Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130416/CA6D58B4B67411EDBEB60F39C4F9AE02/B4B36C90B67C11EDBF54387EC4F9AE02.roa
File: B4B36C90B67C11EDBF54387EC4F9AE02.roa (raw, json)
Hash identifier: 3oM37L0IlVMJ96O8GPGIO2K/chAxdjI6Ub1Gjtkb3p8=
Subject key identifier: 6B:24:DC:C8:DD:3C:88:FD:5F:89:54:E9:A5:38:F0:C5:66:6E:29:33
Certificate issuer: /CN=A9130416/serialNumber=9906A870DADD14F6D4BA86F2CC2C1E5E470DE8B2
Certificate serial: 05
Authority key identifier: 99:06:A8:70:DA:DD:14:F6:D4:BA:86:F2:CC:2C:1E:5E:47:0D:E8:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mQaocNrdFPbUuobyzCweXkcN6LI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130416/CA6D58B4B67411EDBEB60F39C4F9AE02/B4B36C90B67C11EDBF54387EC4F9AE02.roa
Signing time: Mon 27 Feb 2023 08:57:04 +0000
ROA not before: Mon 27 Feb 2023 08:57:04 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 149621
IP address blocks: 103.182.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130416, serialNumber=9906A870DADD14F6D4BA86F2CC2C1E5E470DE8B2
Validity
Not Before: Feb 27 08:57:04 2023 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63fc7060-ea59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:15:bf:1c:5a:93:f7:41:f6:4f:45:3a:0d:7f:
8b:24:0c:fe:fc:6d:19:0b:9f:b9:6e:79:bf:ac:48:
83:08:bf:11:e4:62:dd:9c:dd:4c:4f:89:60:55:ef:
96:1a:64:e0:d9:76:7b:ae:95:97:98:05:a8:9f:f9:
68:6b:1f:92:b4:73:92:90:f7:fc:b7:7b:86:58:c9:
eb:9e:c6:2d:8b:7d:a3:ab:cd:a8:ee:16:12:df:4f:
29:da:7a:b4:99:04:ae:02:16:c9:08:77:72:08:bf:
4c:98:64:96:96:bf:65:fe:2e:21:07:fa:26:e2:78:
54:67:09:91:5c:db:8d:d3:b2:74:09:09:0a:78:08:
63:a8:8f:bc:0c:59:c8:f8:79:c2:43:5a:96:8b:c2:
a0:9f:4e:98:e7:85:f0:86:a0:f0:14:0c:1c:19:99:
88:c0:d9:ad:19:82:dc:76:ca:93:98:9b:8c:99:5f:
7a:93:0a:a1:89:e9:2e:f7:58:6c:24:6a:6c:c5:41:
fa:ce:30:8e:43:ca:fd:49:cf:25:ad:08:48:d8:3b:
18:f6:f5:2e:50:6a:78:ab:4f:20:31:ea:7c:1b:48:
1a:2f:7f:10:56:4b:48:af:3f:3f:9c:68:bb:9a:e3:
6e:95:50:47:cd:45:92:ac:bf:5f:68:ac:dd:86:e0:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:24:DC:C8:DD:3C:88:FD:5F:89:54:E9:A5:38:F0:C5:66:6E:29:33
X509v3 Authority Key Identifier:
keyid:99:06:A8:70:DA:DD:14:F6:D4:BA:86:F2:CC:2C:1E:5E:47:0D:E8:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130416/CA6D58B4B67411EDBEB60F39C4F9AE02/mQaocNrdFPbUuobyzCweXkcN6LI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mQaocNrdFPbUuobyzCweXkcN6LI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130416/CA6D58B4B67411EDBEB60F39C4F9AE02/B4B36C90B67C11EDBF54387EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.182.210.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:09:53:1b:c7:32:0b:e5:7e:f4:cc:04:3e:82:28:9c:1d:13:
