Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/1BB77A52B85311EE88051B6CC4F9AE02.roa
File: 1BB77A52B85311EE88051B6CC4F9AE02.roa (raw, json)
Hash identifier: pT+aoNXRg5EH7H4nDRkW3hPevMcHQTTWmkksabrTpJ0=
Subject key identifier: 9B:6E:D6:00:32:AC:6F:71:00:30:4D:04:A4:AA:B0:98:F0:60:E8:27
Certificate issuer: /CN=A91388E0/serialNumber=25242E131997835BFC9B180405C797C6289447E7
Certificate serial: 02
Authority key identifier: 25:24:2E:13:19:97:83:5B:FC:9B:18:04:05:C7:97:C6:28:94:47:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JSQuExmXg1v8mxgEBceXxiiUR-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/1BB77A52B85311EE88051B6CC4F9AE02.roa
Signing time: Sun 21 Jan 2024 11:49:18 +0000
ROA not before: Sun 21 Jan 2024 11:49:18 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 152336
IP address blocks: 157.10.244.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91388E0, serialNumber=25242E131997835BFC9B180405C797C6289447E7
Validity
Not Before: Jan 21 11:49:18 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65ad04be-48d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e2:24:8a:36:5c:b6:f1:d3:2c:93:35:ba:44:
36:99:54:b2:35:57:18:2d:ad:21:53:e8:cb:4e:3e:
c7:b5:6d:a9:d2:f9:79:d6:c3:8e:1a:23:a5:d8:65:
c0:4c:ea:dd:27:b5:18:1c:2f:d7:f5:d7:54:fa:62:
db:39:9c:4c:a0:83:25:da:68:f7:ff:69:e2:c9:76:
6b:ef:e1:97:37:80:a0:5b:35:5f:11:16:ff:38:32:
3e:e8:18:dc:21:a7:32:f5:20:3a:32:77:4b:75:2c:
ce:b9:5d:2b:4c:42:5b:b3:77:aa:21:a3:de:a8:e1:
92:ec:ac:66:33:63:99:9d:53:3f:c9:55:c6:a3:ba:
eb:51:01:98:85:03:5b:6f:40:63:73:cd:af:aa:f0:
f4:6b:77:1f:da:8d:96:ea:9d:ed:bd:e7:94:42:1c:
62:9a:9a:e2:3c:4c:5f:64:c7:02:c8:3f:45:a0:c3:
21:37:f0:a7:a1:1f:f1:89:54:83:79:70:17:e7:28:
69:e0:dd:c8:67:8a:a0:ab:cb:73:d8:80:1d:ea:89:
3b:b4:85:e4:80:4c:d8:1e:d6:6b:55:9b:4c:c1:76:
21:72:41:db:86:dc:68:79:e7:99:68:dc:b2:f9:65:
1d:ab:d7:0d:41:92:e8:7b:08:de:3e:f4:fc:2e:6f:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6E:D6:00:32:AC:6F:71:00:30:4D:04:A4:AA:B0:98:F0:60:E8:27
X509v3 Authority Key Identifier:
keyid:25:24:2E:13:19:97:83:5B:FC:9B:18:04:05:C7:97:C6:28:94:47:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/JSQuExmXg1v8mxgEBceXxiiUR-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JSQuExmXg1v8mxgEBceXxiiUR-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91388E0/4CBB1B32B85211EE8ACAA96AC4F9AE02/1BB77A52B85311EE88051B6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.244.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:b1:c8:02:7a:98:6f:42:7f:96:f2:ee:39:dd:fb:4b:d1:15:
