Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/C496E4D85FFB11EEB11C516CC4F9AE02.roa
File: C496E4D85FFB11EEB11C516CC4F9AE02.roa (raw, json)
Hash identifier: qHutGzz+Pv6tpTgNiPWbxxzOpUUlRiuB/EOUYfNqlcs=
Subject key identifier: FB:C2:85:05:96:82:94:FF:25:85:9E:59:0F:17:DC:B0:E2:11:E5:B2
Certificate issuer: /CN=A91187FD/serialNumber=68852AB7F2714FCF54D75F0AAE3068ADC38B35CC
Certificate serial: 49
Authority key identifier: 68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/C496E4D85FFB11EEB11C516CC4F9AE02.roa
Signing time: Sun 01 Oct 2023 01:43:12 +0000
ROA not before: Sun 01 Oct 2023 01:43:12 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 9409
IP address blocks: 103.151.154.0/24 maxlen: 24
2401:3fa0:ff00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73 (0x49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91187FD
Validity
Not Before: Oct 1 01:43:12 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6518ceb0-62ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:08:c3:c0:a9:84:9b:c9:f0:16:d4:ef:2d:c3:
2c:d1:fa:dc:49:aa:03:85:95:8e:6a:b8:27:e5:c6:
7c:8f:49:0d:68:64:ee:5a:a1:31:fa:65:47:36:cc:
f9:0f:8c:94:8f:2f:22:0c:c5:15:9f:97:11:fc:05:
c6:3e:b1:a3:db:cc:30:90:02:ed:35:dd:54:5c:56:
60:51:ff:cd:0c:5a:0f:26:a8:94:09:41:2e:be:54:
a5:38:ab:85:83:d6:8b:b6:27:14:d6:88:95:9d:34:
96:0c:64:a3:db:97:dc:ef:06:07:b5:e8:2d:fa:60:
3a:21:4c:7d:06:f6:a3:a2:43:05:d8:cd:f3:9a:ac:
a1:c1:27:29:8e:e2:91:f2:ba:01:97:cc:34:55:49:
18:0c:ae:a2:87:30:c2:18:4c:37:81:2e:2d:ab:ca:
e8:9e:2d:ee:97:0f:71:46:6d:d2:80:06:50:af:24:
9e:13:6c:ed:39:b5:3b:14:7d:81:38:e7:42:35:7e:
fa:a6:cb:e7:98:0b:bb:ae:7e:6e:19:02:6e:9a:b5:
25:fd:cc:d1:e0:f1:b2:97:1a:a2:fb:6b:4a:70:e3:
6e:05:57:b7:49:33:d1:a2:42:2d:22:65:fb:58:03:
82:b0:d5:0f:21:71:94:94:ee:17:8a:71:c7:3a:b6:
48:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C2:85:05:96:82:94:FF:25:85:9E:59:0F:17:DC:B0:E2:11:E5:B2
X509v3 Authority Key Identifier:
keyid:68:85:2A:B7:F2:71:4F:CF:54:D7:5F:0A:AE:30:68:AD:C3:8B:35:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/aIUqt_JxT89U118KrjBorcOLNcw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIUqt_JxT89U118KrjBorcOLNcw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187FD/55ED6A1610A011EE93493C52C4F9AE02/C496E4D85FFB11EEB11C516CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.154.0/24
IPv6:
2401:3fa0:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
55:02:80:f7:ad:64:60:41:23:75:12:48:d0:77:a2:20:70:37:
