Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/5181C6A4737C11EEAEB8AA1BC4F9AE02.roa
File: 5181C6A4737C11EEAEB8AA1BC4F9AE02.roa (raw, json)
Hash identifier: vasZl3Si1tFvDhByc+jvA1TsOSTx+QKn8Rb1hXrk4/U=
Subject key identifier: BC:A6:9A:9F:0C:CB:19:3E:5C:71:31:D0:B5:2B:43:70:98:D1:C3:80
Certificate issuer: /CN=A918F1C9/serialNumber=398911300104D7C58B326E5664B3D79A2D4646E0
Certificate serial: 08E7
Authority key identifier: 39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/5181C6A4737C11EEAEB8AA1BC4F9AE02.roa
Signing time: Sun 07 Jan 2024 11:14:23 +0000
ROA not before: Sun 07 Jan 2024 11:14:23 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 138167
IP address blocks: 103.121.224.0/24 maxlen: 24
103.121.225.0/24 maxlen: 24
103.121.226.0/24 maxlen: 24
103.121.227.0/24 maxlen: 24
2403:72c0::/32 maxlen: 32
2403:72c0:a100::/40 maxlen: 40
2403:72c0:a200::/40 maxlen: 40
2403:72c0:a300::/40 maxlen: 40
2403:72c0:a400::/40 maxlen: 40
2403:72c0:a500::/40 maxlen: 40
2403:72c0:a600::/40 maxlen: 40
2403:72c0:a700::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2279 (0x8e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F1C9
Validity
Not Before: Jan 7 11:14:23 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=659a878f-a0e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f6:75:eb:30:d5:6c:3f:50:49:fc:9e:e3:47:
0f:cd:cd:cd:50:bb:b0:a5:4a:08:d3:d3:dc:b7:55:
2c:57:ef:53:e6:a1:79:2a:82:03:5b:69:5c:24:78:
81:7f:7d:c4:17:4f:6b:41:ba:d6:84:31:ca:cf:bc:
eb:43:25:12:25:c6:31:35:18:a9:19:59:bb:58:c7:
ec:6a:40:4d:08:67:ee:59:45:8f:7d:07:15:44:82:
ca:b5:00:eb:dd:90:1a:41:16:f8:96:5d:ea:0c:2e:
9b:a6:8d:50:09:2b:ac:fc:d8:7e:a0:62:90:1f:fc:
8d:2c:84:f0:2f:f4:83:78:07:53:d0:f6:5f:93:dc:
6b:d0:40:01:34:bc:c6:d5:05:08:f2:3f:37:6f:3c:
d2:90:0c:a8:0a:75:3e:88:19:e5:cf:9f:55:47:af:
ba:50:f3:92:4d:6e:4a:ad:95:9e:13:30:3d:18:9b:
29:05:ef:29:f2:b4:77:d0:b6:62:2a:20:5a:f2:1f:
ff:76:c7:30:d6:74:e6:5a:de:8b:a6:a0:cf:df:5b:
84:65:ad:08:d7:b4:01:20:ec:17:a6:25:09:fe:c6:
0d:7a:5a:b2:cc:76:d4:7f:78:45:55:bb:6e:85:bc:
3e:62:99:7c:9f:e3:24:04:84:b5:ae:72:f5:6d:a6:
e2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A6:9A:9F:0C:CB:19:3E:5C:71:31:D0:B5:2B:43:70:98:D1:C3:80
X509v3 Authority Key Identifier:
keyid:39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/5181C6A4737C11EEAEB8AA1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.224.0/22
IPv6:
2403:72c0::/32
Signature Algorithm: sha256WithRSAEncryption
