Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/40435C347A2611EF9C8A9F54C4F9AE02.roa
File: 40435C347A2611EF9C8A9F54C4F9AE02.roa (raw, json)
Hash identifier: sA/9PgMYArJlk67ArBcGGqYvmMXmuGpoBP0a03TACKM=
Subject key identifier: CA:D9:EA:40:2A:38:58:42:1E:11:2D:65:ED:25:A0:C0:2B:D4:7A:7F
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 27E4
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/40435C347A2611EF9C8A9F54C4F9AE02.roa
Signing time: Tue 24 Sep 2024 03:36:58 +0000
ROA not before: Tue 24 Sep 2024 03:36:58 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 214760
IP address blocks: 43.250.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10212 (0x27e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9, serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Sep 24 03:36:58 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66f233d9-63bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d0:7d:0c:fa:60:1e:f0:d4:44:83:93:81:34:
7a:4a:cc:a9:0b:9a:7f:5f:ca:0f:55:89:c4:d6:fa:
c1:07:67:0d:0e:40:88:16:55:4c:12:44:c2:17:b0:
08:55:db:0b:00:c3:da:8c:d3:94:fa:fe:37:f6:49:
21:80:94:9c:73:70:27:8b:60:ad:a2:92:68:39:4d:
86:e6:cf:d3:d7:32:eb:90:aa:4c:1e:bc:09:4d:47:
18:b2:42:4f:0c:44:1a:f7:dc:6d:39:ba:af:e0:c8:
3f:fc:f5:06:6d:2f:25:5f:d4:99:77:39:72:8f:28:
8e:88:7f:90:be:ab:c7:e8:3e:1c:d8:af:95:02:c6:
6b:2b:7f:4b:f9:8e:01:9a:84:7d:98:05:85:5e:ec:
46:b5:1b:36:5f:b8:e7:54:ce:ad:1f:24:5c:6e:47:
c1:35:82:70:20:c5:e4:87:9a:d6:3c:d0:c6:8a:ac:
ca:5c:52:a8:05:1d:9d:04:af:95:06:d9:d8:8c:cb:
34:8e:9c:9e:5d:94:b9:83:9d:0c:99:27:c2:dd:d7:
96:a2:78:ae:0b:db:c0:9a:c1:4e:11:a8:2b:14:c5:
fe:02:89:52:9b:a3:e3:ed:b7:bf:e5:8e:ab:f1:24:
b9:dc:79:f0:e6:6e:59:72:fc:b1:68:e6:81:31:d4:
81:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D9:EA:40:2A:38:58:42:1E:11:2D:65:ED:25:A0:C0:2B:D4:7A:7F
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/40435C347A2611EF9C8A9F54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.125.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:af:8b:a1:ca:3b:ad:f3:9a:59:57:ca:a4:c4:86:6a:c6:21:
7a:6d:ee:66:d3:28:98:ee:f1:b7:36:f5:e0:ed:b0:4c:3f:e2:
08:d9:30:88:2d:3c:59:3d:63:53:44:e1:6d:28:c1:56:f4:bd:
4f:b0:ca:71:1f:5a:2a:37:90:42:9a:42:76:ab:9f:5e:0d:e9:
0f:ab:5f:28:12:ac:ff:c9:05:5b:a7:54:5d:90:b6:40:67:96:
81:d7:8b:41:79:fc:6e:b0:cd:ed:72:e4:27:30:90:f5:19:d1:
10:37:5b:23:1d:6a:c3:cf:de:45:57:b3:81:6d:2e:e4:58:07:
ab:23:89:15:78:06:08:28:6f:18:6a:7c:ef:a3:5b:1a:00:e5:
38:15:b7:7c:ee:c5:98:eb:24:23:ae:04:39:57:11:24:6e:9f:
ff:b8:6f:11:51:43:93:a2:a8:37:4f:1b:b5:c5:81:1a:74:46:
fa:e4:a3:76:17:92:83:ae:e4:60:32:f0:e9:89:d9:1a:c8:38:
ad:c6:2e:de:18:96:5c:a3:fe:ca:e9:c9:40:79:9f:df:63:ba:
e5:25:bf:95:de:06:54:8d:ab:3a:fe:97:5c:0d:72:70:51:99:
da:2f:60:f0:11:b0:71:58:2b:bd:6f:43:b4:42:d9:cc:74:f0:
89:7b:3e:ac
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJ+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjQwOTI0MDMzNjU4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyMzNkOS02M2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv9B9DPpgHvDURIOTgTR6SsypC5p/X8oPVYnE1vrBB2cNDkCIFlVMEkTCF7AI
VdsLAMPajNOU+v439kkhgJScc3Ani2CtopJoOU2G5s/T1zLrkKpMHrwJTUcYskJP
DEQa99xtObqv4Mg//PUGbS8lX9SZdzlyjyiOiH+QvqvH6D4c2K+VAsZrK39L+Y4B
moR9mAWFXuxGtRs2X7jnVM6tHyRcbkfBNYJwIMXkh5rWPNDGiqzKXFKoBR2dBK+V
BtnYjMs0jpyeXZS5g50MmSfC3deWoniuC9vAmsFOEagrFMX+AolSm6Pj7be/5Y6r
8SS53Hnw5m5ZcvyxaOaBMdSBeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMrZ6kAq
OFhCHhEtZe0loMAr1Hp/MB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvNDA0MzVDMzQ3
QTI2MTFFRjlDOEE5RjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+n0wDQYJKoZIhvcNAQELBQADggEBAH+vi6HKO63zmllX
yqTEhmrGIXpt7mbTKJju8bc29eDtsEw/4gjZMIgtPFk9Y1NE4W0owVb0vU+wynEf
Wio3kEKaQnarn14N6Q+rXygSrP/JBVunVF2QtkBnloHXi0F5/G6wze1y5CcwkPUZ
0RA3WyMdasPP3kVXs4FtLuRYB6sjiRV4BggobxhqfO+jWxoA5TgVt3zuxZjrJCOu
BDlXESRun/+4bxFRQ5OiqDdPG7XFgRp0Rvrko3YXkoOu5GAy8OmJ2RrIOK3GLt4Y
llyj/srpyUB5n99juuUlv5XeBlSNqzr+l1wNcnBRmdovYPARsHFYK71vQ7RC2cx0
8Il7Pqw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:14:09 2025 by rpki-client