Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/DD058EDAC0B211EEBAD8C90CC4F9AE02.roa
File: DD058EDAC0B211EEBAD8C90CC4F9AE02.roa (raw, json)
Hash identifier: mxN3e88k7fubkVX0grtmJ23AfKb/8VxSvKoITefqqmc=
Subject key identifier: 16:80:D2:66:9E:D3:0F:58:81:68:E8:48:6E:2E:D8:B8:1D:DB:55:10
Certificate issuer: /CN=A9158E8E/serialNumber=5F2E5E62932BB50A85FF2F9A5F31B2BADD5F34AC
Certificate serial: 02A8
Authority key identifier: 5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/DD058EDAC0B211EEBAD8C90CC4F9AE02.roa
Signing time: Thu 29 Feb 2024 03:25:54 +0000
ROA not before: Thu 29 Feb 2024 03:25:54 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 138655
IP address blocks: 103.159.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680 (0x2a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E8E
Validity
Not Before: Feb 29 03:25:54 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65dff942-e9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:66:fb:cc:6f:7d:36:a4:d8:42:55:15:9d:85:
70:59:66:44:b6:f5:d3:38:d1:45:ba:1f:d4:76:f2:
f1:90:b1:2a:0c:49:0c:43:5d:a2:36:47:19:24:3e:
48:d1:1c:3f:60:ab:c4:3f:d1:5b:35:97:d3:f1:3a:
7a:9d:93:dc:59:82:9c:a3:4c:be:16:07:32:41:d6:
f9:99:20:28:ad:d8:dd:0b:c1:82:a2:58:2d:22:fa:
dd:80:26:a6:b3:af:11:4f:d8:e3:32:44:3b:72:ac:
cb:81:01:99:e1:0c:1b:30:d4:a5:26:14:68:91:c5:
09:d3:62:55:20:3e:fd:f2:9d:40:52:ed:12:5e:da:
05:06:f7:a4:2c:f6:26:ef:21:53:85:c0:42:2c:ca:
12:5e:cd:af:b8:04:cb:a6:e6:22:40:2a:7b:86:96:
a7:73:12:46:85:b0:12:9f:86:38:1a:74:e1:e8:87:
aa:62:73:91:8a:de:e0:4f:5f:57:9a:97:e6:80:16:
be:5b:13:37:21:1f:8a:e1:cf:83:f9:2b:0b:49:88:
fa:03:cf:53:c8:5d:43:7e:9e:de:db:0c:cc:89:ae:
19:ac:80:a2:ca:8d:4f:e9:5a:da:9f:7f:c6:c7:4e:
ad:75:d6:c9:eb:81:a4:dd:1e:d9:90:2b:e1:a1:ee:
73:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:80:D2:66:9E:D3:0F:58:81:68:E8:48:6E:2E:D8:B8:1D:DB:55:10
X509v3 Authority Key Identifier:
keyid:5F:2E:5E:62:93:2B:B5:0A:85:FF:2F:9A:5F:31:B2:BA:DD:5F:34:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/Xy5eYpMrtQqF_y-aXzGyut1fNKw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xy5eYpMrtQqF_y-aXzGyut1fNKw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E8E/04FBB8F0AE0F11ECA0205666C4F9AE02/DD058EDAC0B211EEBAD8C90CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.78.0/24
Signature Algorithm: sha256WithRSAEncryption
