Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/2FD12F2C3F3811EEA9E5C518C4F9AE02.roa
File: 2FD12F2C3F3811EEA9E5C518C4F9AE02.roa (raw, json)
Hash identifier: bP7zcBS6ZKI+PhHsgJ7yeNe84fsuGDDoLepLhu/Mq7o=
Subject key identifier: CF:A9:26:5B:4A:B9:90:59:D5:A8:03:38:FA:B8:F5:59:C1:AE:69:EC
Certificate issuer: /CN=A91CE28E/serialNumber=2F6138FE2DB94EF7E33EC083C6825B2A3197ACE6
Certificate serial: 61
Authority key identifier: 2F:61:38:FE:2D:B9:4E:F7:E3:3E:C0:83:C6:82:5B:2A:31:97:AC:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2E4_i25TvfjPsCDxoJbKjGXrOY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/2FD12F2C3F3811EEA9E5C518C4F9AE02.roa
Signing time: Sun 20 Aug 2023 09:01:45 +0000
ROA not before: Sun 20 Aug 2023 09:01:45 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 9889
IP address blocks: 202.37.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97 (0x61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE28E, serialNumber=2F6138FE2DB94EF7E33EC083C6825B2A3197ACE6
Validity
Not Before: Aug 20 09:01:45 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64e1d679-1231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7b:51:82:16:b2:1f:9c:82:c5:0a:ff:f2:1b:
b1:d6:33:53:36:2a:b2:89:6c:ca:fd:61:9d:da:23:
c2:af:82:41:aa:23:41:2e:1c:67:4a:bf:42:37:7a:
26:d8:f2:e3:49:4c:48:be:8b:83:c8:32:df:35:c9:
76:f7:60:28:93:94:2f:28:25:b8:81:27:53:6f:a0:
47:66:73:c6:32:82:78:81:c6:dc:fc:67:cd:67:76:
0c:9e:58:29:16:4d:6b:c3:8a:15:3f:cc:bc:4f:6f:
5c:43:cb:9f:26:29:c4:57:67:2d:31:71:c9:ac:7e:
a6:0b:1e:56:2c:1a:ab:a7:4c:cc:c2:5a:3e:5f:93:
5c:05:61:76:c8:29:1a:4b:0b:5e:fd:11:36:e1:3f:
07:52:4a:e9:3e:dd:d8:7e:33:39:c2:ac:eb:6c:e7:
34:e0:48:de:50:b2:15:bf:d9:90:08:1d:77:7c:c7:
52:ce:86:66:24:4a:ca:6b:ee:34:fc:68:44:71:a5:
ba:4f:dc:47:12:b6:52:dc:e9:6a:fb:ee:74:41:98:
ee:ae:41:35:04:aa:e4:3e:53:91:32:df:b7:5e:09:
f4:a7:23:b6:e8:c0:6f:6e:c7:cf:27:fd:94:36:e2:
c8:40:32:94:26:65:b6:4d:a3:db:dd:4c:f1:74:62:
c5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A9:26:5B:4A:B9:90:59:D5:A8:03:38:FA:B8:F5:59:C1:AE:69:EC
X509v3 Authority Key Identifier:
keyid:2F:61:38:FE:2D:B9:4E:F7:E3:3E:C0:83:C6:82:5B:2A:31:97:AC:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/L2E4_i25TvfjPsCDxoJbKjGXrOY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2E4_i25TvfjPsCDxoJbKjGXrOY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE28E/DDEA7274B73B11ED91639483C4F9AE02/2FD12F2C3F3811EEA9E5C518C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.37.72.0/24
