Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/58C4D518CFE211EB976CA358C4F9AE02.roa
File: 58C4D518CFE211EB976CA358C4F9AE02.roa (raw, json)
Hash identifier: UqRPXssY7c898hwsL3svFs2paGKfOfdKvsIv7adUqNE=
Subject key identifier: C0:53:6C:01:3C:04:11:1F:0B:70:17:40:A6:FF:C7:5E:C2:90:B9:18
Certificate issuer: /CN=A91BBA80/serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Certificate serial: 0B0D
Authority key identifier: 06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/58C4D518CFE211EB976CA358C4F9AE02.roa
Signing time: Tue 02 May 2023 20:37:20 +0000
ROA not before: Tue 02 May 2023 20:37:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50889
IP address blocks: 103.6.211.0/24 maxlen: 24
121.200.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2829 (0xb0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BBA80, serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Validity
Not Before: May 2 20:37:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6451747f-7bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1b:5a:a9:83:8f:9a:ca:78:f2:9e:08:0f:6d:
21:c4:96:e0:34:b3:ac:d7:b5:00:4c:54:70:eb:30:
6c:1a:e2:c6:de:91:1e:88:9d:1d:3a:2d:6d:a7:53:
0c:9f:15:d2:02:08:41:88:07:cf:6a:42:a6:7f:4a:
ce:ee:e9:c6:ee:d5:f6:c8:50:9e:48:70:27:73:4e:
5e:cf:13:f8:f4:de:d2:22:46:76:5f:41:11:b4:33:
08:0d:07:27:bb:13:1a:fb:73:9e:58:5c:61:a5:c8:
d8:63:04:71:6c:bc:f3:45:1b:9d:2f:d7:21:8e:a3:
c8:d6:9c:77:8f:0c:bd:c2:ff:77:e9:a7:b8:bc:5b:
bc:12:a0:4f:80:81:7a:47:18:85:8d:35:5b:bb:21:
de:d4:f1:c6:64:a0:02:e0:22:1f:8c:1e:af:69:9a:
46:f4:e1:9a:a1:67:a2:76:75:ad:22:bf:07:1f:6a:
a6:46:4d:bd:22:58:ff:99:7b:64:f0:bd:c6:ed:57:
b1:f4:fc:00:6b:63:71:fe:3f:2a:b1:16:98:78:ff:
35:83:1c:4e:5c:a3:eb:ca:45:3b:aa:61:47:de:e0:
e8:8a:0e:b7:4a:9d:15:f5:0a:ba:b4:43:1c:0d:45:
0d:b9:59:1f:db:2d:c7:30:dc:5b:39:53:dd:ee:de:
cc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:53:6C:01:3C:04:11:1F:0B:70:17:40:A6:FF:C7:5E:C2:90:B9:18
X509v3 Authority Key Identifier:
keyid:06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/58C4D518CFE211EB976CA358C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.211.0/24
121.200.45.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:0b:93:8d:8e:c0:2f:ff:49:da:b5:0c:51:5d:a6:a3:ab:3a:
25:a2:93:72:50:36:df:6e:f4:e7:86:d6:f2:fa:42:26:6f:d7:
c0:22:61:6a:8b:d4:95:71:63:e6:20:65:9f:2b:2e:00:97:62:
c9:fd:8c:d4:be:b3:3a:4e:ec:f5:77:ea:18:90:4d:63:cc:06:
b0:9f:e3:5f:92:4c:88:9a:dc:8c:53:b6:a3:f0:6a:78:d2:9d:
61:f1:76:aa:71:60:ae:b8:65:41:07:38:7f:e8:4e:a6:0f:f6:
54:3f:d3:e2:05:27:a7:02:b8:5e:07:b9:67:0d:68:b0:99:32:
f6:f2:eb:ef:24:e0:7f:7d:5d:12:16:9b:7e:62:a0:43:52:64:
be:d7:42:ff:e1:9d:c5:9b:f0:d3:90:d2:1f:56:af:3e:b7:8a:
05:0b:0f:de:4b:1f:db:c6:46:78:34:ed:b8:9b:68:7b:ea:d8:
87:74:16:0f:df:3a:da:bb:d3:f8:cd:41:8b:7f:28:75:a7:06:
85:34:1e:40:19:3a:7b:5c:61:2e:a6:9b:e0:e6:0e:da:af:89:
c2:5e:b3:ee:0b:d1:4c:05:03:04:dc:cb:2e:ec:24:46:21:0d:
b9:19:97:3c:dd:e7:c1:0d:a7:5a:b2:6f:78:33:ae:d1:55:e6:
b3:56:83:d3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkJBODAxMTAvBgNVBAUTKDA2MEY3RTc3QzAwQUNCRTA4NjhEQzBCOEZDQTIzRDRB
NUYwN0Q3N0EwHhcNMjMwNTAyMjAzNzIwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUxNzQ3Zi03YmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyhtaqYOPmsp48p4ID20hxJbgNLOs17UATFRw6zBsGuLG3pEeiJ0dOi1tp1MM
nxXSAghBiAfPakKmf0rO7unG7tX2yFCeSHAnc05ezxP49N7SIkZ2X0ERtDMIDQcn
uxMa+3OeWFxhpcjYYwRxbLzzRRudL9chjqPI1px3jwy9wv936ae4vFu8EqBPgIF6
RxiFjTVbuyHe1PHGZKAC4CIfjB6vaZpG9OGaoWeidnWtIr8HH2qmRk29Ilj/mXtk
8L3G7Vex9PwAa2Nx/j8qsRaYeP81gxxOXKPrykU7qmFH3uDoig63Sp0V9Qq6tEMc
DUUNuVkf2y3HMNxbOVPd7t7MEwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMBTbAE8
BBEfC3AXQKb/x17CkLkYMB8GA1UdIwQYMBaAFAYPfnfACsvgho3AuPyiPUpfB9d6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkE4MC9COThFODFENjA1
QjkxMUVBODIwODk5NkVDNEY5QUUwMi9CZzktZDhBS3ktQ0dqY0M0X0tJOVNsOEgx
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JnOS1kOEFLeS1DR2pjQzRfS0k5U2w4SDEzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkJBODAvQjk4RTgxRDYwNUI5MTFFQTgyMDg5OTZFQzRGOUFFMDIvNThDNEQ1MThD
RkUyMTFFQjk3NkNBMzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnBtMDBAB5yC0wDQYJKoZIhvcNAQELBQADggEBAKMLk42O
wC//Sdq1DFFdpqOrOiWik3JQNt9u9OeG1vL6QiZv18AiYWqL1JVxY+YgZZ8rLgCX
Ysn9jNS+szpO7PV36hiQTWPMBrCf41+STIia3IxTtqPwanjSnWHxdqpxYK64ZUEH
OH/oTqYP9lQ/0+IFJ6cCuF4HuWcNaLCZMvby6+8k4H99XRIWm35ioENSZL7XQv/h
ncWb8NOQ0h9Wrz63igULD95LH9vGRng07bibaHvq2Id0Fg/fOtq70/jNQYt/KHWn
BoU0HkAZOntcYS6mm+DmDtqvicJes+4L0UwFAwTcyy7sJEYhDbkZlzzd58ENp1qy
b3gzrtFV5rNWg9M=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:34:40 2025 by rpki-client