51:21:62:cb:a3:e3:80:ae:91:42:85:de:0d:55:ea:76:bf:70:
69:5a:d7:51:ce:61:f3:ec:da:dc:b1:e2:bc:ad:9f:51:94:4e:
3a:83:df:7b:6c:f6:91:7a:92:44:7b:13:31:54:28:dc:28:2a:
53:94:25:b3:97:f9:59:d2:08:af:fc:48:cb:7d:c5:28:47:1c:
0d:ed:24:25:33:44:62:05:6c:70:0c:75:31:62:04:fe:57:bb:
bc:36:47:3b:2a:b5:d0:ce:bd:0a:77:2c:4f:65:8c:1c:f1:c7:
ed:d4:3d:9a:ba:58:af:61:38:52:f4:e8:bb:93:79:fb:6a:31:
2e:48:b0:e3:4d:f7:77:dd:40:f8:2f:26:89:e9:49:1f:4e:37:
0f:03:28:94:69:23:c3:1e:41:26:fb:67:3f:93:c0:9f:b0:e7:
db:1d:67:3d:d0:ee:1b:9c:5a:cc:01:9b:9a:57:fb:a9:d6:68:
91:29:c1:3f:10:fb:93:fe:3f:e7:4b:1a:12:94:f2:8a:41:f9:
32:6e:d8:20:95:fd:ce:d1:e3:fb:a8:45:92:d3:d3:97:05:fd:
73:54:47:c5:72:58:87:bb:c0:d2:20:81:3f:20:8c:9a:b2:b7:
7d:7b:9c:54:62:94:05:69:74:e4:0b:53:10:e6:1c:1f:c3:e8:
5c:8e:4d:5c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFOEUxMTAvBgNVBAUTKDVGMkU1RTYyOTMyQkI1MEE4NUZGMkY5QTVGMzFCMkJB
REQ1RjM0QUMwHhcNMjQwMjI5MDMyNTU0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRmZjk0Mi1lOWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA22b7zG99NqTYQlUVnYVwWWZEtvXTONFFuh/UdvLxkLEqDEkMQ12iNkcZJD5I
0Rw/YKvEP9FbNZfT8Tp6nZPcWYKco0y+FgcyQdb5mSAordjdC8GColgtIvrdgCam
s68RT9jjMkQ7cqzLgQGZ4QwbMNSlJhRokcUJ02JVID798p1AUu0SXtoFBvekLPYm
7yFThcBCLMoSXs2vuATLpuYiQCp7hpancxJGhbASn4Y4GnTh6IeqYnORit7gT19X
mpfmgBa+WxM3IR+K4c+D+SsLSYj6A89TyF1Dfp7e2wzMia4ZrICiyo1P6Vran3/G
x06tddbJ64Gk3R7ZkCvhoe5zJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBaA0mae
0w9YgWjoSG4u2Lgd21UQMB8GA1UdIwQYMBaAFF8uXmKTK7UKhf8vml8xsrrdXzSs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEU4RS8wNEZCQjhGMEFF
MEYxMUVDQTAyMDU2NjZDNEY5QUUwMi9YeTVlWXBNcnRRcUZfeS1hWHpHeXV0MWZO
S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h5NWVZcE1ydFFxRl95LWFYekd5dXQxZk5Ldy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFOEUvMDRGQkI4RjBBRTBGMTFFQ0EwMjA1NjY2QzRGOUFFMDIvREQwNThFREFD
MEIyMTFFRUJBRDhDOTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn04wDQYJKoZIhvcNAQELBQADggEBAFEhYsuj44CukUKF
3g1V6na/cGla11HOYfPs2tyx4rytn1GUTjqD33ts9pF6kkR7EzFUKNwoKlOUJbOX
+VnSCK/8SMt9xShHHA3tJCUzRGIFbHAMdTFiBP5Xu7w2RzsqtdDOvQp3LE9ljBzx
x+3UPZq6WK9hOFL06LuTeftqMS5IsONN93fdQPgvJonpSR9ONw8DKJRpI8MeQSb7
Zz+TwJ+w59sdZz3Q7hucWswBm5pX+6nWaJEpwT8Q+5P+P+dLGhKU8opB+TJu2CCV
/c7R4/uoRZLT05cF/XNUR8VyWIe7wNIggT8gjJqyt317nFRilAVpdOQLUxDmHB/D
6FyOTVw=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:06:19 2025 by rpki-client