Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/9816C27034EF11EEADA5AE6CC4F9AE02.roa
File: 9816C27034EF11EEADA5AE6CC4F9AE02.roa (raw, json)
Hash identifier: ewXYJI9hUtNPDJO1JmAKvLT29Lj2QoV+m1/Q49i0dzo=
Subject key identifier: B9:3D:15:27:DB:F2:7D:A7:1B:8E:33:EB:B1:55:E8:0E:DD:C6:20:B4
Certificate issuer: /CN=A917270F/serialNumber=7E44DCE972F13C80E534B2E685FE1D2A0D761512
Certificate serial: 0130
Authority key identifier: 7E:44:DC:E9:72:F1:3C:80:E5:34:B2:E6:85:FE:1D:2A:0D:76:15:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fkTc6XLxPIDlNLLmhf4dKg12FRI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/9816C27034EF11EEADA5AE6CC4F9AE02.roa
Signing time: Mon 07 Aug 2023 06:56:55 +0000
ROA not before: Mon 07 Aug 2023 06:56:55 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 140269
IP address blocks: 103.191.162.0/24 maxlen: 24
103.191.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304 (0x130)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917270F, serialNumber=7E44DCE972F13C80E534B2E685FE1D2A0D761512
Validity
Not Before: Aug 7 06:56:55 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=64d095b7-3645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:6a:8b:9c:99:a5:b9:73:41:c2:b1:00:fc:
24:f8:8c:3f:68:99:b0:29:7f:ce:90:76:fa:31:ec:
f0:78:77:d9:39:86:fc:64:ad:94:c0:4d:d6:5a:b7:
f8:f3:fd:8d:e2:58:95:de:2a:43:92:f9:56:df:81:
cd:ee:80:f8:22:40:72:e1:d6:91:1a:9a:82:f0:7b:
ab:02:e7:6a:ab:4b:7c:37:19:55:cc:0f:4b:95:0d:
1e:77:a0:1d:e6:ef:d0:70:23:a2:39:92:93:81:f1:
60:28:91:98:3c:3e:ba:10:11:dd:71:38:f4:7a:7d:
31:74:65:b4:0e:06:19:fb:f7:54:01:0b:cb:c3:a0:
65:5e:7b:88:dd:44:84:49:95:18:b4:be:0c:57:5a:
8b:1a:50:97:b7:f1:48:3c:93:f7:33:2a:b8:d0:59:
86:49:c9:99:20:4a:84:3c:75:44:25:b3:c6:92:c0:
95:a0:3d:70:00:0a:36:11:fa:63:0c:d0:54:d8:2c:
d3:cd:fd:cc:4d:17:23:64:47:1f:57:ac:25:7f:92:
fa:f0:73:88:04:07:51:89:fa:3c:23:8a:9f:5a:b5:
f3:46:ee:c2:a7:f3:0b:a0:01:45:a3:d4:da:20:8a:
44:6f:5f:2e:a6:76:0f:ea:fa:fa:40:e9:9b:a0:23:
5b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3D:15:27:DB:F2:7D:A7:1B:8E:33:EB:B1:55:E8:0E:DD:C6:20:B4
X509v3 Authority Key Identifier:
keyid:7E:44:DC:E9:72:F1:3C:80:E5:34:B2:E6:85:FE:1D:2A:0D:76:15:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/fkTc6XLxPIDlNLLmhf4dKg12FRI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fkTc6XLxPIDlNLLmhf4dKg12FRI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917270F/DC5E74CA08E811EDB9E1B633C4F9AE02/9816C27034EF11EEADA5AE6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.191.162.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:77:91:c3:c4:f3:2b:51:33:a6:69:79:e9:6a:b1:fb:30:85:
