Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34B12F5C8F2011ECACEDAE84C4F9AE02.roa
File: 34B12F5C8F2011ECACEDAE84C4F9AE02.roa (raw, json)
Hash identifier: G5RKZOyB0dAXd4N2LQFiWQf+KjI04/8H6L6mLE+lBms=
Subject key identifier: C0:82:C6:0E:5F:0D:9C:08:71:6D:01:7A:0C:1F:42:7A:61:5F:43:94
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4887
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34B12F5C8F2011ECACEDAE84C4F9AE02.roa
Signing time: Wed 16 Feb 2022 12:01:43 +0000
ROA not before: Wed 16 Feb 2022 12:01:43 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 142511
IP address blocks: 103.157.150.0/24 maxlen: 24
103.157.151.0/24 maxlen: 24
103.171.24.0/23 maxlen: 24
103.177.178.0/23 maxlen: 24
2001:df0:2840::/48 maxlen: 48
2001:df7:3280::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18567 (0x4887)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 16 12:01:43 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=620ce7a7-80a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ff:b3:0b:a0:07:ea:7f:d1:82:03:07:23:58:
a9:1a:fd:70:11:87:76:2f:02:a2:12:03:31:0b:8c:
b4:c8:f1:17:f4:d1:9e:c1:70:24:34:6c:a0:78:9b:
a5:97:96:23:bb:68:27:3d:57:69:ea:d7:0a:cd:02:
b9:f0:9d:ca:a0:eb:ec:10:ca:ef:d9:a0:4e:ca:77:
64:37:15:37:c6:7f:d5:5e:7a:95:7d:9b:3f:b6:02:
5a:73:05:24:9b:76:3b:71:db:b6:be:81:71:16:3b:
62:c9:1d:33:8d:da:1f:26:53:93:8d:af:5f:18:88:
b6:54:00:bc:d2:28:b2:94:1a:75:51:b7:55:bb:89:
55:0a:ab:51:09:ae:08:ed:78:c8:ef:2c:5d:0c:2d:
32:d1:8e:da:17:ff:d0:93:82:b8:77:2b:27:d2:9e:
58:8e:4f:06:47:5a:5f:f8:a6:02:79:35:c1:03:a8:
cf:64:7b:98:6a:42:a0:48:85:e5:73:7e:21:73:73:
4e:7d:43:18:84:b7:ee:50:78:4f:b3:84:8c:f2:57:
8a:3b:9d:2a:61:72:86:cf:28:17:0d:cb:5e:b9:af:
37:df:66:a3:d1:da:50:65:68:a6:fe:c2:c6:74:af:
55:f5:ae:4d:bf:95:ca:14:3f:d9:b7:af:bd:7f:f7:
49:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:82:C6:0E:5F:0D:9C:08:71:6D:01:7A:0C:1F:42:7A:61:5F:43:94
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34B12F5C8F2011ECACEDAE84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.150.0/23
103.171.24.0/23
103.177.178.0/23
IPv6:
2001:df0:2840::/48
2001:df7:3280::/48
Signature Algorithm: sha256WithRSAEncryption
a1:ee:c5:e2:c9:96:66:42:95:5b:ac:ea:54:76:66:43:49:fe:
5b:7e:b6:b2:2d:8c:f4:f6:ef:2b:6d:da:52:f1:23:5a:0f:7a:
c2:71:5b:d5:b5:9f:51:49:aa:68:05:33:7f:28:16:ac:63:de:
e8:29:0e:88:67:27:9c:52:22:b3:c2:47:f5:b5:a3:4e:e7:e2:
76:58:52:a8:9f:7b:77:66:e1:ff:91:24:49:60:3d:02:6a:3c:
65:a3:10:6b:0c:c7:ba:b5:b8:09:21:0b:5b:e0:60:35:2b:e1:
1e:a2:90:bb:2f:50:82:3f:f4:35:49:84:02:26:07:ca:0a:d1:
09:fa:f7:ca:f6:61:e7:66:6d:2c:89:f3:4a:46:bc:fd:af:db:
e0:f7:96:2d:41:7a:3a:38:49:ef:ab:a7:37:c7:bb:01:a5:d4:
b5:bf:83:ca:05:53:26:20:fb:0b:07:9e:80:94:f5:27:f6:56:
1b:2d:9c:97:72:2b:a9:ce:bf:16:4e:71:62:42:52:2e:47:48:
32:7c:ab:83:8a:a3:48:4d:15:fd:1b:f8:5c:bf:24:13:af:9e:
42:3a:6f:89:16:11:81:d8:0b:4d:5c:8f:3e:4f:24:da:30:0e:
1b:b6:cc:46:c7:05:6b:89:b7:03:6f:ed:be:9f:9b:ce:da:a9:
d3:f0:1f:c4
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICSIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMjE2MTIwMTQzWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBjZTdhNy04MGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArv+zC6AH6n/RggMHI1ipGv1wEYd2LwKiEgMxC4y0yPEX9NGewXAkNGygeJul
l5Yju2gnPVdp6tcKzQK58J3KoOvsEMrv2aBOyndkNxU3xn/VXnqVfZs/tgJacwUk
m3Y7cdu2voFxFjtiyR0zjdofJlOTja9fGIi2VAC80iiylBp1UbdVu4lVCqtRCa4I
7XjI7yxdDC0y0Y7aF//Qk4K4dysn0p5Yjk8GR1pf+KYCeTXBA6jPZHuYakKgSIXl
c34hc3NOfUMYhLfuUHhPs4SM8leKO50qYXKGzygXDcteua8332aj0dpQZWim/sLG
dK9V9a5Nv5XKFD/Zt6+9f/dJlQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFMCCxg5f
DZwIcW0BegwfQnphX0OUMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzRCMTJGNUM4
RjIwMTFFQ0FDRURBRTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MBgEAgABMBIDBAFnnZYDBAFnqxgDBAFnsbIwGAQCAAIwEgMHACABDfAoQAMH
ACABDfcygDANBgkqhkiG9w0BAQsFAAOCAQEAoe7F4smWZkKVW6zqVHZmQ0n+W362
si2M9PbvK23aUvEjWg96wnFb1bWfUUmqaAUzfygWrGPe6CkOiGcnnFIis8JH9bWj
TufidlhSqJ97d2bh/5EkSWA9Amo8ZaMQawzHurW4CSELW+BgNSvhHqKQuy9Qgj/0
NUmEAiYHygrRCfr3yvZh52ZtLInzSka8/a/b4PeWLUF6OjhJ76unN8e7AaXUtb+D
ygVTJiD7CweegJT1J/ZWGy2cl3Irqc6/Fk5xYkJSLkdIMnyrg4qjSE0V/Rv4XL8k
E6+eQjpviRYRgdgLTVyPPk8k2jAOG7bMRscFa4m3A2/tvp+bztqp0/AfxA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:55:37 2025 by rpki-client