Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917EFA9/ED68B5F031A511EEBEF8BD2AC4F9AE02/EE134A3E4DD311EE9AA82946C4F9AE02.roa
File: EE134A3E4DD311EE9AA82946C4F9AE02.roa (raw, json)
Hash identifier: 4QvV/wgj7pRvEnde5T34V3MhN9t4DJ1XKDwkWRNlFX8=
Subject key identifier: 4D:D7:2B:F3:7A:26:C7:3D:3F:3B:B1:73:EB:1A:21:A2:ED:D0:9E:11
Certificate issuer: /CN=A917EFA9/serialNumber=7B91A8B011D619C4271D45203A0E33D9185EF781
Certificate serial: 24
Authority key identifier: 7B:91:A8:B0:11:D6:19:C4:27:1D:45:20:3A:0E:33:D9:18:5E:F7:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e5GosBHWGcQnHUUgOg4z2Rhe94E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917EFA9/ED68B5F031A511EEBEF8BD2AC4F9AE02/EE134A3E4DD311EE9AA82946C4F9AE02.roa
Signing time: Thu 07 Sep 2023 23:12:23 +0000
ROA not before: Thu 07 Sep 2023 23:12:23 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 135889
IP address blocks: 103.79.23.0/24 maxlen: 24
103.102.50.0/23 maxlen: 23
103.102.51.0/24 maxlen: 24
103.102.52.0/24 maxlen: 24
182.16.152.0/22 maxlen: 22
182.16.152.0/24 maxlen: 24
202.62.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36 (0x24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917EFA9, serialNumber=7B91A8B011D619C4271D45203A0E33D9185EF781
Validity
Not Before: Sep 7 23:12:23 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64fa58d6-6489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:e5:77:a1:69:c7:fc:da:67:8f:e9:46:fb:
d6:1b:e6:d2:8b:ff:3e:18:d4:82:d9:aa:fb:9a:9a:
24:b4:3c:17:43:6d:c2:78:d8:22:15:5a:78:72:d1:
3b:3b:1c:90:a3:12:0c:59:b5:37:a3:d7:da:e1:c5:
37:ea:6a:df:86:93:88:17:c1:92:53:7d:4d:7d:f8:
de:89:1f:91:d4:71:57:6a:bc:be:c9:32:d6:43:71:
c4:39:3b:37:32:f2:4a:40:44:60:85:03:f6:39:bd:
f6:01:8a:b9:87:ad:5a:f1:b7:1d:3c:18:aa:2f:27:
ea:88:45:12:5c:48:ff:54:9a:9c:66:6f:00:89:6b:
43:f4:61:f8:4c:27:f8:26:ed:d3:a8:13:a9:12:f3:
72:95:4a:b1:08:42:bf:f9:4d:ed:0d:23:97:89:45:
82:a3:d0:2a:49:91:e0:36:96:7c:7c:60:6b:2e:41:
e3:99:8d:fd:3d:1d:fd:40:e6:51:01:db:69:0a:8e:
a0:53:d7:3f:c6:6a:fc:d1:db:bf:49:39:dc:38:93:
19:fa:97:14:61:4a:34:5e:a3:c2:cc:f5:52:67:b7:
86:ee:ce:81:47:d0:a8:53:7f:f5:a3:23:66:cc:89:
bf:9a:6d:d6:89:db:2e:30:8b:05:33:55:42:d4:a6:
ad:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D7:2B:F3:7A:26:C7:3D:3F:3B:B1:73:EB:1A:21:A2:ED:D0:9E:11
X509v3 Authority Key Identifier:
keyid:7B:91:A8:B0:11:D6:19:C4:27:1D:45:20:3A:0E:33:D9:18:5E:F7:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917EFA9/ED68B5F031A511EEBEF8BD2AC4F9AE02/e5GosBHWGcQnHUUgOg4z2Rhe94E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e5GosBHWGcQnHUUgOg4z2Rhe94E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917EFA9/ED68B5F031A511EEBEF8BD2AC4F9AE02/EE134A3E4DD311EE9AA82946C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.23.0/24
