Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/47DB75CE29E311EEBF9B8583C4F9AE02.roa
File: 47DB75CE29E311EEBF9B8583C4F9AE02.roa (raw, json)
Hash identifier: 8AZozO7L6dw3HYkJkcwdr+9c6bM6wy6KJdnvwDykVEM=
Subject key identifier: 4C:5C:8F:46:D4:65:48:1A:CF:0F:78:F6:D8:C8:6B:BA:71:F3:B9:97
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7603
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/47DB75CE29E311EEBF9B8583C4F9AE02.roa
Signing time: Mon 24 Jul 2023 05:49:31 +0000
ROA not before: Mon 24 Jul 2023 05:49:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132927
IP address blocks: 103.239.12.0/23 maxlen: 24
2401:19a0::/32 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30211 (0x7603)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jul 24 05:49:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64be10eb-c56b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8f:d0:89:a6:9b:c7:52:c1:8a:80:f7:54:73:
41:8c:de:40:36:7e:b5:7e:65:58:93:89:87:12:c4:
ea:ff:f5:90:35:2c:65:6a:f2:8a:13:83:77:3c:32:
e9:2b:62:ff:2a:d2:d9:64:ed:51:43:62:47:5b:26:
86:96:b8:9c:6c:6a:55:76:9e:ca:9c:93:b0:04:c0:
5e:f3:a2:94:7f:24:90:15:10:f8:5d:00:c0:e6:64:
4a:8b:cb:19:78:17:b1:2b:f4:60:d9:62:e7:1b:69:
c4:e0:2c:4c:83:91:5d:4d:4b:a1:34:7d:cf:a8:7d:
af:e1:2d:e7:df:63:02:f5:99:2f:d5:84:ea:c8:ba:
a2:58:ab:74:2b:cb:05:35:2c:b0:2d:1b:22:25:4e:
8a:97:ea:38:b3:2d:b9:8c:f3:71:78:23:db:f2:ff:
df:dc:a1:2f:bd:b7:6f:9a:2c:07:5f:f8:bb:fc:bd:
ac:0f:7b:62:b1:83:dd:1a:fb:6c:80:87:43:6d:ce:
86:71:eb:5a:90:03:a5:fb:68:13:da:63:19:b3:4d:
5f:7f:a0:ed:27:ee:fd:28:ec:87:72:94:fb:70:7a:
5a:06:25:77:e5:62:6c:65:09:d2:cc:a5:6a:3f:93:
f8:06:17:a7:bf:9d:db:b8:47:b7:ae:55:f5:a7:9e:
da:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:5C:8F:46:D4:65:48:1A:CF:0F:78:F6:D8:C8:6B:BA:71:F3:B9:97
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/47DB75CE29E311EEBF9B8583C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.239.12.0/23
IPv6:
2401:19a0::/32
Signature Algorithm: sha256WithRSAEncryption
19:60:9f:62:56:f6:25:2f:da:5a:24:44:1e:1d:bc:e4:3d:3e:
87:b6:6f:4e:af:d1:71:5f:a7:62:00:fb:37:39:76:de:74:45:
5c:ec:22:11:42:f7:41:c7:4e:b3:48:76:7f:9f:3c:a7:3b:e8:
ac:12:a4:3b:d3:f4:09:24:d8:24:bd:40:b0:5c:2f:99:72:4a:
0d:7c:17:b5:d1:e2:47:40:53:4e:d0:71:ad:3d:d5:db:ca:8e:
6a:3d:ef:8c:c9:34:91:b3:96:4d:75:9f:e1:d4:95:57:e5:9d:
e4:91:89:e8:87:04:11:8b:e5:51:a5:bc:68:32:8c:1b:6b:9d:
ab:6a:0c:7c:5d:08:ba:2f:b0:cb:c0:74:37:47:d3:63:fe:cc:
0e:b1:09:71:40:90:5d:ce:64:80:ae:85:86:86:d9:9a:6f:55:
c2:87:9c:2e:6b:1a:d2:ec:4f:5c:25:93:61:ad:c7:a5:7c:33:
c3:64:47:f8:ea:77:a6:8f:5d:d8:f1:17:15:c6:67:d2:3d:d8:
d2:49:bc:34:be:af:73:63:8c:9d:9b:35:6c:3e:b9:6c:2e:f0:
4b:ae:17:8f:99:ed:09:f4:1a:1c:c3:a3:99:80:1e:7b:89:22:
00:4e:93:d4:db:b0:58:4c:e3:73:13:e4:bd:b8:5d:90:2c:3c:
8a:fc:43:2d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICdgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNzI0MDU0OTMxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGJlMTBlYi1jNTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs4/Qiaabx1LBioD3VHNBjN5ANn61fmVYk4mHEsTq//WQNSxlavKKE4N3PDLp
K2L/KtLZZO1RQ2JHWyaGlricbGpVdp7KnJOwBMBe86KUfySQFRD4XQDA5mRKi8sZ
eBexK/Rg2WLnG2nE4CxMg5FdTUuhNH3PqH2v4S3n32MC9Zkv1YTqyLqiWKt0K8sF
NSywLRsiJU6Kl+o4sy25jPNxeCPb8v/f3KEvvbdvmiwHX/i7/L2sD3tisYPdGvts
gIdDbc6GcetakAOl+2gT2mMZs01ff6DtJ+79KOyHcpT7cHpaBiV35WJsZQnSzKVq
P5P4Bhenv53buEe3rlX1p57abQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFExcj0bU
ZUgazw949tjIa7px87mXMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDdEQjc1Q0Uy
OUUzMTFFRUJGOUI4NTgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFn7wwwDQQCAAIwBwMFACQBGaAwDQYJKoZIhvcNAQELBQAD
ggEBABlgn2JW9iUv2lokRB4dvOQ9Poe2b06v0XFfp2IA+zc5dt50RVzsIhFC90HH
TrNIdn+fPKc76KwSpDvT9Akk2CS9QLBcL5lySg18F7XR4kdAU07Qca091dvKjmo9
74zJNJGzlk11n+HUlVflneSRieiHBBGL5VGlvGgyjBtrnatqDHxdCLovsMvAdDdH
02P+zA6xCXFAkF3OZICuhYaG2ZpvVcKHnC5rGtLsT1wlk2Gtx6V8M8NkR/jqd6aP
XdjxFxXGZ9I92NJJvDS+r3NjjJ2bNWw+uWwu8EuuF4+Z7Qn0GhzDo5mAHnuJIgBO
k9TbsFhM43MT5L24XZAsPIr8Qy0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:24:47 2025 by rpki-client