Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2B897C7CEC2011EEB96C6583C4F9AE02.roa
File: 2B897C7CEC2011EEB96C6583C4F9AE02.roa (raw, json)
Hash identifier: SgkcZ+1aitasV/iZg7aq9ejOHa+REeDNUzN668Bh5G4=
Subject key identifier: C5:56:8C:EF:D1:D2:8E:B6:AB:59:42:B0:6F:57:5B:06:EC:79:93:34
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1017
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2B897C7CEC2011EEB96C6583C4F9AE02.roa
Signing time: Wed 27 Mar 2024 09:55:41 +0000
ROA not before: Wed 27 Mar 2024 09:55:41 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 113.203.225.0/24 maxlen: 24
113.203.251.0/24 maxlen: 24
180.178.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4119 (0x1017)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 27 09:55:41 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6603ed1d-8b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:2f:a4:ac:a5:16:c7:73:45:16:c1:e2:c4:
8d:41:e7:5f:03:c1:a5:46:8b:a5:23:3a:ed:ef:2a:
44:a4:6a:58:e1:ee:f3:24:c7:f7:a6:5b:cb:1e:9e:
cd:92:de:15:00:fb:47:dd:a5:d2:bf:b6:57:a5:99:
56:ca:69:52:ba:07:ad:cc:66:ed:07:57:51:06:8a:
1e:92:f4:1b:30:14:c1:f8:bf:26:7b:61:37:c4:e5:
cb:66:6a:55:56:c3:f7:36:a1:b9:ba:70:4c:06:1c:
fd:b2:1e:42:b5:c0:1c:7d:3f:1b:12:86:d7:70:d6:
b9:3c:8c:ab:47:57:94:80:5f:19:83:1e:3d:5e:87:
91:db:7c:b0:9f:e8:33:ee:4f:79:ae:a3:8b:e8:66:
09:7b:e0:fd:77:ff:80:43:9f:92:1a:7c:18:09:dc:
50:be:86:2c:14:dc:a0:d7:4c:a0:3e:bc:14:1f:7e:
56:9f:af:ff:8d:54:58:66:6e:62:5a:2c:fb:e0:a6:
c5:52:e8:ab:0b:f4:e1:4c:f6:97:4b:aa:f7:4b:7e:
c4:cc:23:24:3d:28:5e:cb:27:ab:43:6f:2f:c9:d4:
4c:32:10:21:5a:cb:b1:c0:7b:38:23:c7:5f:4b:96:
c8:61:38:db:11:78:00:df:bf:d9:1b:19:3f:14:09:
50:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:56:8C:EF:D1:D2:8E:B6:AB:59:42:B0:6F:57:5B:06:EC:79:93:34
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2B897C7CEC2011EEB96C6583C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.225.0/24
113.203.251.0/24
180.178.186.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d8:43:fc:26:11:91:7a:c7:9b:49:c2:69:37:06:b3:b5:bd:
c2:f3:16:08:08:16:37:8d:22:5e:fd:c3:5b:09:4b:fe:cc:a8:
5f:50:51:c7:a7:90:0c:3c:34:01:a0:9a:81:7a:d4:b7:6a:1c:
e7:89:db:ab:8f:25:1a:87:63:65:c4:88:a4:a9:ec:96:41:01:
d8:0b:49:94:3e:58:1c:41:ae:c4:be:f7:9a:ea:9f:c4:fd:8a:
9d:b3:aa:55:80:8d:db:af:78:42:41:6c:b7:0e:ef:14:20:b2:
a3:5e:7b:8f:14:0a:81:2f:1b:42:c5:ef:8b:e6:68:1d:01:a3:
9a:9b:da:94:21:d0:e5:53:86:c6:44:26:64:64:04:07:f0:cf:
1f:67:63:76:19:79:c8:39:55:d4:f9:72:74:95:30:57:8d:80:
54:df:9d:94:16:e1:bf:90:2e:ee:66:82:74:e6:0a:1a:95:8d:
4c:bb:76:b4:86:68:a3:73:12:44:9c:5e:fb:d5:f4:07:c7:bc:
c4:6b:4a:48:63:3b:5f:4b:37:3a:a7:64:c4:e9:99:4c:f7:f9:
98:05:db:da:05:af:d1:02:c3:46:fc:e8:0f:2c:f3:2c:2a:21:
b5:47:62:07:6d:7e:c2:8d:4b:2d:f2:c9:2a:8d:b1:e6:1b:e0:
bd:11:12:ae
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICEBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwMzI3MDk1NTQxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzZWQxZC04YjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBkvpKylFsdzRRbB4sSNQedfA8GlRoulIzrt7ypEpGpY4e7zJMf3plvLHp7N
kt4VAPtH3aXSv7ZXpZlWymlSugetzGbtB1dRBooekvQbMBTB+L8me2E3xOXLZmpV
VsP3NqG5unBMBhz9sh5CtcAcfT8bEobXcNa5PIyrR1eUgF8Zgx49XoeR23ywn+gz
7k95rqOL6GYJe+D9d/+AQ5+SGnwYCdxQvoYsFNyg10ygPrwUH35Wn6//jVRYZm5i
Wiz74KbFUuirC/ThTPaXS6r3S37EzCMkPSheyyerQ28vydRMMhAhWsuxwHs4I8df
S5bIYTjbEXgA37/ZGxk/FAlQdQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMVWjO/R
0o62q1lCsG9XWwbseZM0MB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMkI4OTdDN0NF
QzIwMTFFRUI5NkM2NTgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABxy+EDBABxy/sDBAC0srowDQYJKoZIhvcNAQELBQADggEB
AJzYQ/wmEZF6x5tJwmk3BrO1vcLzFggIFjeNIl79w1sJS/7MqF9QUcenkAw8NAGg
moF61LdqHOeJ26uPJRqHY2XEiKSp7JZBAdgLSZQ+WBxBrsS+95rqn8T9ip2zqlWA
jduveEJBbLcO7xQgsqNee48UCoEvG0LF74vmaB0Bo5qb2pQh0OVThsZEJmRkBAfw
zx9nY3YZecg5VdT5cnSVMFeNgFTfnZQW4b+QLu5mgnTmChqVjUy7drSGaKNzEkSc
XvvV9AfHvMRrSkhjO19LNzqnZMTpmUz3+ZgF29oFr9ECw0b86A8s8ywqIbVHYgdt
fsKNSy3yySqNseYb4L0REq4=
-----END CERTIFICATE-----
Generated at Mon May 12 03:53:25 2025 by rpki-client