Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7492FE4A1CAD11EEA46B151DC4F9AE02.roa
File: 7492FE4A1CAD11EEA46B151DC4F9AE02.roa (raw, json)
Hash identifier: chAQN35zfedU2+0MQWvf8QFA3AC5zVCo08tW1bIDqxM=
Subject key identifier: A0:88:E1:EC:7A:C6:EA:45:F4:95:47:7E:47:3A:37:08:AE:66:45:02
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 0268
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7492FE4A1CAD11EEA46B151DC4F9AE02.roa
Signing time: Fri 07 Jul 2023 10:03:00 +0000
ROA not before: Fri 07 Jul 2023 10:03:00 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 6830
IP address blocks: 223.29.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 616 (0x268)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73, serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Jul 7 10:03:00 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64a7e2d4-6c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:24:70:2b:6e:43:19:b3:5d:6f:6d:f1:15:
46:64:37:b9:da:cd:00:0e:86:20:80:12:ca:18:c4:
e9:fb:ab:57:33:a1:7f:8b:5d:dc:39:cf:06:61:38:
04:d0:e3:8b:58:17:50:69:70:60:a6:35:64:7c:42:
fa:e0:d0:fd:a5:2e:7a:e0:89:e0:44:8e:c7:75:23:
46:30:fd:ba:16:72:a5:b3:92:1c:83:53:db:34:25:
a4:55:ba:ea:ff:d5:00:02:23:a8:24:be:24:8b:b8:
4c:74:31:21:10:79:2a:ec:a1:21:79:06:18:eb:46:
62:7b:47:75:53:a5:7a:c7:73:d8:e1:86:e8:5d:b5:
ac:61:74:17:bb:dc:5d:b9:d1:2d:b2:9b:6e:10:c4:
26:28:ce:e1:c8:26:9b:90:21:d1:14:b8:39:a9:e1:
b3:aa:4b:d6:ef:a1:59:4f:22:84:8b:76:76:e9:bb:
f5:6f:22:e1:56:89:89:99:34:fd:b4:f9:fe:76:1d:
e5:85:03:7e:6d:59:84:46:31:a9:7e:2c:b3:79:09:
37:90:99:74:60:f9:75:5f:16:80:ee:a2:11:ac:6b:
4d:0f:eb:27:c9:66:ca:bc:77:47:66:19:e8:a3:a2:
2a:ad:1a:9f:9f:b6:de:f8:0c:71:1d:b4:7e:23:8e:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:88:E1:EC:7A:C6:EA:45:F4:95:47:7E:47:3A:37:08:AE:66:45:02
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/7492FE4A1CAD11EEA46B151DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.168.0/22
Signature Algorithm: sha256WithRSAEncryption
69:29:d8:62:df:a2:0f:43:d7:ec:46:87:fe:5b:c5:28:e3:71:
57:9e:3e:0a:fe:0f:9a:aa:a3:12:59:0d:a6:18:89:8a:dd:60:
cb:1a:8b:67:a2:18:2d:a2:8c:a1:1e:30:42:52:4c:c1:10:2e:
9a:97:86:16:2d:4e:aa:f8:9d:0c:3f:10:e0:ff:d9:c5:d9:c5:
73:cd:3c:b9:f5:9b:ec:b7:28:da:7d:51:03:23:3d:61:d4:59:
24:64:4b:94:9e:81:03:a6:31:21:6b:3c:35:7a:63:87:b0:98:
bd:3d:b7:9d:d7:24:3f:a5:50:9b:1e:73:a4:b2:a2:d6:af:4d:
22:1e:c4:7f:70:57:5c:b7:ff:37:e6:2a:f3:6d:b1:9c:f2:c5:
7a:b4:1c:9f:33:d0:ae:74:77:ec:1c:22:a6:4b:56:49:9b:d4:
6b:8b:c2:ed:c5:a5:b9:f0:d9:f3:e8:dd:ce:d6:5c:36:8a:31:
11:91:c9:05:f6:c5:96:e5:f4:3e:fe:3f:4f:6d:14:88:66:9a:
ab:22:5e:e9:4d:1e:05:ad:d1:a1:73:4c:92:ad:1b:0a:b3:78:
c5:02:f4:37:79:8b:45:db:7a:8e:ca:8d:03:35:4b:03:1a:54:
95:eb:6c:09:c3:f4:a0:1d:d8:72:60:8f:bd:34:9f:23:73:16:
5e:64:ec:5e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjMwNzA3MTAwMzAwWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE3ZTJkNC02YzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0dwkcCtuQxmzXW9t8RVGZDe52s0ADoYggBLKGMTp+6tXM6F/i13cOc8GYTgE
0OOLWBdQaXBgpjVkfEL64ND9pS564IngRI7HdSNGMP26FnKls5Icg1PbNCWkVbrq
/9UAAiOoJL4ki7hMdDEhEHkq7KEheQYY60Zie0d1U6V6x3PY4YboXbWsYXQXu9xd
udEtsptuEMQmKM7hyCabkCHRFLg5qeGzqkvW76FZTyKEi3Z26bv1byLhVomJmTT9
tPn+dh3lhQN+bVmERjGpfiyzeQk3kJl0YPl1XxaA7qIRrGtND+snyWbKvHdHZhno
o6IqrRqfn7be+AxxHbR+I46/HwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKCI4ex6
xupF9JVHfkc6NwiuZkUCMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvNzQ5MkZFNEEx
Q0FEMTFFRUE0NkIxNTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALfHagwDQYJKoZIhvcNAQELBQADggEBAGkp2GLfog9D1+xG
h/5bxSjjcVeePgr+D5qqoxJZDaYYiYrdYMsai2eiGC2ijKEeMEJSTMEQLpqXhhYt
Tqr4nQw/EOD/2cXZxXPNPLn1m+y3KNp9UQMjPWHUWSRkS5SegQOmMSFrPDV6Y4ew
mL09t53XJD+lUJsec6SyotavTSIexH9wV1y3/zfmKvNtsZzyxXq0HJ8z0K50d+wc
IqZLVkmb1GuLwu3Fpbnw2fPo3c7WXDaKMRGRyQX2xZbl9D7+P09tFIhmmqsiXulN
HgWt0aFzTJKtGwqzeMUC9Dd5i0Xbeo7KjQM1SwMaVJXrbAnD9KAd2HJgj700nyNz
Fl5k7F4=
-----END CERTIFICATE-----
Generated at Mon May 12 12:36:44 2025 by rpki-client