21:ad:c8:4e:6b:d6:cf:50:f8:c1:fc:04:22:4d:12:c3:f9:7a:
b0:ec:9a:cb:3e:07:14:60:c2:09:c1:af:8b:ca:2f:d0:93:c4:
58:1c:88:7e:09:c6:9f:b3:9b:b0:55:be:ca:70:62:83:2d:d7:
22:74:9c:1d:66:09:60:22:3a:03:70:79:b4:bb:aa:40:ef:e5:
6f:1f:6c:48:fe:df:9a:03:e3:0a:4e:15:ba:00:e9:40:10:b6:
ef:5c:3e:8f:29:90:c5:ed:1d:28:51:90:7b:96:90:4f:25:d8:
e1:41:53:af:60:02:fb:5a:2d:ae:3c:75:ae:4b:62:65:f0:62:
e8:b0:65:7a:f8:c2:7a:97:6a:ee:2f:2d:8b:d8:3a:ca:6d:f1:
bb:99:90:e1:dc:ba:fe:b0:fc:76:63:06:79:49:72:09:34:bf:
f7:39:68:0a:92:a7:f7:82:77:ee:2b:03:f2:3e:f0:7c:d2:86:
14:5c:de:56:be:9a:e6:54:66:87:4d:bb:19:30:96:8d:74:c8:
cf:52:6d:70:7f:73:d2:bd:26:58:fe:99:5d:61:0c:58:da:52:
19:7a:cf:7b:e6:e1:6f:5c:93:8a:a6:a6:2b:46:79:e2:52:ba:
b4:a9:30:32
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
ODhFMDExMC8GA1UEBRMoMjUyNDJFMTMxOTk3ODM1QkZDOUIxODA0MDVDNzk3QzYy
ODk0NDdFNzAeFw0yNDAxMjExMTQ5MThaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YWQwNGJlLTQ4ZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDd4iSKNly28dMskzW6RDaZVLI1VxgtrSFT6MtOPse1banS+XnWw44aI6XYZcBM
6t0ntRgcL9f111T6Yts5nEyggyXaaPf/aeLJdmvv4Zc3gKBbNV8RFv84Mj7oGNwh
pzL1IDoyd0t1LM65XStMQluzd6oho96o4ZLsrGYzY5mdUz/JVcajuutRAZiFA1tv
QGNzza+q8PRrdx/ajZbqne2955RCHGKamuI8TF9kxwLIP0WgwyE38KehH/GJVIN5
cBfnKGng3chniqCry3PYgB3qiTu0heSATNge1mtVm0zBdiFyQduG3Gh555lo3LL5
ZR2r1w1Bkuh7CN4+9Pwub18nAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUm27WADKs
b3EAME0EpKqwmPBg6CcwHwYDVR0jBBgwFoAUJSQuExmXg1v8mxgEBceXxiiUR+cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4OEUwLzRDQkIxQjMyQjg1
MjExRUU4QUNBQTk2QUM0RjlBRTAyL0pTUXVFeG1YZzF2OG14Z0VCY2VYeGlpVVIt
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSlNRdUV4bVhnMXY4bXhnRUJjZVh4aWlVUi1jLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
ODhFMC80Q0JCMUIzMkI4NTIxMUVFOEFDQUE5NkFDNEY5QUUwMi8xQkI3N0E1MkI4
NTMxMUVFODgwNTFCNkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0K9DANBgkqhkiG9w0BAQsFAAOCAQEAHLHIAnqYb0J/lvLu
Od37S9EVIa3ITmvWz1D4wfwEIk0Sw/l6sOyayz4HFGDCCcGvi8ov0JPEWByIfgnG
n7ObsFW+ynBigy3XInScHWYJYCI6A3B5tLuqQO/lbx9sSP7fmgPjCk4VugDpQBC2
71w+jymQxe0dKFGQe5aQTyXY4UFTr2AC+1otrjx1rktiZfBi6LBlevjCepdq7i8t
i9g6ym3xu5mQ4dy6/rD8dmMGeUlyCTS/9zloCpKn94J37isD8j7wfNKGFFzeVr6a
5lRmh027GTCWjXTIz1JtcH9z0r0mWP6ZXWEMWNpSGXrPe+bhb1yTiqamK0Z54lK6
tKkwMg==
-----END CERTIFICATE-----
Generated at Thu May 15 18:25:10 2025 by rpki-client