Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913D30A/B85424F8D49811E9B9474738C4F9AE02/C2192360B22511EFA8BCE16EC4F9AE02.roa
File: C2192360B22511EFA8BCE16EC4F9AE02.roa (raw, json)
Hash identifier: 4hgvp63m49Q1QIOc5bR+f88IKmE+9Ic9dZwLpsKYBa8=
Subject key identifier: 8F:E9:5B:F6:E7:4D:B9:35:EE:1A:D7:D7:8C:80:27:44:2F:02:E7:27
Certificate issuer: /CN=A913D30A/serialNumber=EB811B1488B20F12664E648A82624A3050689F25
Certificate serial: 0D11
Authority key identifier: EB:81:1B:14:88:B2:0F:12:66:4E:64:8A:82:62:4A:30:50:68:9F:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/64EbFIiyDxJmTmSKgmJKMFBonyU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913D30A/B85424F8D49811E9B9474738C4F9AE02/C2192360B22511EFA8BCE16EC4F9AE02.roa
Signing time: Wed 04 Dec 2024 09:54:31 +0000
ROA not before: Wed 04 Dec 2024 09:54:31 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 136156
IP address blocks: 103.82.8.0/23 maxlen: 24
103.82.11.0/24 maxlen: 24
202.52.40.0/24 maxlen: 24
203.4.187.0/24 maxlen: 24
2402:d3c0::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3345 (0xd11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913D30A, serialNumber=EB811B1488B20F12664E648A82624A3050689F25
Validity
Not Before: Dec 4 09:54:31 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=675026d7-2b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3d:7d:c8:db:20:43:b1:97:9d:30:ea:2e:da:
a8:d1:c5:99:6a:09:86:70:c1:b7:30:f8:3b:9f:0a:
53:4c:b4:4a:91:c7:d8:b6:3e:34:c6:a8:ab:44:63:
84:16:2a:6a:84:6f:74:2e:6f:c6:5b:4b:4a:38:b3:
a4:2c:39:92:d9:1b:93:e6:18:86:0f:6e:12:15:79:
6a:e1:61:4c:19:9d:62:c0:10:14:8d:51:a0:dd:a7:
70:b2:03:20:2c:5f:cd:98:b1:98:5a:bf:8f:0a:f2:
23:06:d6:aa:7a:7a:a3:84:71:b8:b0:8d:3c:40:26:
84:cf:d8:38:5b:43:ae:9e:e4:11:bc:fe:fb:d5:e5:
ea:6c:a1:34:d3:e8:71:31:3a:54:2d:78:eb:d5:be:
a2:82:ca:48:0a:22:27:39:dd:a9:3b:84:a5:47:d4:
95:e5:98:d4:87:1e:77:01:f6:5b:71:76:b3:33:9c:
42:30:8f:cf:30:d4:bd:a6:cf:cc:c6:8d:04:2d:a6:
36:8b:7a:1b:34:83:78:e7:4d:e2:c8:94:a6:93:96:
b8:15:99:9f:7c:0b:0a:df:7d:6c:c2:2a:e3:2d:4d:
92:fe:9b:2d:3a:d2:19:8e:5d:c2:39:7c:cf:c5:c3:
92:89:7c:61:34:63:15:0c:4b:6f:82:b1:f5:94:d1:
ea:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E9:5B:F6:E7:4D:B9:35:EE:1A:D7:D7:8C:80:27:44:2F:02:E7:27
X509v3 Authority Key Identifier:
keyid:EB:81:1B:14:88:B2:0F:12:66:4E:64:8A:82:62:4A:30:50:68:9F:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913D30A/B85424F8D49811E9B9474738C4F9AE02/64EbFIiyDxJmTmSKgmJKMFBonyU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/64EbFIiyDxJmTmSKgmJKMFBonyU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D30A/B85424F8D49811E9B9474738C4F9AE02/C2192360B22511EFA8BCE16EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.8.0/23