26:19:e8:9b:92:c1:cf:bb:0b:70:f9:f8:a5:f4:ca:62:c1:c8:
6a:bf:c1:49:7d:55:f4:dd:0b:c3:97:f2:91:5d:38:0b:80:ad:
90:ec:b1:fe:b6:8c:24:1f:66:7a:5b:7e:43:c8:4d:75:4c:69:
0d:64:32:9e:fe:72:ad:8d:56:0e:c6:ef:23:41:7c:68:e7:0e:
bd:3b:2b:04:cb:28:a7:b1:66:e1:ab:44:51:f8:d2:6a:6e:79:
6f:d7:57:93:ba:ff:0e:91:14:66:58:df:4b:34:9f:29:ae:16:
b1:77:59:62:e3:7d:10:5d:87:a6:98:a4:1a:37:b2:c8:bc:13:
2a:54:3b:e1:d5:7c:ef:c3:6d:86:b2:2c:e1:65:6a:6e:5c:dd:
b9:f3:87:2e:f3:44:a9:ed:15:ff:ad:45:24:8b:c8:d4:4c:2e:
03:fc:66:4f:84:fa:23:08:06:ec:95:25:bb:10:1e:57:1c:de:
d0:69:d6:b9:3e:f1:b5:f7:d0:3a:b1:3b:80:81:f3:53:40:7a:
a4:33:95:36:8e:7f:10:06:8d:13:3e:a8:2e:e2:f3:b7:77:60:
d5:0d:50:a4:7c:87:63:9e:b4:9c:b6:3b:6c:49:db:af:40:63:
07:be:ad:b9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MDQxNjExMC8GA1UEBRMoOTkwNkE4NzBEQUREMTRGNkQ0QkE4NkYyQ0MyQzFFNUU0
NzBERThCMjAeFw0yMzAyMjcwODU3MDRaFw0yMzA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZmM3MDYwLWVhNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEFb8cWpP3QfZPRToNf4skDP78bRkLn7lueb+sSIMIvxHkYt2c3UxPiWBV75Ya
ZODZdnuulZeYBaif+WhrH5K0c5KQ9/y3e4ZYyeuexi2LfaOrzajuFhLfTynaerSZ
BK4CFskId3IIv0yYZJaWv2X+LiEH+ibieFRnCZFc243TsnQJCQp4CGOoj7wMWcj4
ecJDWpaLwqCfTpjnhfCGoPAUDBwZmYjA2a0Zgtx2ypOYm4yZX3qTCqGJ6S73WGwk
amzFQfrOMI5Dyv1JzyWtCEjYOxj29S5QanirTyAx6nwbSBovfxBWS0ivPz+caLua
426VUEfNRZKsv19orN2G4HrzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUayTcyN08
iP1fiVTppTjwxWZuKTMwHwYDVR0jBBgwFoAUmQaocNrdFPbUuobyzCweXkcN6LIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMwNDE2L0NBNkQ1OEI0QjY3
NDExRURCRUI2MEYzOUM0RjlBRTAyL21RYW9jTnJkRlBiVXVvYnl6Q3dlWGtjTjZM
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbVFhb2NOcmRGUGJVdW9ieXpDd2VYa2NONkxJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MDQxNi9DQTZENThCNEI2NzQxMUVEQkVCNjBGMzlDNEY5QUUwMi9CNEIzNkM5MEI2
N0MxMUVEQkY1NDM4N0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe20jANBgkqhkiG9w0BAQsFAAOCAQEAqglTG8cyC+V+9MwE
PoIonB0TJhnom5LBz7sLcPn4pfTKYsHIar/BSX1V9N0Lw5fykV04C4CtkOyx/raM
JB9melt+Q8hNdUxpDWQynv5yrY1WDsbvI0F8aOcOvTsrBMsop7Fm4atEUfjSam55
b9dXk7r/DpEUZljfSzSfKa4WsXdZYuN9EF2HppikGjeyyLwTKlQ74dV878NthrIs
4WVqblzdufOHLvNEqe0V/61FJIvI1EwuA/xmT4T6IwgG7JUluxAeVxze0GnWuT7x
tffQOrE7gIHzU0B6pDOVNo5/EAaNEz6oLuLzt3dg1Q1QpHyHY560nLY7bEnbr0Bj
B76tuQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:50:56 2025 by rpki-client