Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91458BD/9022F316E89A11EB98CACA7AC4F9AE02/042C3DC0C1F111EF80D4B86AC4F9AE02.roa
File: 042C3DC0C1F111EF80D4B86AC4F9AE02.roa (raw, json)
Hash identifier: 0683D52z+NNbtI0+iqJGk+0KkPXph/93ShK8RUtL9fE=
Subject key identifier: 74:C9:30:AD:52:DD:E5:DC:51:BD:29:3C:01:C4:63:D2:A4:B4:99:BC
Certificate issuer: /CN=A91458BD/serialNumber=78C4919ECF9959BF7134E35DD5E42CDEAB42D548
Certificate serial: 0524
Authority key identifier: 78:C4:91:9E:CF:99:59:BF:71:34:E3:5D:D5:E4:2C:DE:AB:42:D5:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eMSRns-ZWb9xNONd1eQs3qtC1Ug.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91458BD/9022F316E89A11EB98CACA7AC4F9AE02/042C3DC0C1F111EF80D4B86AC4F9AE02.roa
Signing time: Tue 24 Dec 2024 12:17:18 +0000
ROA not before: Tue 24 Dec 2024 12:17:18 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 139875
IP address blocks: 103.146.134.0/24 maxlen: 24
2001:df2:6080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1316 (0x524)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91458BD, serialNumber=78C4919ECF9959BF7134E35DD5E42CDEAB42D548
Validity
Not Before: Dec 24 12:17:18 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=676aa64d-b15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fc:4c:6e:ac:1b:b5:5a:b6:cd:c2:f3:61:3f:
51:e4:f3:6c:e6:71:a9:66:8d:87:79:57:bd:18:ec:
89:d0:db:97:77:d1:8a:67:eb:df:1c:0e:1e:8e:87:
7b:a8:a6:63:16:91:b9:97:c7:2b:e4:60:03:2d:c9:
82:14:1d:91:e0:be:a9:7b:a5:4c:02:f2:3d:db:2e:
94:31:3d:8e:1f:6b:55:9e:d0:7f:de:23:77:9a:0d:
d6:24:04:18:7e:75:20:f8:02:b6:7e:cd:cf:c2:a3:
0c:c8:fc:0b:33:30:57:a6:b2:0e:89:0f:72:c2:87:
38:ec:09:37:3e:93:42:ba:78:46:72:b3:58:92:fe:
ca:ec:b7:e7:cd:50:7d:f2:7f:23:f5:e8:cd:37:2e:
d9:b6:5a:a6:aa:99:3e:fa:77:a7:6c:a9:b8:20:b0:
4f:27:6b:24:71:b3:0d:a4:40:f4:61:01:64:c8:c5:
d4:83:86:66:2c:26:86:5b:32:b9:7e:19:6c:c1:90:
35:ad:21:33:c4:3a:cc:a7:6a:57:c4:d9:8f:45:b5:
ed:ab:3c:b0:5e:43:03:0d:77:b9:00:a7:38:b2:a7:
0e:18:1f:ac:ef:7d:a4:c0:28:64:a8:5d:9a:77:db:
20:4b:61:46:3d:2e:fd:b2:59:e3:de:70:85:a7:5a:
d3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C9:30:AD:52:DD:E5:DC:51:BD:29:3C:01:C4:63:D2:A4:B4:99:BC
X509v3 Authority Key Identifier:
keyid:78:C4:91:9E:CF:99:59:BF:71:34:E3:5D:D5:E4:2C:DE:AB:42:D5:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91458BD/9022F316E89A11EB98CACA7AC4F9AE02/eMSRns-ZWb9xNONd1eQs3qtC1Ug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eMSRns-ZWb9xNONd1eQs3qtC1Ug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91458BD/9022F316E89A11EB98CACA7AC4F9AE02/042C3DC0C1F111EF80D4B86AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.134.0/24
