Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/286C540C838D11EE9C021039C4F9AE02.roa
File: 286C540C838D11EE9C021039C4F9AE02.roa (raw, json)
Hash identifier: XwJtIyu2rvyH2jIQaUYrfGyGBzaglxy8bxkSNXJSHSo=
Subject key identifier: 9D:15:04:88:EC:9A:70:D2:53:4A:BD:24:F9:77:1A:DF:A0:79:8A:A4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7DBC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/286C540C838D11EE9C021039C4F9AE02.roa
Signing time: Wed 15 Nov 2023 08:01:19 +0000
ROA not before: Wed 15 Nov 2023 08:01:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136367
IP address blocks: 103.179.224.0/23 maxlen: 24
103.180.174.0/24 maxlen: 24
103.180.175.0/24 maxlen: 24
103.180.237.0/24 maxlen: 24
103.181.110.0/24 maxlen: 24
103.181.111.0/24 maxlen: 24
103.189.82.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32188 (0x7dbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 15 08:01:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65547ace-4596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:40:9d:6b:b5:88:dd:74:ec:6f:88:b1:99:fe:
7f:3c:ee:ac:ec:bd:38:b4:f0:cf:1b:ac:67:31:e1:
8b:b6:21:81:43:81:4a:10:81:ad:ba:d8:52:56:28:
fe:95:b3:94:eb:8e:5c:16:fa:9b:d8:ff:d0:d9:70:
1f:65:6a:ca:2c:f2:40:ef:8d:2f:b8:c2:f1:a6:49:
c6:8b:f2:53:c3:eb:44:bb:e8:08:eb:cb:e6:69:be:
51:9b:16:96:b0:3b:d1:5a:dd:37:0d:8b:22:80:1c:
12:32:e3:01:f4:1e:43:e7:a4:40:51:88:51:d7:64:
25:9c:d3:a9:cd:fa:22:c7:a4:f8:1d:b5:81:6b:38:
c8:e5:63:46:4d:72:d6:82:ce:1f:0e:26:e6:99:3e:
92:f4:ad:2f:2b:4b:40:a1:3a:b0:83:e7:45:3b:5a:
03:43:bf:2c:1e:ce:5f:6e:3f:f4:62:4b:36:43:f9:
86:4c:af:48:3d:e7:53:dc:b0:b3:ba:8e:30:bc:c8:
0f:3c:9f:41:5d:e4:2d:3f:6c:f3:a3:84:df:e6:65:
47:fa:92:02:2b:63:9a:bf:31:7e:46:4c:a5:e7:81:
2e:96:25:02:50:87:0a:37:44:ac:5f:f4:56:d4:3b:
ed:ff:af:b0:a0:e9:9a:4a:09:3c:57:82:cf:10:a3:
83:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:15:04:88:EC:9A:70:D2:53:4A:BD:24:F9:77:1A:DF:A0:79:8A:A4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/286C540C838D11EE9C021039C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.224.0/23
103.180.174.0/23
103.180.237.0/24
103.181.110.0/23
103.189.82.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:9a:95:c1:02:a2:ef:75:e9:9a:5f:09:ef:db:6e:aa:65:8d:
26:10:3f:7e:6b:58:67:e7:06:16:53:58:11:e8:b0:b2:a8:f6:
bf:69:87:64:a5:87:e7:0b:99:6b:2a:84:68:5b:91:ef:19:7a:
57:5f:33:85:46:49:19:20:10:3f:7e:81:6f:ef:d8:e4:81:2d:
fe:72:53:9f:e7:b0:29:9e:3e:8f:f6:44:a2:e6:4a:93:34:03:
78:f4:dd:75:13:8e:4e:5a:7f:4b:7e:06:e9:9a:98:b4:1f:65:
f7:83:4f:98:89:90:d9:f3:2b:75:23:45:c6:3c:c9:50:b7:7c:
78:e4:b7:30:6c:f0:10:74:76:f9:be:32:d6:42:d9:a3:74:a6:
35:20:b6:38:11:af:14:6d:9f:d2:ff:e5:c4:97:2d:63:45:eb:
97:59:a2:5a:e8:7e:c2:ed:f4:36:54:21:93:e6:3d:b3:de:00:
12:40:bb:52:fb:ea:8a:d2:21:33:ab:b1:44:2f:d5:57:83:7e:
73:1b:c4:7c:2e:ed:fd:4d:9b:fb:71:23:75:28:1a:99:95:00:
66:78:84:d3:92:15:ce:03:2c:46:66:76:7a:c2:44:3d:dd:7e:
2a:7e:4d:3c:af:48:26:d7:39:cd:92:42:fc:a1:7b:3b:f2:bb:
b5:50:4d:c7
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICfbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTE1MDgwMTE5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU0N2FjZS00NTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwkCda7WI3XTsb4ixmf5/PO6s7L04tPDPG6xnMeGLtiGBQ4FKEIGtuthSVij+
lbOU645cFvqb2P/Q2XAfZWrKLPJA740vuMLxpknGi/JTw+tEu+gI68vmab5RmxaW
sDvRWt03DYsigBwSMuMB9B5D56RAUYhR12QlnNOpzfoix6T4HbWBazjI5WNGTXLW
gs4fDibmmT6S9K0vK0tAoTqwg+dFO1oDQ78sHs5fbj/0Yks2Q/mGTK9IPedT3LCz
uo4wvMgPPJ9BXeQtP2zzo4Tf5mVH+pICK2OavzF+Rkyl54EuliUCUIcKN0SsX/RW
1Dvt/6+woOmaSgk8V4LPEKODgQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJ0VBIjs
mnDSU0q9JPl3Gt+geYqkMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjg2QzU0MEM4
MzhEMTFFRTlDMDIxMDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFns+ADBAFntK4DBABntO0DBAFntW4DBAFnvVIwDQYJKoZI
hvcNAQELBQADggEBAC+alcECou916ZpfCe/bbqpljSYQP35rWGfnBhZTWBHosLKo
9r9ph2Slh+cLmWsqhGhbke8ZeldfM4VGSRkgED9+gW/v2OSBLf5yU5/nsCmePo/2
RKLmSpM0A3j03XUTjk5af0t+BumamLQfZfeDT5iJkNnzK3UjRcY8yVC3fHjktzBs
8BB0dvm+MtZC2aN0pjUgtjgRrxRtn9L/5cSXLWNF65dZolrofsLt9DZUIZPmPbPe
ABJAu1L76orSITOrsUQv1VeDfnMbxHwu7f1Nm/txI3UoGpmVAGZ4hNOSFc4DLEZm
dnrCRD3dfip+TTyvSCbXOc2SQvyhezvyu7VQTcc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:32 2025 by rpki-client