Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/52A7D64AD61311EF9B19B766C4F9AE02.roa
File: 52A7D64AD61311EF9B19B766C4F9AE02.roa (raw, json)
Hash identifier: vJkUDEu8FzNEPUu9FqspajjKgfMhrqIAsmPiPh2zazQ=
Subject key identifier: 84:DE:22:58:7E:D7:9E:92:D1:AF:96:C1:79:15:81:0F:23:59:4E:2B
Certificate issuer: /CN=A9150384/serialNumber=B1BA33053C39BA5865537743112389E300C48807
Certificate serial: 0C35
Authority key identifier: B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/52A7D64AD61311EF9B19B766C4F9AE02.roa
Signing time: Sun 19 Jan 2025 03:21:40 +0000
ROA not before: Sun 19 Jan 2025 03:21:40 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 134968
IP address blocks: 103.23.204.0/22 maxlen: 22
103.23.204.0/23 maxlen: 23
103.23.204.0/24 maxlen: 24
103.23.205.0/24 maxlen: 24
103.23.206.0/23 maxlen: 23
103.23.206.0/24 maxlen: 24
103.23.207.0/24 maxlen: 24
223.25.252.0/22 maxlen: 22
223.25.252.0/23 maxlen: 23
223.25.252.0/24 maxlen: 24
223.25.253.0/24 maxlen: 24
223.25.254.0/23 maxlen: 23
223.25.254.0/24 maxlen: 24
223.25.255.0/24 maxlen: 24
2401:52c0::/32 maxlen: 32
2401:52c0::/40 maxlen: 40
2401:52c0::/48 maxlen: 48
2401:52c0:1::/48 maxlen: 48
2401:52c0:2::/48 maxlen: 48
2401:52c0:3::/48 maxlen: 48
2401:52c0:4::/48 maxlen: 48
2401:52c0:5::/48 maxlen: 48
2401:52c0:6::/48 maxlen: 48
2401:52c0:8::/48 maxlen: 48
2401:52c0:9::/48 maxlen: 48
2401:52c0:a::/48 maxlen: 48
2401:52c0:b::/48 maxlen: 48
2401:52c0:c::/48 maxlen: 48
2401:52c0:d::/48 maxlen: 48
2401:52c0:e::/48 maxlen: 48
2401:52c0:f::/48 maxlen: 48
2401:52c0:100::/40 maxlen: 40
2401:52c0:100::/44 maxlen: 44
2401:52c0:100::/48 maxlen: 48
2401:52c0:101::/48 maxlen: 48
2401:52c0:102::/48 maxlen: 48
2401:52c0:103::/48 maxlen: 48
2401:52c0:104::/48 maxlen: 48
2401:52c0:105::/48 maxlen: 48
2401:52c0:106::/48 maxlen: 48
2401:52c0:107::/48 maxlen: 48
2401:52c0:108::/48 maxlen: 48
2401:52c0:109::/48 maxlen: 48
2401:52c0:10a::/48 maxlen: 48
2401:52c0:110::/44 maxlen: 44
2401:52c0:120::/44 maxlen: 44
2401:52c0:130::/44 maxlen: 44
2401:52c0:140::/44 maxlen: 44
2401:52c0:150::/44 maxlen: 44
2401:52c0:160::/44 maxlen: 44
2401:52c0:170::/44 maxlen: 44
2401:52c0:180::/44 maxlen: 44
2401:52c0:190::/44 maxlen: 44
2401:52c0:1a0::/44 maxlen: 44
2401:52c0:1b0::/44 maxlen: 44
2401:52c0:1c0::/44 maxlen: 44
2401:52c0:1d0::/44 maxlen: 44
2401:52c0:1e0::/44 maxlen: 44
2401:52c0:1f0::/44 maxlen: 44
2401:52c0:200::/40 maxlen: 40
2401:52c0:300::/40 maxlen: 40
2401:52c0:400::/40 maxlen: 40
2401:52c0:500::/40 maxlen: 40
2401:52c0:600::/40 maxlen: 40
2401:52c0:700::/40 maxlen: 40
2401:52c0:800::/40 maxlen: 40
2401:52c0:900::/40 maxlen: 40
2401:52c0:a00::/40 maxlen: 40
2401:52c0:b00::/40 maxlen: 40
2401:52c0:c00::/40 maxlen: 40
2401:52c0:d00::/40 maxlen: 40
2401:52c0:e00::/40 maxlen: 40
2401:52c0:f00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3125 (0xc35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150384, serialNumber=B1BA33053C39BA5865537743112389E300C48807
Validity
Not Before: Jan 19 03:21:40 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=678c6fc4-9d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:aa:bc:56:fc:00:a1:7f:3e:d7:56:a6:47:a0:
c9:b7:6a:c4:bb:df:72:55:38:5f:c3:bb:64:59:72:
88:83:cb:c2:d0:56:e7:0b:60:64:f9:ef:82:c1:ed:
06:68:15:17:9f:70:af:23:5f:fb:40:e0:bb:ec:e4:
bc:50:dc:4c:32:2d:c3:91:a6:7b:60:48:d1:71:4b:
11:9a:4c:b1:39:13:d4:6c:c0:af:83:8a:59:f6:a9:
