Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CEC598CCDD1B11EDB8C7B073C4F9AE02.roa
File: CEC598CCDD1B11EDB8C7B073C4F9AE02.roa (raw, json)
Hash identifier: xHuwDnU7USEOx+UJmGOOt4jlN/OVoNR9EL0A9O/O+8I=
Subject key identifier: 8A:73:73:AB:9F:E7:AA:6E:1A:70:26:76:5B:C2:0E:EC:1B:B1:DC:EC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6883
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CEC598CCDD1B11EDB8C7B073C4F9AE02.roa
Signing time: Mon 17 Apr 2023 12:31:42 +0000
ROA not before: Mon 17 Apr 2023 12:31:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137674
IP address blocks: 103.121.4.0/24 maxlen: 24
103.121.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26755 (0x6883)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Apr 17 12:31:42 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=643d3c2e-c11a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4a:4f:ed:4d:ab:9d:47:fd:e5:6a:65:8a:3e:
90:be:0c:b3:e8:72:c7:d7:1c:d3:f3:22:9a:7a:de:
23:ec:13:31:92:be:61:7b:40:73:43:96:66:26:57:
1d:ee:aa:c7:5f:50:d4:cb:d5:59:b5:aa:47:f9:22:
3e:73:7c:a3:27:f1:34:4d:88:7c:67:55:15:57:06:
83:b6:60:aa:69:48:e0:f2:91:77:05:23:d4:90:75:
da:f2:ff:24:d3:ab:8d:19:d3:a9:80:9c:a9:c7:12:
bd:59:e7:0c:15:7d:09:39:82:01:6b:d8:e1:7a:54:
1b:6c:80:3a:4a:f3:32:85:93:69:19:31:9b:2e:f8:
32:5a:08:e0:4b:99:8b:20:8a:0e:9d:d7:7f:6d:b8:
3f:30:4c:fc:fa:43:d9:8e:2b:59:6d:c5:a8:12:ae:
86:31:cd:ab:13:9b:9f:7c:b3:a8:0b:ac:f6:95:ca:
4f:bc:dd:21:85:74:11:ca:d8:32:6a:ea:12:b5:4a:
d9:8d:c7:54:ea:1f:82:94:24:5c:f9:77:00:cd:7a:
1b:f7:71:59:b1:0b:f0:f2:4a:06:87:94:81:29:25:
cf:74:f1:cd:22:15:c1:58:48:cb:1b:99:f7:e6:be:
d5:d9:b5:dd:57:6e:b2:a4:7f:44:9d:07:ab:67:58:
ab:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:73:73:AB:9F:E7:AA:6E:1A:70:26:76:5B:C2:0E:EC:1B:B1:DC:EC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CEC598CCDD1B11EDB8C7B073C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.4.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:5e:97:a9:92:37:c0:f1:99:70:6f:3f:55:7c:4f:2f:47:ca:
52:33:1e:b7:f9:dc:29:02:38:02:d1:da:49:1e:28:44:e3:d1:
c4:a5:32:9b:9b:d3:90:af:7a:2e:2f:1f:3f:8e:74:73:2b:50:
f6:79:5e:c1:6e:a6:4c:eb:8a:e6:12:bb:6f:7e:4a:85:5c:6a:
9b:a6:7b:e9:12:89:d6:d1:3d:1b:09:37:b7:52:3b:ba:71:a0:
e1:04:c7:8d:ed:3e:13:45:b5:32:b3:dc:b4:ac:c2:17:be:72:
69:f8:9c:50:ea:b8:95:f5:a5:92:e6:bc:5d:a7:27:81:bc:15:
ec:12:16:0f:c7:01:90:27:8a:14:b9:d5:c3:cb:4a:e0:81:35:
da:6d:66:91:7d:5d:b4:7e:c2:f3:42:3e:d2:01:74:38:03:8e:
cf:27:47:a2:48:35:59:86:27:77:fc:60:05:09:6a:16:05:f0:
4c:53:a6:67:38:41:3e:a3:fc:90:f7:a0:c9:8b:74:92:d5:06:
b5:80:9f:25:99:38:38:fa:18:17:a5:52:89:30:ec:2f:3c:58:
7b:00:d4:6e:1d:ea:22:26:03:80:94:58:38:99:6d:31:09:ac:
1d:a9:b5:8e:5b:cf:be:1d:32:a5:02:ac:65:dc:93:0f:23:8c:
fe:d8:60:75
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICaIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNDE3MTIzMTQyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNkM2MyZS1jMTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA00pP7U2rnUf95Wplij6Qvgyz6HLH1xzT8yKaet4j7BMxkr5he0BzQ5ZmJlcd
7qrHX1DUy9VZtapH+SI+c3yjJ/E0TYh8Z1UVVwaDtmCqaUjg8pF3BSPUkHXa8v8k
06uNGdOpgJypxxK9WecMFX0JOYIBa9jhelQbbIA6SvMyhZNpGTGbLvgyWgjgS5mL
IIoOndd/bbg/MEz8+kPZjitZbcWoEq6GMc2rE5uffLOoC6z2lcpPvN0hhXQRytgy
auoStUrZjcdU6h+ClCRc+XcAzXob93FZsQvw8koGh5SBKSXPdPHNIhXBWEjLG5n3
5r7V2bXdV26ypH9EnQerZ1irowIDAQABo4IClTCCApEwHQYDVR0OBBYEFIpzc6uf
56puGnAmdlvCDuwbsdzsMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0VDNTk4Q0NE
RDFCMTFFREI4QzdCMDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFneQQwDQYJKoZIhvcNAQELBQADggEBAD9el6mSN8DxmXBv
P1V8Ty9HylIzHrf53CkCOALR2kkeKETj0cSlMpub05Cvei4vHz+OdHMrUPZ5XsFu
pkzriuYSu29+SoVcapume+kSidbRPRsJN7dSO7pxoOEEx43tPhNFtTKz3LSswhe+
cmn4nFDquJX1pZLmvF2nJ4G8FewSFg/HAZAnihS51cPLSuCBNdptZpF9XbR+wvNC
PtIBdDgDjs8nR6JINVmGJ3f8YAUJahYF8ExTpmc4QT6j/JD3oMmLdJLVBrWAnyWZ
ODj6GBelUokw7C88WHsA1G4d6iImA4CUWDiZbTEJrB2ptY5bz74dMqUCrGXckw8j
jP7YYHU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:21 2025 by rpki-client