Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/99B9CF7CF8ED11EB922B4F38C4F9AE02.roa
File: 99B9CF7CF8ED11EB922B4F38C4F9AE02.roa (raw, json)
Hash identifier: fO81h2NF+tcEKS8jesgK9lCcFARlZtgVkq3ty61dwww=
Subject key identifier: 18:37:C8:ED:D1:FE:19:73:EA:B2:E2:59:63:EC:19:57:FB:E7:71:35
Certificate issuer: /CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Certificate serial: 0139
Authority key identifier: 45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/99B9CF7CF8ED11EB922B4F38C4F9AE02.roa
Signing time: Mon 10 Jan 2022 15:22:01 +0000
ROA not before: Mon 10 Jan 2022 15:22:01 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 35478
IP address blocks: 103.31.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313 (0x139)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E5DC
Validity
Not Before: Jan 10 15:22:01 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61dc4f19-63ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:36:49:b9:89:ea:86:68:7e:6d:e5:8a:d7:bf:
76:02:59:8d:eb:dd:d6:dd:83:4a:10:b8:8f:15:bf:
97:9b:81:0d:29:eb:20:18:a7:11:fd:be:2d:0f:32:
a0:a2:4c:0f:6d:30:b9:80:5e:d7:82:ba:49:ef:3b:
8a:28:ee:52:1d:9c:89:34:d2:6f:86:e9:77:81:db:
43:7d:c9:87:8c:8c:42:dc:a3:e8:28:51:6b:f2:a5:
fb:9f:b1:f3:90:08:83:d6:94:24:5b:a4:99:76:83:
4e:2e:0a:33:7c:39:db:8c:f3:dc:4e:75:66:ba:f6:
7c:cc:0a:f9:89:f2:16:85:6a:c1:7e:4b:cb:9e:68:
82:10:d3:cb:9a:1a:c9:46:81:19:0f:b3:e1:72:cf:
d4:12:8f:6c:f8:cf:75:a0:56:d7:06:d4:3f:88:51:
eb:d1:07:e1:53:84:0e:0c:4f:ef:79:05:ce:e2:82:
72:ad:60:d7:24:80:06:e9:b9:6a:d2:9d:0c:ca:db:
69:3c:f3:b6:c7:0c:7b:0f:57:1a:61:14:e4:b8:c4:
d7:b1:b4:11:4d:b3:2b:b6:16:7d:c2:49:28:0c:ae:
ab:05:1e:c2:79:59:b2:47:19:32:98:31:6f:79:72:
70:42:0b:37:a6:d6:9a:6b:a4:52:a8:95:17:d9:00:
4b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:37:C8:ED:D1:FE:19:73:EA:B2:E2:59:63:EC:19:57:FB:E7:71:35
X509v3 Authority Key Identifier:
keyid:45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/RS-rvfCd335V_Q-dvd1CePRPuIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/99B9CF7CF8ED11EB922B4F38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.210.0/24
Signature Algorithm: sha256WithRSAEncryption
70:85:5e:fc:1e:ea:e8:db:27:b5:61:33:64:81:8e:1a:55:f9:
7a:82:88:e9:02:e5:e8:1f:b9:c6:7f:a3:e6:27:d4:ea:74:a0:
85:ca:70:66:30:d6:22:8d:72:d5:8d:75:05:32:d2:05:05:d3:
f2:d6:2c:0e:a5:8e:11:fb:5f:80:67:7e:8e:95:c2:c7:ce:3a:
49:9d:98:e5:ce:08:a7:46:1c:42:c1:95:ce:8a:eb:99:72:9b:
b9:08:f7:26:72:78:6c:0b:93:61:a3:2c:0b:7b:ef:4b:6d:df:
b1:d4:be:3a:22:fb:c1:38:d1:8f:83:0a:05:ab:54:15:ba:4b:
d6:2e:f7:63:89:07:00:e9:2d:8d:de:c5:46:67:7a:35:0a:e1:
5f:fd:4c:2e:a1:8c:52:6d:6d:44:67:db:90:1b:10:c4:dd:f5:
4a:82:6c:01:75:c9:4a:69:c7:b5:b4:c9:99:94:fb:fc:cb:45:
78:a1:8f:3c:86:f1:59:37:50:5e:d2:29:93:4f:30:2c:73:10:
2f:4e:0e:9f:99:0e:a9:7f:e9:d3:cb:a5:c7:88:ef:0f:72:99:
c9:4b:f8:13:4c:e5:85:d3:04:ea:96:f5:cf:a2:ee:e7:78:27:
1e:99:21:ad:7e:5f:87:17:8f:68:33:f8:57:1e:16:fe:30:18:
01:78:ab:10
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U1REMxMTAvBgNVBAUTKDQ1MkZBQkJERjA5RERGN0U1NUZEMEY5REJEREQ0Mjc4
RjQ0RkI4ODEwHhcNMjIwMTEwMTUyMjAxWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWRjNGYxOS02M2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7DZJuYnqhmh+beWK1792AlmN693W3YNKELiPFb+Xm4ENKesgGKcR/b4tDzKg
okwPbTC5gF7XgrpJ7zuKKO5SHZyJNNJvhul3gdtDfcmHjIxC3KPoKFFr8qX7n7Hz
kAiD1pQkW6SZdoNOLgozfDnbjPPcTnVmuvZ8zAr5ifIWhWrBfkvLnmiCENPLmhrJ
RoEZD7Phcs/UEo9s+M91oFbXBtQ/iFHr0QfhU4QODE/veQXO4oJyrWDXJIAG6blq
0p0MyttpPPO2xwx7D1caYRTkuMTXsbQRTbMrthZ9wkkoDK6rBR7CeVmyRxkymDFv
eXJwQgs3ptaaa6RSqJUX2QBLMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBg3yO3R
/hlz6rLiWWPsGVf753E1MB8GA1UdIwQYMBaAFEUvq73wnd9+Vf0Pnb3dQnj0T7iB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTVEQy9CQkUyQjUwMkY4
RUIxMUVCQkVGNUFBMzdDNEY5QUUwMi9SUy1ydmZDZDMzNVZfUS1kdmQxQ2VQUlB1
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTLXJ2ZkNkMzM1Vl9RLWR2ZDFDZVBSUHVJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U1REMvQkJFMkI1MDJGOEVCMTFFQkJFRjVBQTM3QzRGOUFFMDIvOTlCOUNGN0NG
OEVEMTFFQjkyMkI0RjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnH9IwDQYJKoZIhvcNAQELBQADggEBAHCFXvwe6ujbJ7Vh
M2SBjhpV+XqCiOkC5egfucZ/o+Yn1Op0oIXKcGYw1iKNctWNdQUy0gUF0/LWLA6l
jhH7X4Bnfo6VwsfOOkmdmOXOCKdGHELBlc6K65lym7kI9yZyeGwLk2GjLAt770tt
37HUvjoi+8E40Y+DCgWrVBW6S9Yu92OJBwDpLY3exUZnejUK4V/9TC6hjFJtbURn
25AbEMTd9UqCbAF1yUppx7W0yZmU+/zLRXihjzyG8Vk3UF7SKZNPMCxzEC9ODp+Z
Dql/6dPLpceI7w9ymclL+BNM5YXTBOqW9c+i7ud4Jx6ZIa1+X4cXj2gz+FceFv4w
GAF4qxA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:38 2025 by rpki-client