Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/01AA80A0F3E611ED97DFEF30C4F9AE02.roa
File: 01AA80A0F3E611ED97DFEF30C4F9AE02.roa (raw, json)
Hash identifier: 1G2GeH6qwRRnXSYwW1Wo+6av2N9WS6OjOTNmihnjcTs=
Subject key identifier: FB:DC:50:BE:EF:FD:37:25:80:E7:0F:9E:B9:9D:0A:6F:28:00:C0:04
Certificate issuer: /CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Certificate serial: 0397
Authority key identifier: 79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/01AA80A0F3E611ED97DFEF30C4F9AE02.roa
Signing time: Tue 16 May 2023 12:34:32 +0000
ROA not before: Tue 16 May 2023 12:34:32 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 142127
IP address blocks: 103.151.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 919 (0x397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9C52, serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Validity
Not Before: May 16 12:34:32 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=64637857-dce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c7:5a:14:bb:7b:8f:38:5d:dc:2e:ab:7a:bc:
0a:ca:61:90:56:68:35:f0:a5:83:97:c3:b9:ee:21:
74:5a:3b:10:e3:04:16:08:d3:3f:e6:4d:1b:34:6b:
04:d9:bc:fd:da:09:3d:a9:b1:5a:56:66:25:8a:f8:
04:aa:b6:b4:1c:57:86:4f:1c:56:2d:c0:6b:f3:35:
08:fe:3a:ff:7d:e2:fc:d2:e0:2d:be:58:b0:77:18:
14:2f:23:4a:8f:b0:aa:08:53:e7:09:c8:ee:eb:cf:
83:33:1f:16:40:7d:fc:0d:07:9b:1b:7b:31:87:68:
54:69:89:f9:d7:b3:19:23:cf:1b:9b:48:3f:82:78:
bb:36:b9:ec:b3:38:c4:a7:b7:27:6c:c9:f7:05:5d:
7c:b3:d0:08:46:fd:47:e9:f7:cd:52:e5:dd:14:66:
34:bb:49:56:8d:76:7a:f0:86:9f:63:87:1e:a3:2f:
92:f2:0b:11:9f:26:da:83:44:50:99:84:82:10:47:
10:0e:1e:28:0a:8d:a0:7d:96:46:af:c9:37:55:c6:
e8:96:40:aa:25:05:ba:af:6d:97:50:81:9c:6e:ad:
e1:5d:b6:36:d8:48:60:7d:28:81:83:6c:c8:c2:06:
29:eb:48:09:50:1e:96:f0:6e:0e:f0:76:d8:da:e9:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DC:50:BE:EF:FD:37:25:80:E7:0F:9E:B9:9D:0A:6F:28:00:C0:04
X509v3 Authority Key Identifier:
keyid:79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/01AA80A0F3E611ED97DFEF30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.236.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:7b:a4:28:4f:8b:17:b9:fc:bd:e5:6d:38:a8:36:11:f0:9f:
0a:6e:eb:65:2e:e4:8f:82:dc:58:72:33:62:60:f7:12:ac:83:
b1:6b:c6:55:5f:8d:72:74:63:2e:ce:4e:29:38:fc:ad:cc:9e:
b4:98:f0:71:e0:ea:12:ed:4c:08:f2:49:fc:b4:02:04:09:40:
a0:dd:e6:1f:0c:f6:f1:45:a6:15:03:2e:bb:fa:56:be:08:b8:
32:a6:e6:06:8e:41:ae:a3:ca:69:0d:20:7d:60:b4:4d:91:5c:
20:cf:83:6f:95:39:65:76:12:e8:c3:26:0f:60:25:b5:bc:ee:
6f:36:7f:80:ee:91:e7:3d:6b:84:28:d0:39:bc:44:60:28:b3:
e2:74:cd:52:bd:65:b3:e6:11:e0:2d:c2:55:bd:3d:9e:b3:af:
c1:77:b0:59:92:64:bd:97:e4:a5:a7:01:6b:ab:0c:cb:db:f0:
15:ad:d7:29:b0:04:9a:b9:9f:9f:f3:aa:54:d2:00:62:26:a6:
2d:6a:d2:92:23:7d:09:4c:51:a5:77:cd:9e:24:87:62:b8:c7:
3a:ac:9f:a6:69:c4:01:02:3d:d6:6f:bf:69:2a:cf:32:12:1f:
47:81:87:c0:9f:8a:04:7c:52:c8:f4:23:1a:5d:ef:24:85:c7:
d8:77:fd:65
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA5cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlDNTIxMTAvBgNVBAUTKDc5MDU1NTNGRUNBNTkwMzBENTE5MTgzNzJGMUVFMTcy
NzQ5NDlGQjUwHhcNMjMwNTE2MTIzNDMyWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYzNzg1Ny1kY2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAscdaFLt7jzhd3C6rerwKymGQVmg18KWDl8O57iF0WjsQ4wQWCNM/5k0bNGsE
2bz92gk9qbFaVmYlivgEqra0HFeGTxxWLcBr8zUI/jr/feL80uAtvliwdxgULyNK
j7CqCFPnCcju68+DMx8WQH38DQebG3sxh2hUaYn517MZI88bm0g/gni7NrnsszjE
p7cnbMn3BV18s9AIRv1H6ffNUuXdFGY0u0lWjXZ68IafY4ceoy+S8gsRnybag0RQ
mYSCEEcQDh4oCo2gfZZGr8k3VcbolkCqJQW6r22XUIGcbq3hXbY22EhgfSiBg2zI
wgYp60gJUB6W8G4O8HbY2umH1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPvcUL7v
/TclgOcPnrmdCm8oAMAEMB8GA1UdIwQYMBaAFHkFVT/spZAw1RkYNy8e4XJ0lJ+1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUM1Mi82QjcxNTE2MjBE
N0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9lUVZWUC15bGtERFZHUmczTHg3aGNuU1Vu
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRVlZQLXlsa0REVkdSZzNMeDdoY25TVW43VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlDNTIvNkI3MTUxNjIwRDdFMTFFQzlDMEI1Rjc1QzRGOUFFMDIvMDFBQTgwQTBG
M0U2MTFFRDk3REZFRjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnl+wwDQYJKoZIhvcNAQELBQADggEBAFt7pChPixe5/L3l
bTioNhHwnwpu62Uu5I+C3FhyM2Jg9xKsg7FrxlVfjXJ0Yy7OTik4/K3MnrSY8HHg
6hLtTAjySfy0AgQJQKDd5h8M9vFFphUDLrv6Vr4IuDKm5gaOQa6jymkNIH1gtE2R
XCDPg2+VOWV2EujDJg9gJbW87m82f4Dukec9a4Qo0Dm8RGAos+J0zVK9ZbPmEeAt
wlW9PZ6zr8F3sFmSZL2X5KWnAWurDMvb8BWt1ymwBJq5n5/zqlTSAGImpi1q0pIj
fQlMUaV3zZ4kh2K4xzqsn6ZpxAECPdZvv2kqzzISH0eBh8CfigR8Usj0Ixpd7ySF
x9h3/WU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:17:51 2025 by rpki-client