Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/69B9C528D9ED11EEA17D726FC4F9AE02.roa
File: 69B9C528D9ED11EEA17D726FC4F9AE02.roa (raw, json)
Hash identifier: O5eEnrPhD/7kwp+l7TS/MNlTKgP3YKKJ/+IinVHHL+8=
Subject key identifier: 6B:75:D6:DB:04:E4:1F:35:9D:0B:AA:95:E5:A7:0F:37:7A:3B:54:CD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8400
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/69B9C528D9ED11EEA17D726FC4F9AE02.roa
Signing time: Mon 04 Mar 2024 06:07:00 +0000
ROA not before: Mon 04 Mar 2024 06:07:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17754
IP address blocks: 103.48.71.0/24 maxlen: 24
103.105.102.0/24 maxlen: 24
103.187.78.0/24 maxlen: 24
113.11.224.0/22 maxlen: 24
113.11.228.0/22 maxlen: 24
175.101.0.0/16 maxlen: 24
202.133.48.0/20 maxlen: 24
202.153.32.0/20 maxlen: 24
2401:fb00::/33 maxlen: 33
2401:fb00::/40 maxlen: 48
2401:fb00:100::/40 maxlen: 48
2401:fb00:200::/40 maxlen: 48
2401:fb00:300::/40 maxlen: 48
2401:fb00:400::/40 maxlen: 48
2401:fb00:500::/40 maxlen: 48
2401:fb00:600::/40 maxlen: 48
2401:fb00:700::/40 maxlen: 48
2401:fb00:800::/40 maxlen: 48
2401:fb00:900::/40 maxlen: 48
2401:fb00:7600::/40 maxlen: 48
2401:fb00:7700::/40 maxlen: 48
2401:fb00:7800::/40 maxlen: 48
2401:fb00:7900::/40 maxlen: 48
2401:fb00:7a00::/40 maxlen: 48
2401:fb00:7b00::/40 maxlen: 48
2401:fb00:7c00::/40 maxlen: 48
2401:fb00:7d00::/40 maxlen: 48
2401:fb00:7e00::/40 maxlen: 48
2401:fb00:7f00::/40 maxlen: 48
2401:fb00:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33792 (0x8400)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 4 06:07:00 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65e56504-2b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0a:2e:78:00:14:9b:5b:13:19:e4:bf:d6:56:
4d:7b:62:58:33:d0:96:8a:9f:b7:62:ba:b2:a9:cf:
36:8d:08:ca:66:71:2b:bb:54:4c:99:0e:58:db:d8:
51:76:b4:e1:40:17:02:e6:d9:ab:de:45:0f:e3:65:
a2:e3:cc:8c:dc:bb:4b:cf:82:0e:e6:c4:d9:3a:65:
c8:67:f6:10:2a:0b:2a:2d:5a:0f:78:19:c2:50:de:
8a:5d:fd:7f:69:88:5e:eb:06:c7:ae:e0:0c:2c:15:
5b:5b:56:17:3b:32:9b:65:a3:6c:41:48:68:83:d4:
da:da:60:fe:a2:fb:07:3c:46:07:5d:b3:57:d3:28:
21:d3:64:8c:47:f7:0c:fd:08:05:c3:95:98:ca:1e:
a0:e4:64:be:bc:30:e5:14:14:29:91:0b:1d:1e:67:
b8:a9:29:e7:ee:d3:df:71:24:10:c5:c7:3a:2c:5c:
24:e9:53:67:69:6f:6e:1b:64:0d:29:0b:63:99:5b:
3f:8a:c8:ad:4c:5e:de:21:0e:18:06:86:51:7f:bc:
8f:17:f3:49:7b:4e:10:d2:fa:6e:c8:63:64:c7:ce:
be:dc:61:71:c6:79:60:ee:17:59:0d:83:1c:66:bf:
03:a2:60:f8:6f:83:bf:fa:82:b8:90:76:4b:c6:8b:
82:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:75:D6:DB:04:E4:1F:35:9D:0B:AA:95:E5:A7:0F:37:7A:3B:54:CD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/69B9C528D9ED11EEA17D726FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.71.0/24
103.105.102.0/24
103.187.78.0/24
113.11.224.0/21
175.101.0.0/16
202.133.48.0/20
202.153.32.0/20
IPv6:
2401:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
52:31:61:fd:27:01:48:87:85:61:2c:bd:c2:72:24:11:17:dc:
ff:87:be:71:55:fe:ed:0b:f1:fe:f0:d1:d6:0e:21:55:19:8e:
1a:aa:6a:6b:f8:0d:ac:e1:96:2d:da:5c:ea:63:3a:de:ec:b2:
b4:d7:ea:1e:db:35:14:64:85:be:50:42:89:07:d4:be:09:79:
cf:05:eb:b3:89:e7:f2:6b:2a:68:8f:a2:3f:6e:73:82:46:9c:
ce:09:42:9f:34:75:03:b2:2f:96:ab:82:97:7a:9f:b9:78:60:
3c:27:a5:ed:3e:a1:d0:0f:77:a7:b5:7c:21:f4:1f:23:40:96:
75:d8:dd:09:36:c3:aa:05:d2:a3:d9:04:6a:5a:99:c5:25:f3:
49:32:84:9b:c7:89:71:b3:f6:67:79:60:62:6b:96:6a:4f:0f:
b8:05:0b:9a:ac:8f:39:5a:19:27:f1:87:7c:6a:2c:d2:91:6b:
55:af:82:b7:e0:76:07:27:6e:7a:b2:fd:fa:c8:e9:71:12:a9:
3a:cd:42:48:01:ae:df:66:11:34:38:70:e2:10:eb:c5:c8:08:
53:1a:4a:28:2d:fa:88:f4:9a:20:0d:42:ff:a7:44:c4:30:0b:
13:c4:df:ed:42:d7:04:8e:05:cd:eb:37:79:75:87:5d:6b:95:
8b:bc:bf:bb
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAIQAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDMwNDA2MDcwMFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVlNTY1MDQtMmI5YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgKLngAFJtbExnkv9ZWTXtiWDPQloqft2K6sqnPNo0IymZxK7tUTJkOWNvY
UXa04UAXAubZq95FD+NlouPMjNy7S8+CDubE2TplyGf2ECoLKi1aD3gZwlDeil39
f2mIXusGx67gDCwVW1tWFzsym2WjbEFIaIPU2tpg/qL7BzxGB12zV9MoIdNkjEf3
DP0IBcOVmMoeoORkvrww5RQUKZELHR5nuKkp5+7T33EkEMXHOixcJOlTZ2lvbhtk
DSkLY5lbP4rIrUxe3iEOGAaGUX+8jxfzSXtOENL6bshjZMfOvtxhccZ5YO4XWQ2D
HGa/A6Jg+G+Dv/qCuJB2S8aLgisCAwEAAaOCAscwggLDMB0GA1UdDgQWBBRrddbb
BOQfNZ0LqpXlpw83ejtUzTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzY5QjlDNTI4
RDlFRDExRUVBMTdENzI2RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFEGCCsGAQUFBwEHAQH/
BEIwQDAvBAIAATApAwQAZzBHAwQAZ2lmAwQAZ7tOAwQDcQvgAwMAr2UDBATKhTAD
BATKmSAwDQQCAAIwBwMFACQB+wAwDQYJKoZIhvcNAQELBQADggEBAFIxYf0nAUiH
hWEsvcJyJBEX3P+HvnFV/u0L8f7w0dYOIVUZjhqqamv4Dazhli3aXOpjOt7ssrTX
6h7bNRRkhb5QQokH1L4Jec8F67OJ5/JrKmiPoj9uc4JGnM4JQp80dQOyL5argpd6
n7l4YDwnpe0+odAPd6e1fCH0HyNAlnXY3Qk2w6oF0qPZBGpamcUl80kyhJvHiXGz
9md5YGJrlmpPD7gFC5qsjzlaGSfxh3xqLNKRa1Wvgrfgdgcnbnqy/frI6XESqTrN
QkgBrt9mETQ4cOIQ68XICFMaSigt+oj0miANQv+nRMQwCxPE3+1C1wSOBc3rN3l1
h11rlYu8v7s=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:54:07 2025 by rpki-client