7b:1c:c0:d7:32:79:b3:b0:db:ec:a3:89:8d:35:1f:3c:8b:58:
81:ae:39:98:e6:9f:38:e4:97:ea:8d:12:7d:1b:e2:1d:8a:5c:
2e:1e:6b:ff:d4:81:7c:72:8c:d6:30:80:a9:27:6e:08:c9:06:
83:fe:8b:da:c8:33:37:f4:89:fa:dc:77:ec:18:c0:c3:7b:03:
f8:d5:50:c5:28:64:e6:ce:91:e5:f4:fd:ac:8b:47:74:40:7e:
0c:f1:4b:63:7f:b7:8f:b2:3a:d6:b4:33:e4:b2:36:3b:5a:7d:
7a:4c:71:b2:59:81:af:70:06:ab:08:89:d5:d3:e4:76:9c:08:
cc:59:c6:c6:b0:fb:3e:7c:7a:41:ad:74:f5:15:5f:f4:f5:e7:
f8:e4:7d:78:64:9b:b4:ec:28:e3:00:e1:9e:69:b0:ea:8e:3f:
c6:60:69:81:22:f2:50:60:af:55:8e:c1:68:ef:80:6f:c3:cd:
68:38:31:4a:93:8a:69:d6:93:fb:34:fe:a3:bc:ae:3d:2f:6a:
24:01:76:bc:30:4b:94:4b:1a:80:46:06:b9:ca:66:28:d3:af:
b4:0a:e7:ba:f2:46:d5:c8:43:51:8e:20:d6:b5:12:20:a0:78:
87:6d:99:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI3MEYxMTAvBgNVBAUTKDdFNDREQ0U5NzJGMTNDODBFNTM0QjJFNjg1RkUxRDJB
MEQ3NjE1MTIwHhcNMjMwODA3MDY1NjU1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQwOTViNy0zNjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu/Vqi5yZpblzQcKxAPwk+Iw/aJmwKX/OkHb6MezweHfZOYb8ZK2UwE3WWrf4
8/2N4liV3ipDkvlW34HN7oD4IkBy4daRGpqC8HurAudqq0t8NxlVzA9LlQ0ed6Ad
5u/QcCOiOZKTgfFgKJGYPD66EBHdcTj0en0xdGW0DgYZ+/dUAQvLw6BlXnuI3USE
SZUYtL4MV1qLGlCXt/FIPJP3Myq40FmGScmZIEqEPHVEJbPGksCVoD1wAAo2Efpj
DNBU2CzTzf3MTRcjZEcfV6wlf5L68HOIBAdRifo8I4qfWrXzRu7Cp/MLoAFFo9Ta
IIpEb18upnYP6vr6QOmboCNbVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLk9FSfb
8n2nG44z67FV6A7dxiC0MB8GA1UdIwQYMBaAFH5E3Oly8TyA5TSy5oX+HSoNdhUS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjcwRi9EQzVFNzRDQTA4
RTgxMUVEQjlFMUI2MzNDNEY5QUUwMi9ma1RjNlhMeFBJRGxOTExtaGY0ZEtnMTJG
UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZrVGM2WEx4UElEbE5MTG1oZjRkS2cxMkZSSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI3MEYvREM1RTc0Q0EwOEU4MTFFREI5RTFCNjMzQzRGOUFFMDIvOTgxNkMyNzAz
NEVGMTFFRUFEQTVBRTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnv6IwDQYJKoZIhvcNAQELBQADggEBAG13kcPE8ytRM6Zp
eelqsfswhXscwNcyebOw2+yjiY01HzyLWIGuOZjmnzjkl+qNEn0b4h2KXC4ea//U
gXxyjNYwgKknbgjJBoP+i9rIMzf0ifrcd+wYwMN7A/jVUMUoZObOkeX0/ayLR3RA
fgzxS2N/t4+yOta0M+SyNjtafXpMcbJZga9wBqsIidXT5HacCMxZxsaw+z58ekGt
dPUVX/T15/jkfXhkm7TsKOMA4Z5psOqOP8ZgaYEi8lBgr1WOwWjvgG/DzWg4MUqT
imnWk/s0/qO8rj0vaiQBdrwwS5RLGoBGBrnKZijTr7QK57ryRtXIQ1GOINa1EiCg
eIdtmbo=
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:36:19 2025 by rpki-client