IPv6:
2001:df2:6080::/48
Signature Algorithm: sha256WithRSAEncryption
16:03:8e:65:9b:db:ac:ed:61:ef:61:f2:26:e7:7e:c3:4f:bd:
36:f7:ad:2c:5a:1c:07:d4:98:e3:98:42:99:11:b7:88:4f:44:
c1:ae:f3:3c:3d:62:15:10:44:e7:0d:a3:64:1c:58:5f:b8:54:
73:5c:01:5c:12:fc:00:17:70:03:46:df:b6:47:f2:eb:c4:18:
e6:9a:9a:04:ee:33:a9:18:5f:fd:b9:8e:a3:d8:6a:92:29:04:
a7:52:d0:f4:13:a3:a4:38:88:5f:fa:5c:aa:a7:53:ce:ab:1e:
7a:3c:39:1b:7d:9f:c7:a5:89:9c:04:55:24:e2:5f:42:dd:8d:
ce:5d:db:6b:fd:c8:2f:e2:51:40:ae:7f:5b:cc:ba:e0:ef:bd:
d7:a1:51:36:9d:04:4b:c8:08:df:27:4e:70:fa:34:c7:ec:13:
8a:1b:74:ed:e3:ef:af:0b:85:64:79:a3:74:e7:14:2a:d3:04:
87:a2:9e:db:ed:45:31:d0:b9:f9:6e:7d:1b:c3:dd:63:86:8e:
93:32:3d:6b:2c:0c:fe:d2:5f:59:9f:fd:fb:01:f0:8d:24:5e:
c8:9b:0d:53:36:c0:35:15:44:cc:d8:d5:17:fc:a6:2f:b7:e3:
8e:c8:87:58:ed:19:41:97:65:8a:bb:ec:ef:3b:6d:ad:23:17:
71:ca:36:73
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBSQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU4QkQxMTAvBgNVBAUTKDc4QzQ5MTlFQ0Y5OTU5QkY3MTM0RTM1REQ1RTQyQ0RF
QUI0MkQ1NDgwHhcNMjQxMjI0MTIxNzE4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhYTY0ZC1iMTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0vxMbqwbtVq2zcLzYT9R5PNs5nGpZo2HeVe9GOyJ0NuXd9GKZ+vfHA4ejod7
qKZjFpG5l8cr5GADLcmCFB2R4L6pe6VMAvI92y6UMT2OH2tVntB/3iN3mg3WJAQY
fnUg+AK2fs3PwqMMyPwLMzBXprIOiQ9ywoc47Ak3PpNCunhGcrNYkv7K7LfnzVB9
8n8j9ejNNy7Ztlqmqpk++nenbKm4ILBPJ2skcbMNpED0YQFkyMXUg4ZmLCaGWzK5
fhlswZA1rSEzxDrMp2pXxNmPRbXtqzywXkMDDXe5AKc4sqcOGB+s732kwChkqF2a
d9sgS2FGPS79slnj3nCFp1rTRQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHTJMK1S
3eXcUb0pPAHEY9KktJm8MB8GA1UdIwQYMBaAFHjEkZ7PmVm/cTTjXdXkLN6rQtVI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NThCRC85MDIyRjMxNkU4
OUExMUVCOThDQUNBN0FDNEY5QUUwMi9lTVNSbnMtWldiOXhOT05kMWVRczNxdEMx
VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VNU1Jucy1aV2I5eE5PTmQxZVFzM3F0QzFVZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU4QkQvOTAyMkYzMTZFODlBMTFFQjk4Q0FDQTdBQzRGOUFFMDIvMDQyQzNEQzBD
MUYxMTFFRjgwRDRCODZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnkoYwDwQCAAIwCQMHACABDfJggDANBgkqhkiG9w0BAQsF
AAOCAQEAFgOOZZvbrO1h72HyJud+w0+9NvetLFocB9SY45hCmRG3iE9Ewa7zPD1i
FRBE5w2jZBxYX7hUc1wBXBL8ABdwA0bftkfy68QY5pqaBO4zqRhf/bmOo9hqkikE
p1LQ9BOjpDiIX/pcqqdTzqseejw5G32fx6WJnARVJOJfQt2Nzl3ba/3IL+JRQK5/
W8y64O+916FRNp0ES8gI3ydOcPo0x+wTiht07ePvrwuFZHmjdOcUKtMEh6Ke2+1F
MdC5+W59G8PdY4aOkzI9aywM/tJfWZ/9+wHwjSReyJsNUzbANRVEzNjVF/ymL7fj
jsiHWO0ZQZdlirvs7zttrSMXcco2cw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:17:47 2025 by rpki-client