a2:af:4e:2a:ff:a2:a6:f0:5d:83:45:ee:09:cf:8d:
2b:60:a4:f5:e2:57:88:65:ef:07:09:c5:94:42:64:
94:a4:c9:4f:af:6f:0b:fd:b7:5e:61:84:c1:5b:6f:
b8:64:ad:5e:f0:94:ca:4e:f8:97:a4:18:4d:29:2c:
81:b2:39:cd:71:92:a6:fa:a3:a4:91:0b:b1:fc:5e:
6e:8e:97:2a:be:97:14:35:e4:92:a5:3a:cf:8c:cf:
1d:97:61:f3:79:f3:05:9b:dc:50:8a:15:b1:7d:89:
ec:06:23:5d:14:38:0a:f8:76:8d:d9:bb:c1:40:fe:
8b:4f:2f:bd:5e:58:ac:6c:f0:c4:20:5f:07:a3:69:
c8:6c:fa:26:1f:d9:40:70:20:f1:a9:72:1f:12:07:
34:c0:44:7e:16:43:04:32:b4:90:6b:e7:14:5a:6a:
7f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DE:22:58:7E:D7:9E:92:D1:AF:96:C1:79:15:81:0F:23:59:4E:2B
X509v3 Authority Key Identifier:
keyid:B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/52A7D64AD61311EF9B19B766C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.204.0/22
223.25.252.0/22
IPv6:
2401:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
05:53:74:1a:79:1b:45:57:db:32:73:9c:b8:e4:32:bd:8c:33:
44:43:cc:9a:cf:d4:88:a5:90:47:87:cd:54:ee:00:40:39:89:
95:53:66:1d:01:f8:ba:84:5e:68:2b:4f:d4:48:d4:20:a1:99:
1d:8f:66:30:4a:3e:99:cd:73:f0:47:50:7b:e3:3c:bd:38:b6:
e9:5f:b4:b8:af:eb:20:3c:c3:af:4a:b6:6e:f6:b2:de:a0:37:
db:ed:9b:2d:c8:6c:c1:98:85:20:8c:64:2b:1d:be:d7:1a:d4:
c9:2f:62:da:6c:da:76:94:48:1c:b5:20:f4:e2:30:81:97:67:
d4:74:2a:09:dd:55:19:89:4b:3e:4a:dd:9c:1a:8a:2c:57:41:
ea:88:c9:d9:7e:a3:74:27:db:1a:77:e4:7d:f9:9c:59:18:68:
fa:92:8b:18:1f:5a:2e:5f:bb:c7:bd:41:ff:78:1b:aa:d3:c6:
25:9e:15:71:be:13:bd:a2:a3:90:b6:e3:44:a7:28:6d:1c:3e:
14:07:52:8c:05:50:6f:12:3e:16:e9:8a:97:cf:ee:45:db:4d:
be:c1:1d:b7:6f:b8:ab:f3:cf:f9:22:01:e2:20:f7:f5:66:f8:
55:e3:d5:5c:03:25:82:12:e6:7b:db:79:55:10:d4:14:ca:cf:
c1:80:f0:89
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDDUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTAzODQxMTAvBgNVBAUTKEIxQkEzMzA1M0MzOUJBNTg2NTUzNzc0MzExMjM4OUUz
MDBDNDg4MDcwHhcNMjUwMTE5MDMyMTQwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhjNmZjNC05ZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA06q8VvwAoX8+11amR6DJt2rEu99yVThfw7tkWXKIg8vC0FbnC2Bk+e+Cwe0G
aBUXn3CvI1/7QOC77OS8UNxMMi3DkaZ7YEjRcUsRmkyxORPUbMCvg4pZ9qmir04q
/6Km8F2DRe4Jz40rYKT14leIZe8HCcWUQmSUpMlPr28L/bdeYYTBW2+4ZK1e8JTK
TviXpBhNKSyBsjnNcZKm+qOkkQux/F5ujpcqvpcUNeSSpTrPjM8dl2HzefMFm9xQ
ihWxfYnsBiNdFDgK+HaN2bvBQP6LTy+9XlisbPDEIF8Ho2nIbPomH9lAcCDxqXIf
Egc0wER+FkMEMrSQa+cUWmp/gQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFITeIlh+
156S0a+WwXkVgQ8jWU4rMB8GA1UdIwQYMBaAFLG6MwU8ObpYZVN3QxEjieMAxIgH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDM4NC85MzdGMzcyRTAw
NUExMUVBQTA5NEJEMzFDNEY5QUUwMi9zYm96QlR3NXVsaGxVM2RERVNPSjR3REVp
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Nib3pCVHc1dWxobFUzZERFU09KNHdERWlBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTAzODQvOTM3RjM3MkUwMDVBMTFFQUEwOTRCRDMxQzRGOUFFMDIvNTJBN0Q2NEFE
NjEzMTFFRjlCMTlCNzY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnF8wDBALfGfwwDQQCAAIwBwMFACQBUsAwDQYJKoZIhvcN
AQELBQADggEBAAVTdBp5G0VX2zJznLjkMr2MM0RDzJrP1IilkEeHzVTuAEA5iZVT
Zh0B+LqEXmgrT9RI1CChmR2PZjBKPpnNc/BHUHvjPL04tulftLiv6yA8w69Ktm72
st6gN9vtmy3IbMGYhSCMZCsdvtca1MkvYtps2naUSBy1IPTiMIGXZ9R0KgndVRmJ
Sz5K3ZwaiixXQeqIydl+o3Qn2xp35H35nFkYaPqSixgfWi5fu8e9Qf94G6rTxiWe
FXG+E72io5C240SnKG0cPhQHUowFUG8SPhbpipfP7kXbTb7BHbdvuKvzz/kiAeIg
9/Vm+FXj1VwDJYIS5nvbeVUQ1BTKz8GA8Ik=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:37:27 2025 by rpki-client