Signature Algorithm: sha256WithRSAEncryption
54:cb:c4:8a:e4:e3:7d:5b:13:29:4b:af:3d:dc:5c:1c:fb:4d:
eb:0c:9c:75:ab:d3:b0:3d:e2:8c:5b:06:ed:04:f0:f4:6e:78:
f9:c6:52:fa:c7:d3:fd:fd:ab:96:0c:32:ed:49:f1:b4:d2:82:
7c:23:8e:3b:11:b0:82:95:bc:d2:80:77:f2:ac:e1:1e:2b:11:
5e:f1:bd:6d:88:28:82:26:31:f6:07:24:54:55:d3:bf:82:eb:
38:7e:11:5d:98:07:6d:fe:13:97:1c:2d:95:64:21:0b:91:80:
41:47:e0:39:62:eb:64:30:51:be:7f:2a:25:91:cc:e2:d8:1f:
ce:85:c8:8f:79:2d:b9:f9:b8:c2:33:d0:fc:34:92:29:fc:dd:
83:e9:b1:20:7e:96:47:29:48:88:f0:f6:a0:18:da:1a:6e:d2:
6e:ff:3f:21:30:ba:6c:12:26:52:6d:48:df:44:8a:17:24:4c:
9b:68:af:23:04:e1:5a:bb:27:d1:08:25:55:61:5f:66:1c:05:
e8:29:fa:bb:91:45:0a:73:b8:5e:cd:ab:0b:9d:28:75:7d:3e:
70:3d:83:70:f4:5d:8c:2d:80:cc:36:99:fc:5a:c7:8e:69:9f:
be:20:4e:30:dc:61:00:39:d9:d3:b3:80:e7:b6:34:be:4f:19:
97:5b:df:1c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBYTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RTI4RTExMC8GA1UEBRMoMkY2MTM4RkUyREI5NEVGN0UzM0VDMDgzQzY4MjVCMkEz
MTk3QUNFNjAeFw0yMzA4MjAwOTAxNDVaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTFkNjc5LTEyMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2e1GCFrIfnILFCv/yG7HWM1M2KrKJbMr9YZ3aI8KvgkGqI0EuHGdKv0I3eibY
8uNJTEi+i4PIMt81yXb3YCiTlC8oJbiBJ1NvoEdmc8YygniBxtz8Z81ndgyeWCkW
TWvDihU/zLxPb1xDy58mKcRXZy0xccmsfqYLHlYsGqunTMzCWj5fk1wFYXbIKRpL
C179ETbhPwdSSuk+3dh+MznCrOts5zTgSN5QshW/2ZAIHXd8x1LOhmYkSspr7jT8
aERxpbpP3EcStlLc6Wr77nRBmO6uQTUEquQ+U5Ey37deCfSnI7bowG9ux88n/ZQ2
4shAMpQmZbZNo9vdTPF0YsXfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUz6kmW0q5
kFnVqAM4+rj1WcGuaewwHwYDVR0jBBgwFoAUL2E4/i25TvfjPsCDxoJbKjGXrOYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFMjhFL0RERUE3Mjc0Qjcz
QjExRUQ5MTYzOTQ4M0M0RjlBRTAyL0wyRTRfaTI1VHZmalBzQ0R4b0piS2pHWHJP
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTDJFNF9pMjVUdmZqUHNDRHhvSmJLakdYck9ZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RTI4RS9EREVBNzI3NEI3M0IxMUVEOTE2Mzk0ODNDNEY5QUUwMi8yRkQxMkYyQzNG
MzgxMUVFQTlFNUM1MThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMolSDANBgkqhkiG9w0BAQsFAAOCAQEAVMvEiuTjfVsTKUuv
PdxcHPtN6wycdavTsD3ijFsG7QTw9G54+cZS+sfT/f2rlgwy7UnxtNKCfCOOOxGw
gpW80oB38qzhHisRXvG9bYgogiYx9gckVFXTv4LrOH4RXZgHbf4TlxwtlWQhC5GA
QUfgOWLrZDBRvn8qJZHM4tgfzoXIj3ktufm4wjPQ/DSSKfzdg+mxIH6WRylIiPD2
oBjaGm7Sbv8/ITC6bBImUm1I30SKFyRMm2ivIwThWrsn0QglVWFfZhwF6Cn6u5FF
CnO4Xs2rC50odX0+cD2DcPRdjC2AzDaZ/FrHjmmfviBOMNxhADnZ07OA57Y0vk8Z
l1vfHA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:13:43 2025 by rpki-client