103.102.50.0-103.102.52.255
182.16.152.0/22
202.62.245.0/24
Signature Algorithm: sha256WithRSAEncryption
41:3c:2e:30:72:b4:e0:0e:c3:50:4f:2f:2c:37:95:16:ed:10:
8a:bf:0a:90:9c:87:be:9b:24:48:27:9b:42:8b:05:c5:57:19:
04:90:f7:7b:81:21:eb:b7:49:c8:22:57:75:b1:f8:37:9e:a5:
21:2e:0b:98:b7:68:6d:ff:bd:1d:2b:18:8c:29:5e:e3:d5:bc:
77:5a:d0:6d:a1:a4:4f:bd:88:3f:c2:b5:3b:b1:0d:5c:c6:ac:
b4:6c:f4:16:99:49:ce:f7:08:d6:98:54:bc:65:01:43:66:ce:
a4:b0:d5:7d:33:7f:77:ea:93:e5:5e:26:e3:d4:66:06:cc:80:
cf:2c:2c:cf:b7:66:89:8c:5c:5e:12:22:92:21:2a:8c:35:21:
24:30:e8:ec:6e:01:67:61:c8:ed:04:32:df:13:86:71:08:09:
d1:95:16:1f:ca:a4:1c:2e:01:f7:0d:03:ce:db:59:1f:4e:ab:
05:e9:6f:dc:76:75:0d:fa:17:75:02:55:33:8d:f0:33:23:91:
d5:20:f7:f4:da:0e:16:63:a0:0a:7e:10:16:18:b6:2c:17:83:
8c:d5:d6:cc:cc:38:53:21:fa:54:b7:7d:58:51:bd:72:f1:43:
3e:3d:9e:41:6c:4d:67:ae:2c:69:ff:e2:5d:bd:81:c4:17:cb:
1b:d4:36:aa
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RUZBOTExMC8GA1UEBRMoN0I5MUE4QjAxMUQ2MTlDNDI3MUQ0NTIwM0EwRTMzRDkx
ODVFRjc4MTAeFw0yMzA5MDcyMzEyMjNaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZmE1OGQ2LTY0ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5uuV3oWnH/Npnj+lG+9Yb5tKL/z4Y1ILZqvuamiS0PBdDbcJ42CIVWnhy0Ts7
HJCjEgxZtTej19rhxTfqat+Gk4gXwZJTfU19+N6JH5HUcVdqvL7JMtZDccQ5Ozcy
8kpARGCFA/Y5vfYBirmHrVrxtx08GKovJ+qIRRJcSP9UmpxmbwCJa0P0YfhMJ/gm
7dOoE6kS83KVSrEIQr/5Te0NI5eJRYKj0CpJkeA2lnx8YGsuQeOZjf09Hf1A5lEB
22kKjqBT1z/GavzR279JOdw4kxn6lxRhSjReo8LM9VJnt4buzoFH0KhTf/WjI2bM
ib+abdaJ2y4wiwUzVULUpq2LAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUTdcr83om
xz0/O7Fz6xohou3QnhEwHwYDVR0jBBgwFoAUe5GosBHWGcQnHUUgOg4z2Rhe94Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFRkE5L0VENjhCNUYwMzFB
NTExRUVCRUY4QkQyQUM0RjlBRTAyL2U1R29zQkhXR2NRbkhVVWdPZzR6MlJoZTk0
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZTVHb3NCSFdHY1FuSFVVZ09nNHoyUmhlOTRFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RUZBOS9FRDY4QjVGMDMxQTUxMUVFQkVGOEJEMkFDNEY5QUUwMi9FRTEzNEEzRTRE
RDMxMUVFOUFBODI5NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEAGdPFzAMAwQBZ2YyAwQAZ2Y0AwQCthCYAwQAyj71MA0GCSqG
SIb3DQEBCwUAA4IBAQBBPC4wcrTgDsNQTy8sN5UW7RCKvwqQnIe+myRIJ5tCiwXF
VxkEkPd7gSHrt0nIIld1sfg3nqUhLguYt2ht/70dKxiMKV7j1bx3WtBtoaRPvYg/
wrU7sQ1cxqy0bPQWmUnO9wjWmFS8ZQFDZs6ksNV9M3936pPlXibj1GYGzIDPLCzP
t2aJjFxeEiKSISqMNSEkMOjsbgFnYcjtBDLfE4ZxCAnRlRYfyqQcLgH3DQPO21kf
TqsF6W/cdnUN+hd1AlUzjfAzI5HVIPf02g4WY6AKfhAWGLYsF4OM1dbMzDhTIfpU
t31YUb1y8UM+PZ5BbE1nrixp/+JdvYHEF8sb1Daq
-----END CERTIFICATE-----
Generated at Fri Apr 18 08:08:52 2025 by rpki-client