtVBuLCA1pfa+uNu
GEcRw1i1TX+R7czzO5TfGK3vywk91A4r1e+AAi+oI2gr+UfFv9Pjhwsrjs9FekQu
BI8AjDXs0US893gv1ksIQkzmRB0yXRPN9Xwt7/HP59jo3Iw9Gu01eMlzPH7mnE6R
B/7n4H+dX4ickXmss9wodeXta0x24eTOSZLUoxSv64ZwSJ81Bx4KRC2KZc+s7yP6
YDs3PHqHCtRb7UmiF+Q6AABREGP30BZLPenABJSAwVXnzqR2WHynCGt5/SFP3/YA
Lv43Ag==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:26:27 2025 by rpki-client