Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/0232AA081A5A11EE89B07267C4F9AE02.roa
File: 0232AA081A5A11EE89B07267C4F9AE02.roa (raw, json)
Hash identifier: P5HQhYR+fxbS8eiY1UUGIhZ8ZdC+WHOo76pfZB735ac=
Subject key identifier: 35:84:0E:84:6B:5C:55:5F:06:30:09:D5:40:33:AD:8F:16:B7:E7:9A
Certificate issuer: /CN=A91F6FC3/serialNumber=66025976B75F5C29F42C1D80CF4888F7D46058D7
Certificate serial: 344B
Authority key identifier: 66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/0232AA081A5A11EE89B07267C4F9AE02.roa
Signing time: Wed 30 Oct 2024 22:02:47 +0000
ROA not before: Wed 30 Oct 2024 22:02:47 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9301
IP address blocks: 122.200.160.0/20 maxlen: 20
203.4.162.0/24 maxlen: 24
203.5.127.0/24 maxlen: 24
203.31.57.0/24 maxlen: 24
203.31.101.0/24 maxlen: 24
203.33.71.0/24 maxlen: 24
203.57.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13387 (0x344b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6FC3, serialNumber=66025976B75F5C29F42C1D80CF4888F7D46058D7
Validity
Not Before: Oct 30 22:02:47 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6722ad06-7919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:98:f5:79:6b:79:ea:83:f9:ea:23:7f:84:ed:
12:3b:92:4f:f9:33:64:88:5a:38:95:19:27:32:ff:
a8:23:d1:54:92:58:52:a5:9d:38:40:5e:40:c1:ad:
84:fc:85:c2:0d:e2:ca:a1:34:dd:ab:56:f6:cc:8b:
3c:4d:1a:91:70:a4:fd:4a:8b:1a:d4:ab:f1:fa:d0:
ca:3f:eb:e8:0e:9c:fa:96:46:ce:d9:d8:45:2b:bf:
3e:f8:99:28:3c:81:c7:b8:4a:60:97:2f:b5:80:9d:
fe:b2:52:1a:8e:33:36:12:ef:82:46:70:87:c1:d0:
10:af:1c:fb:fe:8e:3f:c8:37:e5:9d:fe:c2:1e:92:
1d:83:3b:30:bc:0d:59:af:47:6e:c6:3b:7a:03:d5:
55:12:8f:57:6c:f1:8a:0d:4e:af:a6:36:5c:bf:44:
df:ed:68:0f:36:79:a3:ac:b7:ec:26:72:e9:8c:10:
84:b0:fa:13:12:03:2d:5d:fa:8a:cb:90:02:7b:41:
c3:72:7c:88:e3:41:03:7a:15:4f:2e:20:d9:ac:e6:
b7:87:df:bf:53:96:b0:64:ff:99:a7:06:e2:f9:dd:
04:e3:a5:3a:60:36:4e:b4:fc:a4:21:5b:e5:56:6b:
6e:5b:3a:8a:dc:cc:f0:6c:45:ff:0f:8e:04:da:2c:
6d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:84:0E:84:6B:5C:55:5F:06:30:09:D5:40:33:AD:8F:16:B7:E7:9A
X509v3 Authority Key Identifier:
keyid:66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/0232AA081A5A11EE89B07267C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.200.160.0/20
203.4.162.0/24
203.5.127.0/24
203.31.57.0/24
203.31.101.0/24
203.33.71.0/24
203.57.79.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:60:4f:ca:76:9c:85:50:07:54:b7:b1:55:65:b1:71:c2:ae:
