Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/A8745D50B6AF11EB9703B10BC4F9AE02.roa
File: A8745D50B6AF11EB9703B10BC4F9AE02.roa (raw, json)
Hash identifier: q2pngf6J9C6emnZfLnf2qgST6QcxU+1O8mmPpiLh9Ig=
Subject key identifier: 11:79:88:DD:06:70:B7:C0:BB:C3:CC:A8:37:B2:25:2D:26:BF:1A:99
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 24C6
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/A8745D50B6AF11EB9703B10BC4F9AE02.roa
Signing time: Tue 02 Aug 2022 04:23:06 +0000
ROA not before: Tue 02 Aug 2022 04:23:06 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 142266
IP address blocks: 2402:9e80:29::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9414 (0x24c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D, serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 2 04:23:06 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e8a6a9-5277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:08:46:67:03:9b:64:a0:33:7c:af:3c:c7:f5:
a3:21:49:11:66:0b:85:da:3c:1b:36:79:6d:7e:b6:
33:79:0b:f7:95:66:6a:fa:20:ef:60:17:0f:dd:a6:
da:a4:3c:34:e3:d5:e2:22:e8:01:cc:bf:8e:8f:8d:
8b:86:56:b0:16:78:c3:10:8c:55:c2:9d:7a:e0:0b:
ee:b3:75:f1:e9:e8:b3:60:2e:11:c6:b2:6d:86:4b:
a5:d2:db:81:d3:61:5e:72:f4:34:4b:fc:fd:26:da:
2f:26:69:c4:6b:07:d1:49:db:0d:76:6e:6d:c2:6a:
bb:3e:af:7b:87:96:80:5b:a8:a7:75:35:2c:fa:bc:
3f:c4:82:cf:4a:2d:0c:29:17:fb:b9:44:8c:19:02:
97:47:59:b7:c3:21:ec:5d:fe:45:f1:7f:99:35:08:
da:da:a5:65:9c:e0:bc:cd:e8:e9:22:dd:b4:78:25:
d7:43:e1:e6:b9:d6:5c:09:c6:e6:ab:88:88:30:54:
a1:a9:de:e4:f9:0c:1c:16:fd:66:e4:12:ea:96:31:
57:37:c3:99:5f:be:5c:b2:7e:40:b2:d4:3c:1b:d9:
47:8c:6a:4d:2c:85:99:59:88:55:19:bc:85:23:0e:
29:fb:1f:0e:52:b8:fd:6d:2a:03:1a:f4:e9:64:59:
3d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:79:88:DD:06:70:B7:C0:BB:C3:CC:A8:37:B2:25:2D:26:BF:1A:99
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/A8745D50B6AF11EB9703B10BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:9e80:29::/48
Signature Algorithm: sha256WithRSAEncryption
5f:0c:35:c0:ee:a0:3e:1e:0e:ab:e1:71:dd:f3:5b:a4:e1:46:
4c:1b:e6:df:54:ec:81:79:3a:02:92:58:e1:ee:e3:ec:05:da:
09:e4:5e:76:0a:18:4b:7f:54:94:a6:d3:fd:21:8d:02:3d:9a:
1d:b6:71:cb:f2:c1:88:37:06:e5:45:75:8f:d5:d9:2b:d7:7d:
df:1b:75:0a:e9:22:f6:08:33:57:19:80:4d:2b:51:db:72:b8:
6e:d8:c3:e9:52:f2:ff:57:ec:18:58:64:62:6e:0d:0d:1e:00:
3d:9f:25:b7:8a:e6:3f:72:fd:94:74:e0:9b:87:cf:b5:e5:e7:
4b:85:3e:f6:63:a0:4c:0c:49:50:a1:ee:e7:6e:8c:3c:df:33:
ee:95:22:36:c1:cc:03:c2:68:78:37:3a:ad:06:5d:f5:24:19:
4f:39:0b:fc:f7:26:89:2c:26:bd:25:ac:0c:30:a1:17:29:e5:
ad:43:92:72:c0:c5:eb:e1:a8:d1:49:59:c1:26:26:23:5f:ec:
2d:5d:df:9f:25:73:85:7c:d4:73:da:57:01:5b:91:d8:db:69:
e9:87:e7:d4:fc:a4:b9:a1:d9:89:55:d6:d7:7b:96:4b:12:92:
aa:3d:9e:2b:3b:7f:e1:6a:d7:d5:3e:07:5b:4e:db:95:a8:91:
f8:56:f0:72
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICJMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjIwODAyMDQyMzA2WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU4YTZhOS01Mjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1AhGZwObZKAzfK88x/WjIUkRZguF2jwbNnltfrYzeQv3lWZq+iDvYBcP3aba
pDw049XiIugBzL+Oj42LhlawFnjDEIxVwp164Avus3Xx6eizYC4RxrJthkul0tuB
02FecvQ0S/z9JtovJmnEawfRSdsNdm5twmq7Pq97h5aAW6indTUs+rw/xILPSi0M
KRf7uUSMGQKXR1m3wyHsXf5F8X+ZNQja2qVlnOC8zejpIt20eCXXQ+HmudZcCcbm
q4iIMFShqd7k+QwcFv1m5BLqljFXN8OZX75csn5AstQ8G9lHjGpNLIWZWYhVGbyF
Iw4p+x8OUrj9bSoDGvTpZFk9WwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBF5iN0G
cLfAu8PMqDeyJS0mvxqZMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvQTg3NDVENTBC
NkFGMTFFQjk3MDNCMTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAp6AACkwDQYJKoZIhvcNAQELBQADggEBAF8MNcDuoD4e
Dqvhcd3zW6ThRkwb5t9U7IF5OgKSWOHu4+wF2gnkXnYKGEt/VJSm0/0hjQI9mh22
ccvywYg3BuVFdY/V2SvXfd8bdQrpIvYIM1cZgE0rUdtyuG7Yw+lS8v9X7BhYZGJu
DQ0eAD2fJbeK5j9y/ZR04JuHz7Xl50uFPvZjoEwMSVCh7udujDzfM+6VIjbBzAPC
aHg3Oq0GXfUkGU85C/z3JoksJr0lrAwwoRcp5a1DknLAxevhqNFJWcEmJiNf7C1d
358lc4V81HPaVwFbkdjbaemH59T8pLmh2YlV1td7lksSkqo9nis7f+Fq19U+B1tO
25WokfhW8HI=
-----END CERTIFICATE-----
Generated at Mon May 12 08:30:47 2025 by rpki-client