Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/90D0F1A694C211EEB2787F1EC4F9AE02.roa
File: 90D0F1A694C211EEB2787F1EC4F9AE02.roa (raw, json)
Hash identifier: IGNWFMi+XxC1+vyn4ZI6HbT8YNaowCIrnHDdA4zbdnI=
Subject key identifier: 25:68:BA:D0:F0:63:54:D1:17:29:51:C8:D6:C0:3C:1D:FF:1F:60:3E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7FA3
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/90D0F1A694C211EEB2787F1EC4F9AE02.roa
Signing time: Thu 07 Dec 2023 05:36:27 +0000
ROA not before: Thu 07 Dec 2023 05:36:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139482
IP address blocks: 103.97.104.0/22 maxlen: 24
103.110.251.0/24 maxlen: 24
103.114.64.0/24 maxlen: 24
103.140.72.0/24 maxlen: 24
103.140.73.0/24 maxlen: 24
103.142.198.0/24 maxlen: 24
103.173.14.0/24 maxlen: 24
103.173.15.0/24 maxlen: 24
103.177.42.0/23 maxlen: 24
103.177.181.0/24 maxlen: 24
103.179.120.0/24 maxlen: 24
103.179.224.0/24 maxlen: 24
103.181.208.0/24 maxlen: 24
103.181.209.0/24 maxlen: 24
103.190.97.0/24 maxlen: 24
2405:9540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32675 (0x7fa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 7 05:36:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=657159db-2508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:58:c1:43:52:58:1b:24:6d:fa:2e:c7:b3:
98:ed:15:89:8f:bf:8e:ea:2f:2f:1a:50:26:ab:fe:
77:5d:e7:45:c8:8f:d0:3c:dd:27:ae:8f:70:71:fa:
8c:c4:c7:61:f0:4b:e2:f8:80:35:b1:ea:30:9c:5c:
01:68:2e:91:3d:99:09:30:84:59:fe:3c:42:1a:88:
be:9b:33:98:7a:44:be:bb:c9:ea:c3:43:4f:0a:ee:
2d:62:3a:70:a8:7e:89:cd:6c:ec:61:73:87:d9:f7:
8b:97:a6:9b:d3:57:fd:37:ce:0d:20:62:47:71:64:
d2:f0:1e:88:f9:3a:f2:e3:43:9f:75:9d:b3:df:d3:
42:9e:53:5b:d9:bb:84:1f:8c:55:6f:2c:69:85:53:
31:46:ff:0b:3f:70:0d:e7:2f:22:16:c1:07:6e:9e:
3b:6a:19:c8:23:2d:7f:51:41:24:14:7e:29:19:42:
0b:1d:7c:c5:36:44:61:17:9e:5c:66:b9:4a:ca:a8:
b2:19:d7:76:2a:97:d8:d7:50:c3:37:d3:e0:b3:a1:
46:d6:e3:55:eb:ae:8c:5f:62:1c:65:96:8b:16:fc:
99:a1:5d:66:2a:77:b4:9a:c2:63:f7:22:26:14:f7:
65:cd:57:e3:2d:b6:9d:09:a3:09:92:a6:d9:bb:f2:
50:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:68:BA:D0:F0:63:54:D1:17:29:51:C8:D6:C0:3C:1D:FF:1F:60:3E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/90D0F1A694C211EEB2787F1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.104.0/22
103.110.251.0/24
103.114.64.0/24
103.140.72.0/23
103.142.198.0/24
103.173.14.0/23
103.177.42.0/23
103.177.181.0/24
103.179.120.0/24
103.179.224.0/24
103.181.208.0/23
103.190.97.0/24
IPv6:
2405:9540::/32
Signature Algorithm: sha256WithRSAEncryption
5d:1a:39:7a:cd:1d:ad:5c:7a:6f:ab:14:e3:4c:f4:fa:69:d1:
55:78:c6:53:d1:b1:64:0d:d2:9e:59:0f:93:04:26:b1:ef:de:
83:25:76:2f:08:07:bf:29:56:78:3f:b9:ac:c2:cf:2a:03:1f:
0b:9c:91:be:44:46:13:fa:50:bb:7e:f2:74:2a:24:33:a0:7d:
98:6e:c4:52:ed:e8:dd:f9:17:fd:82:b3:21:d6:12:96:2a:60:
2b:e9:45:9d:fb:9c:5c:f8:98:7e:82:26:22:af:09:a8:eb:6c:
b6:fd:72:fe:37:9f:47:6d:c0:b5:53:ec:7a:bf:53:28:69:5d:
ec:f1:ca:8f:5d:2d:43:d4:70:88:11:8b:7d:1d:07:67:97:e5:
de:7c:9a:07:f6:13:e2:90:51:6f:3e:3a:5b:b8:a4:31:5b:fc:
10:3a:b8:0b:41:c4:a2:a7:55:82:83:f2:9b:2d:5e:92:bc:e9:
e8:5a:a0:c8:45:a1:94:71:31:1b:c5:bf:27:71:0c:98:32:65:
a8:52:a1:69:a4:80:d1:92:d6:a6:43:bd:b0:f7:5b:75:77:3e:
91:c3:06:63:0a:0f:f6:74:e1:26:38:63:23:86:48:3f:cd:53:
02:87:b9:5d:08:51:61:03:ce:e2:51:03:d0:7c:64:11:a9:cc:
48:ad:53:e7
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgICf6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMjA3MDUzNjI3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcxNTlkYi0yNTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxqhYwUNSWBskbfoux7OY7RWJj7+O6i8vGlAmq/53XedFyI/QPN0nro9wcfqM
xMdh8Evi+IA1seownFwBaC6RPZkJMIRZ/jxCGoi+mzOYekS+u8nqw0NPCu4tYjpw
qH6JzWzsYXOH2feLl6ab01f9N84NIGJHcWTS8B6I+Try40OfdZ2z39NCnlNb2buE
H4xVbyxphVMxRv8LP3AN5y8iFsEHbp47ahnIIy1/UUEkFH4pGUILHXzFNkRhF55c
ZrlKyqiyGdd2KpfY11DDN9Pgs6FG1uNV666MX2IcZZaLFvyZoV1mKne0msJj9yIm
FPdlzVfjLbadCaMJkqbZu/JQbQIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFCVoutDw
Y1TRFylRyNbAPB3/H2A+MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOTBEMEYxQTY5
NEMyMTFFRUIyNzg3RjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E
YTBfME4EAgABMEgDBAJnYWgDBABnbvsDBABnckADBAFnjEgDBABnjsYDBAFnrQ4D
BAFnsSoDBABnsbUDBABns3gDBABns+ADBAFntdADBABnvmEwDQQCAAIwBwMFACQF
lUAwDQYJKoZIhvcNAQELBQADggEBAF0aOXrNHa1cem+rFONM9Ppp0VV4xlPRsWQN
0p5ZD5MEJrHv3oMldi8IB78pVng/uazCzyoDHwuckb5ERhP6ULt+8nQqJDOgfZhu
xFLt6N35F/2CsyHWEpYqYCvpRZ37nFz4mH6CJiKvCajrbLb9cv43n0dtwLVT7Hq/
UyhpXezxyo9dLUPUcIgRi30dB2eX5d58mgf2E+KQUW8+Olu4pDFb/BA6uAtBxKKn
VYKD8pstXpK86ehaoMhFoZRxMRvFvydxDJgyZahSoWmkgNGS1qZDvbD3W3V3PpHD
BmMKD/Z04SY4YyOGSD/NUwKHuV0IUWEDzuJRA9B8ZBGpzEitU+c=
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:13:24 2025 by rpki-client