5e:1b:60:02:84:d4:db:df:d6:1b:d8:ec:3f:ca:4e:d2:0c:1c:
26:6c:57:d4:f6:1c:2e:38:28:78:32:4f:f1:b9:69:c7:d5:79:
29:c5:7b:f2:a9:26:50:59:38:87:88:6a:98:40:05:6a:fa:3e:
d7:e3:e1:cc:e1:9f:d9:4e:73:65:60:2b:d9:8b:75:f3:d1:aa:
6b:c6:82:5c:0d:a9:41:ea:7e:0f:b0:6b:5a:88:c6:6e:2b:62:
14:48:07:e8:6f:d2:67:26:ae:cc:54:b4:1f:ed:e2:c7:2a:9d:
79:52:81:a0:e9:6c:59:7b:40:dd:8d:ac:07:ec:e8:28:cc:df:
54:e8:f1:24:7b:ad:35:aa:40:ef:89:7d:c7:30:99:9f:55:cd:
9e:52:8a:e9:34:f2:3c:6b:97:2f:65:62:66:32:f4:e0:08:f4:
9c:3a:14:80:49:3a:6d:5f:97:23:41:40:39:db:44:25:31:bf:
ef:3d:4c:f3:35:2c:26:b9:4c:67:7f:86:0a:22:49:22:dd:81:
59:76:f6:30:2b:3d:c9:c1:e7:27:91:b4:38:a8:36:86:31:2f:
55:00:0b:5f:a3:fa:70:e6:89:22:8f:df:99:31:9b:04:12:6c:
bb:44:63:33
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICNEswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZGQzMxMTAvBgNVBAUTKDY2MDI1OTc2Qjc1RjVDMjlGNDJDMUQ4MENGNDg4OEY3
RDQ2MDU4RDcwHhcNMjQxMDMwMjIwMjQ3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIyYWQwNi03OTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzJj1eWt56oP56iN/hO0SO5JP+TNkiFo4lRknMv+oI9FUklhSpZ04QF5Awa2E
/IXCDeLKoTTdq1b2zIs8TRqRcKT9Sosa1Kvx+tDKP+voDpz6lkbO2dhFK78++Jko
PIHHuEpgly+1gJ3+slIajjM2Eu+CRnCHwdAQrxz7/o4/yDflnf7CHpIdgzswvA1Z
r0duxjt6A9VVEo9XbPGKDU6vpjZcv0Tf7WgPNnmjrLfsJnLpjBCEsPoTEgMtXfqK
y5ACe0HDcnyI40EDehVPLiDZrOa3h9+/U5awZP+Zpwbi+d0E46U6YDZOtPykIVvl
VmtuWzqK3MzwbEX/D44E2ixtcQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFDWEDoRr
XFVfBjAJ1UAzrY8Wt+eaMB8GA1UdIwQYMBaAFGYCWXa3X1wp9CwdgM9IiPfUYFjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkZDMy9GQzkwNzgwMjFE
OTIxMUUyQjNCQzJDRjYwOEIwMkNEMi9aZ0paZHJkZlhDbjBMQjJBejBpSTk5UmdX
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pnSlpkcmRmWENuMExCMkF6MGlJOTlSZ1dOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZGQzMvRkM5MDc4MDIxRDkyMTFFMkIzQkMyQ0Y2MDhCMDJDRDIvMDIzMkFBMDgx
QTVBMTFFRTg5QjA3MjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAR6yKADBADLBKIDBADLBX8DBADLHzkDBADLH2UDBADLIUcD
BADLOU8wDQYJKoZIhvcNAQELBQADggEBAF1gT8p2nIVQB1S3sVVlsXHCrl4bYAKE
1Nvf1hvY7D/KTtIMHCZsV9T2HC44KHgyT/G5acfVeSnFe/KpJlBZOIeIaphABWr6
Ptfj4czhn9lOc2VgK9mLdfPRqmvGglwNqUHqfg+wa1qIxm4rYhRIB+hv0mcmrsxU
tB/t4scqnXlSgaDpbFl7QN2NrAfs6CjM31To8SR7rTWqQO+JfccwmZ9VzZ5Siuk0
8jxrly9lYmYy9OAI9Jw6FIBJOm1flyNBQDnbRCUxv+89TPM1LCa5TGd/hgoiSSLd
gVl29jArPcnB5yeRtDioNoYxL1UAC1+j+nDmiSKP35kxmwQSbLtEYzM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:10:41 2025 by rpki-client