Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/F0C80E40BC5411EA8BEBFF3CC4F9AE02.roa
File: F0C80E40BC5411EA8BEBFF3CC4F9AE02.roa (raw, json)
Hash identifier: Obz2LBhnI6KV1KqkPzvLakz2f64kj23gR0geiTMMjE8=
Subject key identifier: 62:5D:2B:55:F4:EC:E2:77:48:96:97:73:A6:10:A2:FE:34:6D:75:A1
Certificate issuer: /CN=A91809AD/serialNumber=6D7C226A7DCB85F2F49216B7EBB00D5F03A605C3
Certificate serial: 10DE
Authority key identifier: 6D:7C:22:6A:7D:CB:85:F2:F4:92:16:B7:EB:B0:0D:5F:03:A6:05:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bXwian3LhfL0kha367ANXwOmBcM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/F0C80E40BC5411EA8BEBFF3CC4F9AE02.roa
Signing time: Sun 31 Jul 2022 18:24:19 +0000
ROA not before: Sun 31 Jul 2022 18:24:19 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 138039
IP address blocks: 103.120.116.0/24 maxlen: 24
103.120.117.0/24 maxlen: 24
103.120.118.0/24 maxlen: 24
103.120.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4318 (0x10de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91809AD
Validity
Not Before: Jul 31 18:24:19 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62e6c8d2-f5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e4:73:04:04:81:52:c5:cc:3b:4d:05:1a:95:
11:59:c2:f9:86:c1:33:99:a8:05:18:c7:2d:55:04:
fe:ac:45:f5:6f:99:7f:84:ac:05:58:c2:f2:18:d5:
89:3d:22:c1:69:11:e4:3e:23:23:68:04:6c:fb:ec:
4a:9c:18:8b:0e:63:75:9c:e8:fe:6a:cb:ca:c2:87:
43:ae:18:81:69:69:cd:e0:4e:9d:46:48:ef:b5:08:
b0:19:c4:e6:3c:bf:50:09:a1:f4:4f:00:57:99:ab:
f8:50:e9:16:82:25:92:df:b3:e2:be:b0:06:81:f3:
42:9a:9c:0b:ea:e8:23:1d:1c:a6:ab:19:05:4c:b4:
31:32:12:ee:2b:cf:22:c4:b1:57:32:5d:85:09:2a:
b7:4c:d6:3f:99:9b:e9:12:e5:1a:6c:e4:8b:ee:20:
35:9b:bb:ad:42:39:3d:2e:c4:df:d5:8d:67:bb:1e:
ce:0b:f9:19:f0:c3:5c:84:7d:46:c1:17:4c:9b:2f:
a0:f6:ce:d9:d9:a3:42:bf:86:f4:83:e8:00:9d:47:
c9:4d:c4:34:c4:39:25:36:c9:b4:ae:d3:dd:11:fb:
91:83:ab:5a:d9:d1:19:e3:a3:6e:fa:c7:53:a7:c7:
f4:65:41:02:51:ae:5f:4c:59:38:4f:fc:56:40:c9:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5D:2B:55:F4:EC:E2:77:48:96:97:73:A6:10:A2:FE:34:6D:75:A1
X509v3 Authority Key Identifier:
keyid:6D:7C:22:6A:7D:CB:85:F2:F4:92:16:B7:EB:B0:0D:5F:03:A6:05:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/bXwian3LhfL0kha367ANXwOmBcM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bXwian3LhfL0kha367ANXwOmBcM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91809AD/656DD26AA76811E89333C725C4F9AE02/F0C80E40BC5411EA8BEBFF3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.116.0/22