18:19:e2:3a:32:07:a7:5e:89:d5:4e:c9:a5:ba:3d:03:e1:45:
20:13:84:58:fc:00:37:26:8d:17:c6:00:9d:26:34:ec:81:be:
9a:46:60:b8:cb:72:f5:a7:ab:81:e4:d2:9b:d9:f4:28:ae:8f:
9b:85:1a:cf:f9:c2:b8:a1:22:dd:6d:ca:36:f1:4f:26:2d:af:
a3:74:e2:d1:83:de:6d:65:18:9a:e0:fe:67:1d:dc:dc:b7:b9:
72:d4:64:44:1c:d5:fb:56:38:c1:57:ba:b8:d0:14:c4:b0:d3:
a2:94:a8:6f:34:74:ba:3b:82:8b:6c:eb:58:02:86:dc:d1:b3:
9a:8b:1d:73:70:05:ec:4d:76:5e:a7:05:fa:26:45:f0:41:0f:
f3:71:26:ef:89:91:48:43:64:dd:60:cf:b6:c3:c9:9e:e6:f6:
72:b9:ea:8c:60:ca:c7:93:71:47:a3:dc:80:45:74:77:7b:56:
80:b3:ff:33:d2:5e:04:63:fe:7d:9b:97:7c:84:0a:32:64:d5:
68:28:dc:6f:b4:58:59:79:52:c1:f2:d8:3b:95:84:df:8f:c9:
4f:30:95:5c:c7:06:6f:04:6a:2e:92:bf:1b:07:2c:1d:7f:ad:
84:0e:d1:69:39:c2:f0:7c:d1:77:58:45:99:17:59:1e:7f:3d:
c4:14:22:67
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEYxQzkxMTAvBgNVBAUTKDM5ODkxMTMwMDEwNEQ3QzU4QjMyNkU1NjY0QjNENzlB
MkQ0NjQ2RTAwHhcNMjQwMTA3MTExNDIzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTlhODc4Zi1hMGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyPZ16zDVbD9QSfye40cPzc3NULuwpUoI09Pct1UsV+9T5qF5KoIDW2lcJHiB
f33EF09rQbrWhDHKz7zrQyUSJcYxNRipGVm7WMfsakBNCGfuWUWPfQcVRILKtQDr
3ZAaQRb4ll3qDC6bpo1QCSus/Nh+oGKQH/yNLITwL/SDeAdT0PZfk9xr0EABNLzG
1QUI8j83bzzSkAyoCnU+iBnlz59VR6+6UPOSTW5KrZWeEzA9GJspBe8p8rR30LZi
KiBa8h//dscw1nTmWt6LpqDP31uEZa0I17QBIOwXpiUJ/sYNelqyzHbUf3hFVbtu
hbw+Ypl8n+MkBIS1rnL1babi6wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLymmp8M
yxk+XHEx0LUrQ3CY0cOAMB8GA1UdIwQYMBaAFDmJETABBNfFizJuVmSz15otRkbg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjFDOS82QTU3QUI4QzdG
OTUxMUVBQjBFRDg1MzdDNEY5QUUwMi9PWWtSTUFFRTE4V0xNbTVXWkxQWG1pMUdS
dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09Za1JNQUVFMThXTE1tNVdaTFBYbWkxR1J1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEYxQzkvNkE1N0FCOEM3Rjk1MTFFQUIwRUQ4NTM3QzRGOUFFMDIvNTE4MUM2QTQ3
MzdDMTFFRUFFQjhBQTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJneeAwDQQCAAIwBwMFACQDcsAwDQYJKoZIhvcNAQELBQAD
ggEBABgZ4joyB6deidVOyaW6PQPhRSAThFj8ADcmjRfGAJ0mNOyBvppGYLjLcvWn
q4Hk0pvZ9Ciuj5uFGs/5wrihIt1tyjbxTyYtr6N04tGD3m1lGJrg/mcd3Ny3uXLU
ZEQc1ftWOMFXurjQFMSw06KUqG80dLo7gots61gChtzRs5qLHXNwBexNdl6nBfom
RfBBD/NxJu+JkUhDZN1gz7bDyZ7m9nK56oxgyseTcUej3IBFdHd7VoCz/zPSXgRj
/n2bl3yECjJk1Wgo3G+0WFl5UsHy2DuVhN+PyU8wlVzHBm8Eai6SvxsHLB1/rYQO
0Wk5wvB80XdYRZkXWR5/PcQUImc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:18:05 2025 by rpki-client