Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/F1F048CC43DA11ED895CC023C4F9AE02.roa
File: F1F048CC43DA11ED895CC023C4F9AE02.roa (raw, json)
Hash identifier: foFlsG3M1j9g9zU/E9KnbMgaunOXtkqSX6Bt2DzfLNg=
Subject key identifier: 14:3C:D2:C4:45:2A:E5:0F:53:8A:D7:C1:75:76:F3:60:30:B3:12:42
Certificate issuer: /CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Certificate serial: 037B
Authority key identifier: 45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/F1F048CC43DA11ED895CC023C4F9AE02.roa
Signing time: Tue 13 Dec 2022 02:51:52 +0000
ROA not before: Tue 13 Dec 2022 02:51:52 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 132502
IP address blocks: 103.31.208.0/24 maxlen: 24
103.31.209.0/24 maxlen: 24
103.31.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 891 (0x37b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E5DC
Validity
Not Before: Dec 13 02:51:52 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6397e8c8-622d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:06:d8:36:c8:52:32:6c:44:97:0b:09:c7:5e:
ee:c2:12:9f:e2:e1:c6:c9:94:3a:9a:53:ff:23:10:
36:da:fc:9c:b6:47:f1:d2:bd:31:0a:d7:99:f4:be:
95:1a:0d:d5:b5:22:48:53:66:d6:e3:f2:de:0d:a8:
5a:51:06:6d:06:b4:8f:58:ec:c3:a6:07:9d:c8:20:
a4:45:cb:14:15:46:75:48:79:c4:76:35:c7:2a:e7:
2c:97:8e:ac:40:dc:37:00:50:64:88:53:9c:65:8b:
1b:6a:92:ac:bf:c8:ed:64:d6:83:86:98:50:67:cc:
af:b4:65:68:ef:52:26:c8:74:69:43:9e:b0:b4:9f:
07:b8:a0:5f:73:4b:1c:67:5d:70:ee:f4:dd:88:07:
39:b5:94:1f:52:42:4b:51:ab:4d:29:06:ab:27:97:
2b:d9:7c:0c:42:c9:41:a2:0e:a1:5a:13:42:a7:e7:
5c:92:1c:d8:b5:a4:9f:17:33:50:b5:38:d2:f6:0f:
d5:d8:14:10:88:73:5e:f0:a0:7b:1c:66:90:c2:60:
89:b7:a6:59:38:ad:9b:27:f5:e8:44:14:2c:35:37:
6c:ed:ea:53:37:42:6d:e6:22:b9:22:8f:6e:1e:3e:
15:54:b6:2d:b4:b2:56:b9:4e:2b:16:9c:b3:8b:27:
88:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3C:D2:C4:45:2A:E5:0F:53:8A:D7:C1:75:76:F3:60:30:B3:12:42
X509v3 Authority Key Identifier:
keyid:45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/RS-rvfCd335V_Q-dvd1CePRPuIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/F1F048CC43DA11ED895CC023C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.208.0-103.31.210.255
Signature Algorithm: sha256WithRSAEncryption
4c:76:15:20:e3:f6:2b:f2:01:4b:ba:36:f8:b8:34:e9:28:e7:
a3:04:3f:39:cb:42:f0:c6:0f:41:47:74:28:56:9f:6c:a9:87:
77:e9:b0:4f:54:88:79:2e:d5:5c:93:aa:d5:a0:cd:1f:cd:51:
97:9c:1d:fc:76:93:41:6b:40:d7:3d:40:14:fe:ca:a7:52:b0:
fd:0a:ea:76:27:58:f1:fc:9d:93:87:f2:f3:46:ae:ba:ae:57:
be:ba:d9:08:7a:ee:6a:f1:bf:24:ee:21:dc:76:80:a3:e2:0f:
8d:86:f3:e3:dd:af:d4:e3:37:bf:b2:e7:bb:34:8d:fd:77:75:
a4:2e:0d:29:c9:ef:03:35:34:48:63:72:ba:92:0d:f7:b2:00:
95:bd:20:aa:d6:39:e2:51:d8:0a:73:1b:25:03:ff:59:cf:58:
ed:34:36:6e:00:48:30:8a:c7:76:18:5b:32:fc:c2:6b:70:77:
9a:08:a9:e1:e8:02:f3:3b:f7:2f:31:d6:9b:a7:21:0e:0b:88:
5d:1b:fa:70:57:8b:d8:0a:fe:b8:6f:74:4b:21:2b:56:6b:59:
93:01:4a:fd:04:8f:95:58:51:1d:f2:89:e8:1e:29:ae:d2:6b:
b7:57:66:84:28:e9:11:ff:bc:46:cc:66:48:9f:a2:65:92:fe:
4f:c1:c3:75
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICA3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U1REMxMTAvBgNVBAUTKDQ1MkZBQkJERjA5RERGN0U1NUZEMEY5REJEREQ0Mjc4
RjQ0RkI4ODEwHhcNMjIxMjEzMDI1MTUyWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzk3ZThjOC02MjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2AbYNshSMmxElwsJx17uwhKf4uHGyZQ6mlP/IxA22vyctkfx0r0xCteZ9L6V
Gg3VtSJIU2bW4/LeDahaUQZtBrSPWOzDpgedyCCkRcsUFUZ1SHnEdjXHKucsl46s
QNw3AFBkiFOcZYsbapKsv8jtZNaDhphQZ8yvtGVo71ImyHRpQ56wtJ8HuKBfc0sc
Z11w7vTdiAc5tZQfUkJLUatNKQarJ5cr2XwMQslBog6hWhNCp+dckhzYtaSfFzNQ
tTjS9g/V2BQQiHNe8KB7HGaQwmCJt6ZZOK2bJ/XoRBQsNTds7epTN0Jt5iK5Io9u
Hj4VVLYttLJWuU4rFpyziyeIiwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFBQ80sRF
KuUPU4rXwXV282AwsxJCMB8GA1UdIwQYMBaAFEUvq73wnd9+Vf0Pnb3dQnj0T7iB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTVEQy9CQkUyQjUwMkY4
RUIxMUVCQkVGNUFBMzdDNEY5QUUwMi9SUy1ydmZDZDMzNVZfUS1kdmQxQ2VQUlB1
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTLXJ2ZkNkMzM1Vl9RLWR2ZDFDZVBSUHVJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U1REMvQkJFMkI1MDJGOEVCMTFFQkJFRjVBQTM3QzRGOUFFMDIvRjFGMDQ4Q0M0
M0RBMTFFRDg5NUNDMDIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEBGcf0AMEAGcf0jANBgkqhkiG9w0BAQsFAAOCAQEATHYV
IOP2K/IBS7o2+Lg06SjnowQ/OctC8MYPQUd0KFafbKmHd+mwT1SIeS7VXJOq1aDN
H81Rl5wd/HaTQWtA1z1AFP7Kp1Kw/QrqdidY8fydk4fy80auuq5XvrrZCHruavG/
JO4h3HaAo+IPjYbz492v1OM3v7LnuzSN/Xd1pC4NKcnvAzU0SGNyupIN97IAlb0g
qtY54lHYCnMbJQP/Wc9Y7TQ2bgBIMIrHdhhbMvzCa3B3mgip4egC8zv3LzHWm6ch
DguIXRv6cFeL2Ar+uG90SyErVmtZkwFK/QSPlVhRHfKJ6B4prtJrt1dmhCjpEf+8
RsxmSJ+iZZL+T8HDdQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:33:11 2025 by rpki-client