Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/30DADE4A35BA11EEBCD10951C4F9AE02.roa
File: 30DADE4A35BA11EEBCD10951C4F9AE02.roa (raw, json)
Hash identifier: wR2mGrvR40IMZztnihpsMU7QsLqcxolgEPV+djJoka4=
Subject key identifier: 16:A4:35:76:BD:DD:8C:C3:B4:F6:18:E9:8E:13:FE:4B:C2:97:FD:84
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7A60
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/30DADE4A35BA11EEBCD10951C4F9AE02.roa
Signing time: Tue 19 Sep 2023 05:52:49 +0000
ROA not before: Tue 19 Sep 2023 05:52:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135232
IP address blocks: 103.117.172.0/24 maxlen: 24
103.117.175.0/24 maxlen: 24
103.129.112.0/23 maxlen: 24
103.133.244.0/23 maxlen: 24
103.149.20.0/23 maxlen: 24
103.158.214.0/24 maxlen: 24
103.158.215.0/24 maxlen: 24
103.163.166.0/23 maxlen: 24
103.170.190.0/23 maxlen: 24
103.221.208.0/22 maxlen: 24
2001:df2:f1c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31328 (0x7a60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Sep 19 05:52:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65093730-02eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c9:69:0a:b0:95:7a:e4:fc:19:85:ed:1a:fe:
04:a2:78:ae:f5:a3:97:32:6c:0a:41:6c:7b:ec:fe:
4a:10:24:af:f6:48:f9:86:26:a8:72:0f:97:9e:c6:
5b:61:93:b0:54:08:f2:87:41:02:ad:45:e3:4d:53:
32:d4:ad:9b:83:38:8e:6a:69:49:51:c7:1c:12:c4:
2b:f1:d8:eb:0d:fb:9b:7b:38:1a:8c:27:24:e3:20:
19:8d:5b:00:a1:b3:ae:d0:a0:91:df:65:8a:eb:c3:
d4:41:53:71:aa:cb:dd:a4:58:98:00:6a:8f:60:bc:
14:6b:04:39:67:25:f1:14:46:e5:85:b1:d8:44:e5:
16:2e:1d:16:b4:69:d2:a1:d8:09:9e:8a:08:64:d3:
a5:04:ca:c2:66:9f:32:c9:ca:5c:a7:d0:e4:6b:df:
e7:3e:5c:2a:d4:75:0b:d8:c3:7e:a0:c6:2a:41:eb:
f9:7a:64:ea:a9:a9:a7:fa:91:50:d7:71:b3:ff:ed:
2a:ae:1b:c8:b6:b8:c6:55:e6:f7:1f:56:3d:07:11:
90:03:6f:c4:5d:5f:de:7b:b0:2d:bc:b4:6a:44:04:
ae:38:47:fa:0b:38:0e:4d:60:f3:aa:3a:0d:42:31:
7b:9d:61:82:b4:47:6a:9c:a1:89:87:60:77:f6:d5:
b8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A4:35:76:BD:DD:8C:C3:B4:F6:18:E9:8E:13:FE:4B:C2:97:FD:84
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/30DADE4A35BA11EEBCD10951C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.172.0/24
103.117.175.0/24
103.129.112.0/23
103.133.244.0/23
103.149.20.0/23
103.158.214.0/23
103.163.166.0/23
103.170.190.0/23
103.221.208.0/22
IPv6:
2001:df2:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
65:2e:66:35:94:ad:2f:09:5c:c1:9f:60:68:7e:69:8a:2d:e7:
ab:75:ca:a1:1a:c1:6f:9c:7c:95:88:d1:c3:cc:30:9f:a7:b4:
0c:74:63:db:00:6b:83:77:9f:c4:49:90:b2:8f:b8:5c:f6:c3:
9c:a0:0d:80:8e:cf:79:c4:06:26:09:3d:5a:6e:cd:1b:fa:ec:
12:a8:b6:3d:6a:62:f6:59:6f:85:bc:0e:ac:82:01:43:7c:8c:
98:22:58:ca:07:ba:36:55:ee:84:2c:c9:44:29:be:d8:d5:59:
8d:db:1d:db:c3:d3:5b:67:e5:c3:b0:08:b3:f6:36:8a:82:b3:
62:b5:cb:26:c2:13:91:31:7a:5c:5a:53:84:b9:fd:a1:58:86:
46:0e:33:17:52:5a:36:98:ab:36:4c:d5:79:66:a6:96:63:5d:
74:a6:75:72:ff:a2:23:1b:af:91:9c:f0:27:3d:23:bc:11:06:
94:f8:b6:ab:d7:c7:c2:92:d0:a7:cb:9a:65:b1:15:3c:8a:09:
80:ad:0b:7d:3e:03:77:6a:b9:ad:95:d7:1c:72:45:41:45:8f:
f6:1c:59:d4:df:00:52:80:70:bf:08:77:8b:6b:13:5f:e9:87:
7b:c8:4c:24:35:71:e5:fd:ac:e1:6d:92:38:20:b4:c5:ff:b5:
6c:8a:93:04
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICemAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwOTE5MDU1MjQ5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA5MzczMC0wMmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp8lpCrCVeuT8GYXtGv4Eoniu9aOXMmwKQWx77P5KECSv9kj5hiaocg+XnsZb
YZOwVAjyh0ECrUXjTVMy1K2bgziOamlJUcccEsQr8djrDfubezgajCck4yAZjVsA
obOu0KCR32WK68PUQVNxqsvdpFiYAGqPYLwUawQ5ZyXxFEblhbHYROUWLh0WtGnS
odgJnooIZNOlBMrCZp8yycpcp9Dka9/nPlwq1HUL2MN+oMYqQev5emTqqamn+pFQ
13Gz/+0qrhvItrjGVeb3H1Y9BxGQA2/EXV/ee7AtvLRqRASuOEf6CzgOTWDzqjoN
QjF7nWGCtEdqnKGJh2B39tW4YQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFBakNXa9
3YzDtPYY6Y4T/kvCl/2EMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzBEQURFNEEz
NUJBMTFFRUJDRDEwOTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPMDwEAgABMDYDBABndawDBABnda8DBAFngXADBAFnhfQDBAFnlRQDBAFnntYD
BAFno6YDBAFnqr4DBAJn3dAwDwQCAAIwCQMHACABDfLxwDANBgkqhkiG9w0BAQsF
AAOCAQEAZS5mNZStLwlcwZ9gaH5pii3nq3XKoRrBb5x8lYjRw8wwn6e0DHRj2wBr
g3efxEmQso+4XPbDnKANgI7PecQGJgk9Wm7NG/rsEqi2PWpi9llvhbwOrIIBQ3yM
mCJYyge6NlXuhCzJRCm+2NVZjdsd28PTW2flw7AIs/Y2ioKzYrXLJsITkTF6XFpT
hLn9oViGRg4zF1JaNpirNkzVeWamlmNddKZ1cv+iIxuvkZzwJz0jvBEGlPi2q9fH
wpLQp8uaZbEVPIoJgK0LfT4Dd2q5rZXXHHJFQUWP9hxZ1N8AUoBwvwh3i2sTX+mH
e8hMJDVx5f2s4W2SOCC0xf+1bIqTBA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:17:23 2025 by rpki-client