103.82.11.0/24
202.52.40.0/24
203.4.187.0/24
IPv6:
2402:d3c0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:ba:1e:e3:e5:0c:56:0c:a1:c0:8e:a0:59:f2:02:74:20:5d:
de:dd:16:a4:e6:a4:01:52:6c:d6:65:60:8f:12:28:16:ec:95:
33:0f:89:ab:e2:7b:12:68:62:25:69:07:f4:48:b5:0c:f9:39:
d3:0d:85:d6:e2:2e:61:1c:15:87:0c:68:c2:55:d8:1e:0e:40:
47:a9:7a:a4:56:90:2b:3d:1f:69:ea:63:b8:ef:c4:6b:2a:4d:
a1:02:c4:ec:7a:4d:ad:2c:3c:f8:03:05:be:9c:d6:b1:ed:b7:
9c:3b:04:60:7a:97:79:52:c1:32:6a:0d:00:4a:68:c2:08:d0:
20:f6:f1:9f:50:ab:0e:16:13:cd:d9:09:74:84:75:5b:25:e8:
97:cf:c6:ab:ac:13:fa:17:fd:6d:ef:16:4b:d2:75:34:69:94:
bb:32:41:84:7d:7e:6a:65:c1:d6:82:01:24:a6:48:23:98:31:
3e:aa:a4:c9:28:e2:11:c3:36:c2:24:2d:9e:99:6f:5c:4f:83:
bd:b3:92:8c:93:c8:81:3b:70:83:d0:22:37:ff:fb:fd:de:cd:
9d:1a:70:eb:41:06:90:0e:e9:ac:99:48:6e:8e:39:8e:6c:de:
69:79:d2:32:91:7f:c0:5f:92:8f:21:8b:b5:f7:5c:c7:f5:c6:
fe:29:11:cf
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICDREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0QzMEExMTAvBgNVBAUTKEVCODExQjE0ODhCMjBGMTI2NjRFNjQ4QTgyNjI0QTMw
NTA2ODlGMjUwHhcNMjQxMjA0MDk1NDMxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwMjZkNy0yYjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqj19yNsgQ7GXnTDqLtqo0cWZagmGcMG3MPg7nwpTTLRKkcfYtj40xqirRGOE
FipqhG90Lm/GW0tKOLOkLDmS2RuT5hiGD24SFXlq4WFMGZ1iwBAUjVGg3adwsgMg
LF/NmLGYWr+PCvIjBtaqenqjhHG4sI08QCaEz9g4W0OunuQRvP771eXqbKE00+hx
MTpULXjr1b6igspICiInOd2pO4SlR9SV5ZjUhx53AfZbcXazM5xCMI/PMNS9ps/M
xo0ELaY2i3obNIN4503iyJSmk5a4FZmffAsK331swirjLU2S/pstOtIZjl3COXzP
xcOSiXxhNGMVDEtvgrH1lNHqmQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFI/pW/bn
Tbk17hrX14yAJ0QvAucnMB8GA1UdIwQYMBaAFOuBGxSIsg8SZk5kioJiSjBQaJ8l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDMwQS9CODU0MjRGOEQ0
OTgxMUU5Qjk0NzQ3MzhDNEY5QUUwMi82NEViRklpeUR4Sm1UbVNLZ21KS01GQm9u
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzY0RWJGSWl5RHhKbVRtU0tnbUpLTUZCb255VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0QzMEEvQjg1NDI0RjhENDk4MTFFOUI5NDc0NzM4QzRGOUFFMDIvQzIxOTIzNjBC
MjI1MTFFRkE4QkNFMTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAFnUggDBABnUgsDBADKNCgDBADLBLswDQQCAAIwBwMFACQC
08AwDQYJKoZIhvcNAQELBQADggEBALq6HuPlDFYMocCOoFnyAnQgXd7dFqTmpAFS
bNZlYI8SKBbslTMPiaviexJoYiVpB/RItQz5OdMNhdbiLmEcFYcMaMJV2B4OQEep
eqRWkCs9H2nqY7jvxGsqTaECxOx6Ta0sPPgDBb6c1rHtt5w7BGB6l3lSwTJqDQBK
aMII0CD28Z9Qqw4WE83ZCXSEdVsl6JfPxqusE/oX/W3vFkvSdTRplLsyQYR9fmpl
wdaCASSmSCOYMT6qpMko4hHDNsIkLZ6Zb1xPg72zkoyTyIE7cIPQIjf/+/3ezZ0a
cOtBBpAO6ayZSG6OOY5s3ml50jKRf8Bfko8hi7X3XMf1xv4pEc8=
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:00:32 2025 by rpki-client