Signature Algorithm: sha256WithRSAEncryption
84:42:3d:ed:43:71:1d:06:1b:0d:2a:a3:70:19:d3:f2:99:41:
56:2e:0d:05:ad:19:29:51:56:0b:de:d2:d1:d5:0a:3a:76:4a:
e3:20:98:3f:0e:1e:ed:62:18:6b:e1:62:b2:a8:8d:3f:7e:61:
09:4f:82:cf:0b:d6:8c:95:24:cc:45:8e:21:a0:f4:1e:fe:cb:
96:ab:9a:fe:fd:0b:12:ef:44:e0:4f:d6:2a:bf:21:3b:a4:e7:
f2:0d:84:6e:06:39:09:5c:d4:d8:e0:52:53:65:fc:91:35:cc:
bf:24:1d:91:23:35:cb:40:84:01:46:68:a6:da:50:41:50:97:
da:87:dc:48:f5:a7:77:65:f6:f7:b8:f2:c7:b2:a9:72:9d:b3:
6a:bb:74:e4:76:ff:95:6c:b7:fe:23:04:c9:b4:5e:14:c9:28:
11:ae:8e:90:1d:7c:b2:ab:5e:61:73:87:98:50:7d:45:1c:b6:
c9:a0:89:f7:3c:7f:3c:6d:d9:f5:e6:28:11:d1:6c:b3:c5:83:
1f:c3:32:67:10:a1:3d:b6:58:71:c1:43:19:e1:27:87:51:b8:
21:24:43:d2:bf:48:35:39:a9:74:53:40:8c:39:ea:8c:6b:c7:
3d:08:02:67:98:1a:74:81:b4:26:b2:ba:45:5b:9c:07:cb:21:
fb:34:cb:7b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA5QUQxMTAvBgNVBAUTKDZEN0MyMjZBN0RDQjg1RjJGNDkyMTZCN0VCQjAwRDVG
MDNBNjA1QzMwHhcNMjIwNzMxMTgyNDE5WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU2YzhkMi1mNWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAweRzBASBUsXMO00FGpURWcL5hsEzmagFGMctVQT+rEX1b5l/hKwFWMLyGNWJ
PSLBaRHkPiMjaARs++xKnBiLDmN1nOj+asvKwodDrhiBaWnN4E6dRkjvtQiwGcTm
PL9QCaH0TwBXmav4UOkWgiWS37PivrAGgfNCmpwL6ugjHRymqxkFTLQxMhLuK88i
xLFXMl2FCSq3TNY/mZvpEuUabOSL7iA1m7utQjk9LsTf1Y1nux7OC/kZ8MNchH1G
wRdMmy+g9s7Z2aNCv4b0g+gAnUfJTcQ0xDklNsm0rtPdEfuRg6ta2dEZ46Nu+sdT
p8f0ZUECUa5fTFk4T/xWQMlj3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGJdK1X0
7OJ3SJaXc6YQov40bXWhMB8GA1UdIwQYMBaAFG18Imp9y4Xy9JIWt+uwDV8DpgXD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDlBRC82NTZERDI2QUE3
NjgxMUU4OTMzM0M3MjVDNEY5QUUwMi9iWHdpYW4zTGhmTDBraGEzNjdBTlh3T21C
Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JYd2lhbjNMaGZMMGtoYTM2N0FOWHdPbUJjTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA5QUQvNjU2REQyNkFBNzY4MTFFODkzMzNDNzI1QzRGOUFFMDIvRjBDODBFNDBC
QzU0MTFFQThCRUJGRjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJneHQwDQYJKoZIhvcNAQELBQADggEBAIRCPe1DcR0GGw0q
o3AZ0/KZQVYuDQWtGSlRVgve0tHVCjp2SuMgmD8OHu1iGGvhYrKojT9+YQlPgs8L
1oyVJMxFjiGg9B7+y5armv79CxLvROBP1iq/ITuk5/INhG4GOQlc1NjgUlNl/JE1
zL8kHZEjNctAhAFGaKbaUEFQl9qH3Ej1p3dl9ve48seyqXKds2q7dOR2/5Vst/4j
BMm0XhTJKBGujpAdfLKrXmFzh5hQfUUctsmgifc8fzxt2fXmKBHRbLPFgx/DMmcQ
oT22WHHBQxnhJ4dRuCEkQ9K/SDU5qXRTQIw56oxrxz0IAmeYGnSBtCayukVbnAfL
Ifs0y3s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:25 2025 by rpki-client