5d:58:38:99:7c:8a:ae:4d:43:c7:a3:58:3d:23:76:5d:f1:5f:
13:8e:f7:09:06:97:ed:da:62:35:7f:42:40:9b:96:03:44:3a:
2a:25:85:74:2c:7e:62:92:74:d8:37:80:37:6f:35:df:60:a7:
dc:d6:59:74:71:6b:6c:5d:e9:7b:91:58:81:39:dd:0c:09:7d:
7b:7c:6a:8a:f0:da:fc:9b:b4:1a:c8:07:a6:81:b7:d9:0f:d7:
82:5d:6b:2a:e0:ea:ec:c8:1d:b4:84:5f:7c:58:88:e1:41:35:
4f:29:58:1e:55:a5:b5:e9:d8:5c:7c:a0:61:27:7c:f8:19:69:
c7:20:57:b5:c1:15:bd:9d:20:e1:e0:e3:fb:29:b8:e5:7b:24:
3d:2f:aa:26:2a:ff:67:f3:fc:60:5e:3a:a7:a3:44:1e:93:38:
23:22:f5:ab:18:0a:dc:68:f5:b7:5b:db:63:1c:32:20:1b:ec:
6b:90:3a:2e:d1:fe:c6:54:73:16:e7:53:b5:4e:de:6c:fd:2a:
17:ad:97:4d:39:a7:69:53:91:81:54:79:97:55:83:7a:d7:2f:
73:c2:a6:9f:7d:44:57:a2:e8:11:1d:ab:b7:34:11:ce:62:44:
00:8f:6b:42
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIBSTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
ODdGRDExMC8GA1UEBRMoNjg4NTJBQjdGMjcxNEZDRjU0RDc1RjBBQUUzMDY4QURD
MzhCMzVDQzAeFw0yMzEwMDEwMTQzMTJaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MThjZWIwLTYyZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoCMPAqYSbyfAW1O8twyzR+txJqgOFlY5quCflxnyPSQ1oZO5aoTH6ZUc2zPkP
jJSPLyIMxRWflxH8BcY+saPbzDCQAu013VRcVmBR/80MWg8mqJQJQS6+VKU4q4WD
1ou2JxTWiJWdNJYMZKPbl9zvBge16C36YDohTH0G9qOiQwXYzfOarKHBJymO4pHy
ugGXzDRVSRgMrqKHMMIYTDeBLi2ryuieLe6XD3FGbdKABlCvJJ4TbO05tTsUfYE4
50I1fvqmy+eYC7uufm4ZAm6atSX9zNHg8bKXGqL7a0pw424FV7dJM9GiQi0iZftY
A4Kw1Q8hcZSU7heKccc6tkjHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU+8KFBZaC
lP8lhZ5ZDxfcsOIR5bIwHwYDVR0jBBgwFoAUaIUqt/JxT89U118KrjBorcOLNcww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4N0ZELzU1RUQ2QTE2MTBB
MDExRUU5MzQ5M0M1MkM0RjlBRTAyL2FJVXF0X0p4VDg5VTExOEtyakJvcmNPTE5j
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYUlVcXRfSnhUODlVMTE4S3JqQm9yY09MTmN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
ODdGRC81NUVENkExNjEwQTAxMUVFOTM0OTNDNTJDNEY5QUUwMi9DNDk2RTREODVG
RkIxMUVFQjExQzUxNkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEAGeXmjAOBAIAAjAIAwYAJAE/oP8wDQYJKoZIhvcNAQELBQAD
ggEBAFUCgPetZGBBI3USSNB3oiBwN11YOJl8iq5NQ8ejWD0jdl3xXxOO9wkGl+3a
YjV/QkCblgNEOiolhXQsfmKSdNg3gDdvNd9gp9zWWXRxa2xd6XuRWIE53QwJfXt8
aorw2vybtBrIB6aBt9kP14Jdayrg6uzIHbSEX3xYiOFBNU8pWB5VpbXp2Fx8oGEn
fPgZaccgV7XBFb2dIOHg4/spuOV7JD0vqiYq/2fz/GBeOqejRB6TOCMi9asYCtxo
9bdb22McMiAb7GuQOi7R/sZUcxbnU7VO3mz9Khetl005p2lTkYFUeZdVg3rXL3PC
pp99RFei6BEdq7c0Ec5iRACPa0I=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:34:14 2025 by rpki-client