Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/F30CDBB243DA11ED895CC023C4F9AE02.roa
File: F30CDBB243DA11ED895CC023C4F9AE02.roa (raw, json)
Hash identifier: heUbFQP3aLyavZ3346sS7fjJJX8v5scBbJM2hJWRB7w=
Subject key identifier: 9B:EB:CE:10:F9:68:B8:F7:E8:E9:77:D2:BF:A0:CB:F8:F6:F0:3C:E3
Certificate issuer: /CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Certificate serial: 0390
Authority key identifier: 45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/F30CDBB243DA11ED895CC023C4F9AE02.roa
Signing time: Mon 16 Jan 2023 10:13:10 +0000
ROA not before: Mon 16 Jan 2023 10:13:10 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 35913
IP address blocks: 103.31.210.0/24 maxlen: 24
103.31.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912 (0x390)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E5DC
Validity
Not Before: Jan 16 10:13:10 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63c52336-8793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cc:f1:3d:f1:62:b2:1a:01:93:fe:46:05:df:
bd:7e:62:05:1d:b3:69:bd:b3:a8:fd:9b:d2:53:55:
22:ed:6f:8d:2d:46:24:29:37:38:08:b9:50:77:01:
02:ab:50:ec:3f:66:a6:90:8d:89:4e:7e:95:b3:99:
40:bd:ee:a4:75:e2:cb:d1:96:49:59:4c:ee:ee:39:
1e:30:28:b8:ff:ab:9c:db:6e:83:9b:42:25:ef:c3:
0f:28:66:8a:e2:0d:45:81:3e:27:59:cf:40:c5:e8:
26:68:75:97:23:42:a8:78:76:2b:6d:f0:95:9a:22:
2e:93:e1:fa:59:cc:d6:fb:53:ea:74:5e:c1:53:86:
73:63:a8:6b:b4:bf:67:ae:e9:67:7b:1d:bc:4e:c6:
fa:3c:af:27:1a:79:d0:eb:78:94:05:f5:40:8f:6d:
fd:ed:96:df:5d:0d:4a:42:fe:1d:6b:fe:59:10:af:
f3:23:71:d4:e2:d5:f7:58:f3:7a:27:72:e9:41:53:
09:2f:fd:14:8b:f1:d1:a7:1a:07:51:1b:7f:50:6c:
54:68:03:71:f5:21:3e:36:29:2e:cc:39:3e:a9:64:
60:ee:f5:1f:fe:02:ee:31:6a:8e:56:70:5f:74:ed:
9d:01:8e:ef:16:c7:16:a1:80:49:38:74:48:9f:6f:
0d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EB:CE:10:F9:68:B8:F7:E8:E9:77:D2:BF:A0:CB:F8:F6:F0:3C:E3
X509v3 Authority Key Identifier:
keyid:45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/RS-rvfCd335V_Q-dvd1CePRPuIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/F30CDBB243DA11ED895CC023C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.210.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:5e:d5:40:db:46:34:95:70:c7:b1:91:90:eb:61:72:66:3d:
72:a7:2b:e2:1b:e1:8c:6e:07:11:a7:03:46:a6:60:1d:55:65:
be:23:25:28:83:f9:ee:5c:75:34:da:e9:5d:92:48:77:83:06:
38:ca:6a:12:28:4c:d4:de:6e:26:77:43:10:d9:5e:0c:aa:f9:
0c:a5:ce:45:4b:ed:88:74:57:90:5b:46:04:d3:af:6c:70:6b:
22:23:a6:3a:bd:de:e5:8c:de:66:0c:a9:8c:90:2b:64:2e:d7:
0b:53:ce:8b:4a:80:ad:14:89:8e:b7:55:87:b7:19:9f:46:71:
34:da:a9:64:3a:89:07:01:a9:54:79:63:05:46:0e:51:9b:6e:
4e:a2:26:3e:99:52:9c:74:b0:4e:d0:dc:90:03:6b:de:f1:d9:
21:a1:b3:f1:aa:8d:1f:2d:56:64:a2:9f:46:9c:85:3e:5e:3b:
4c:d2:87:74:99:c6:90:cb:4a:06:2c:c4:2d:e7:e8:21:30:48:
a5:d2:26:2f:7a:5e:cd:5b:57:af:f3:be:f9:84:8f:af:bc:6c:
66:b4:97:b3:7f:7d:d6:da:72:7b:f6:ef:aa:b5:19:af:61:52:
61:6e:41:ba:9f:65:e1:d5:d5:c2:ab:31:0a:7f:f7:bb:2e:19:
77:11:70:d6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U1REMxMTAvBgNVBAUTKDQ1MkZBQkJERjA5RERGN0U1NUZEMEY5REJEREQ0Mjc4
RjQ0RkI4ODEwHhcNMjMwMTE2MTAxMzEwWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M1MjMzNi04NzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuczxPfFishoBk/5GBd+9fmIFHbNpvbOo/ZvSU1Ui7W+NLUYkKTc4CLlQdwEC
q1DsP2amkI2JTn6Vs5lAve6kdeLL0ZZJWUzu7jkeMCi4/6uc226Dm0Il78MPKGaK
4g1FgT4nWc9AxegmaHWXI0KoeHYrbfCVmiIuk+H6WczW+1PqdF7BU4ZzY6hrtL9n
rulnex28Tsb6PK8nGnnQ63iUBfVAj2397ZbfXQ1KQv4da/5ZEK/zI3HU4tX3WPN6
J3LpQVMJL/0Ui/HRpxoHURt/UGxUaANx9SE+NikuzDk+qWRg7vUf/gLuMWqOVnBf
dO2dAY7vFscWoYBJOHRIn28NaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJvrzhD5
aLj36Ol30r+gy/j28DzjMB8GA1UdIwQYMBaAFEUvq73wnd9+Vf0Pnb3dQnj0T7iB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTVEQy9CQkUyQjUwMkY4
RUIxMUVCQkVGNUFBMzdDNEY5QUUwMi9SUy1ydmZDZDMzNVZfUS1kdmQxQ2VQUlB1
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTLXJ2ZkNkMzM1Vl9RLWR2ZDFDZVBSUHVJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U1REMvQkJFMkI1MDJGOEVCMTFFQkJFRjVBQTM3QzRGOUFFMDIvRjMwQ0RCQjI0
M0RBMTFFRDg5NUNDMDIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnH9IwDQYJKoZIhvcNAQELBQADggEBAHte1UDbRjSVcMex
kZDrYXJmPXKnK+Ib4YxuBxGnA0amYB1VZb4jJSiD+e5cdTTa6V2SSHeDBjjKahIo
TNTebiZ3QxDZXgyq+QylzkVL7Yh0V5BbRgTTr2xwayIjpjq93uWM3mYMqYyQK2Qu
1wtTzotKgK0UiY63VYe3GZ9GcTTaqWQ6iQcBqVR5YwVGDlGbbk6iJj6ZUpx0sE7Q
3JADa97x2SGhs/GqjR8tVmSin0achT5eO0zSh3SZxpDLSgYsxC3n6CEwSKXSJi96
Xs1bV6/zvvmEj6+8bGa0l7N/fdbacnv276q1Ga9hUmFuQbqfZeHV1cKrMQp/97su
GXcRcNY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:39 2025 by rpki-client