Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/3F72CF5A795511EF96B0CD47C4F9AE02.roa
File: 3F72CF5A795511EF96B0CD47C4F9AE02.roa (raw, json)
Hash identifier: u07iBEpmQGEoIsAFlB7kcWFdlvM7HbnX8K+3GQX6ND8=
Subject key identifier: 99:0F:0F:91:4E:D4:7C:53:22:CF:57:E2:BD:38:A1:B8:78:56:A6:25
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 27C3
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/3F72CF5A795511EF96B0CD47C4F9AE02.roa
Signing time: Mon 23 Sep 2024 02:40:52 +0000
ROA not before: Mon 23 Sep 2024 02:40:52 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 133177
IP address blocks: 43.250.126.0/24 maxlen: 24
43.250.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10179 (0x27c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9, serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Sep 23 02:40:52 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f0d533-aa40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:59:5c:0c:b2:83:2c:32:7c:02:0a:97:40:9e:
4b:fd:5b:c8:4d:e1:b0:64:4c:2a:cb:e2:85:3e:00:
5b:b2:45:20:05:d5:36:b4:23:c2:02:70:78:bd:83:
7c:6e:64:b9:40:45:c9:df:7c:cb:63:e2:8a:aa:8c:
e7:cf:fc:f9:d4:86:a9:d8:7c:1f:68:46:cd:da:8e:
f9:a7:98:95:10:ff:f5:2c:5a:d8:e5:ad:30:e8:d9:
fe:2f:3c:a6:52:59:e8:3b:f3:a8:46:0a:d6:3f:cf:
43:d4:5a:c7:35:42:cc:a1:c1:28:72:8c:54:6e:d2:
1e:68:fb:a5:dd:b7:fe:50:25:e5:01:f8:9c:cf:70:
04:7c:b1:e2:05:48:76:47:0c:8c:8d:a4:24:0c:99:
15:ed:51:4f:30:27:48:c4:a4:87:ab:ca:c7:94:2d:
84:48:e3:ec:a4:95:b5:c3:ff:c9:3d:05:9a:6b:a4:
0b:e8:03:12:ab:2d:ff:44:11:09:db:28:12:b6:5d:
e2:64:96:14:1f:0a:41:9c:d8:60:dc:45:f5:ab:30:
7e:2d:60:63:10:a3:52:6d:70:7c:5e:95:40:b1:41:
6e:78:5d:b3:61:9d:58:eb:d3:a8:dd:74:bf:1d:56:
2d:07:59:5b:77:03:cc:93:82:6a:6a:af:5f:87:58:
80:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0F:0F:91:4E:D4:7C:53:22:CF:57:E2:BD:38:A1:B8:78:56:A6:25
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/3F72CF5A795511EF96B0CD47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.126.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:e5:89:05:97:d5:d3:08:e6:64:6b:29:59:55:3c:0c:c9:a7:
61:86:ff:a3:9f:4b:a5:96:a7:b2:6c:1f:62:bb:8d:fb:af:61:
d0:65:14:10:15:dd:6f:6d:0a:25:68:50:76:8f:5f:13:08:9d:
ac:fe:b8:70:1c:de:ab:7a:59:ff:f5:2b:e2:c4:fb:5b:59:b4:
fd:58:7b:4f:4c:35:4c:7b:36:fc:40:8b:b9:d4:28:81:24:9b:
6b:96:38:b9:f6:2b:cf:51:1f:22:a9:b9:fa:71:ed:7e:08:e6:
75:00:4d:29:42:7a:ab:8c:92:88:9b:7e:ec:8c:c4:05:c0:a7:
b9:9c:b2:16:a5:82:ec:64:f5:e6:a0:10:63:47:64:dd:a8:a8:
19:3b:97:32:d8:fb:78:2f:f1:68:e9:85:6a:bb:55:a9:5f:c4:
1b:23:ce:a7:11:23:16:7f:86:50:b4:9c:a1:ed:43:3b:ac:2a:
09:d8:d2:24:01:15:b8:12:d5:c1:2d:9d:a8:9c:c0:1a:a2:83:
07:f2:6e:c2:39:34:54:81:9e:31:45:88:e0:d7:43:42:8f:f5:
2a:59:c5:63:dd:b0:64:e9:c7:42:17:aa:b2:7b:7d:7c:ff:5d:
26:98:5c:1d:22:e9:40:ad:77:4c:b4:47:11:5b:8f:06:32:56:
49:a5:ee:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwOTIzMDI0MDUyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYwZDUzMy1hYTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz1lcDLKDLDJ8AgqXQJ5L/VvITeGwZEwqy+KFPgBbskUgBdU2tCPCAnB4vYN8
bmS5QEXJ33zLY+KKqoznz/z51Iap2HwfaEbN2o75p5iVEP/1LFrY5a0w6Nn+Lzym
UlnoO/OoRgrWP89D1FrHNULMocEocoxUbtIeaPul3bf+UCXlAficz3AEfLHiBUh2
RwyMjaQkDJkV7VFPMCdIxKSHq8rHlC2ESOPspJW1w//JPQWaa6QL6AMSqy3/RBEJ
2ygStl3iZJYUHwpBnNhg3EX1qzB+LWBjEKNSbXB8XpVAsUFueF2zYZ1Y69Oo3XS/
HVYtB1lbdwPMk4Jqaq9fh1iAbQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJkPD5FO
1HxTIs9X4r04obh4VqYlMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvM0Y3MkNGNUE3
OTU1MTFFRjk2QjBDRDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr+n4wDQYJKoZIhvcNAQELBQADggEBAH3liQWX1dMI5mRr
KVlVPAzJp2GG/6OfS6WWp7JsH2K7jfuvYdBlFBAV3W9tCiVoUHaPXxMInaz+uHAc
3qt6Wf/1K+LE+1tZtP1Ye09MNUx7NvxAi7nUKIEkm2uWOLn2K89RHyKpufpx7X4I
5nUATSlCequMkoibfuyMxAXAp7mcshalguxk9eagEGNHZN2oqBk7lzLY+3gv8Wjp
hWq7ValfxBsjzqcRIxZ/hlC0nKHtQzusKgnY0iQBFbgS1cEtnaicwBqigwfybsI5
NFSBnjFFiODXQ0KP9SpZxWPdsGTpx0IXqrJ7fXz/XSaYXB0i6UCtd0y0RxFbjwYy
Vkml7pw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:04:52 2025 by rpki-client