Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/1FC5D7BE67E711ED899D7018C4F9AE02.roa
File: 1FC5D7BE67E711ED899D7018C4F9AE02.roa (raw, json)
Hash identifier: dSBBzwZVD4DfI9RtaeFvuyD2eX0IjwFrmkukbigz+Fk=
Subject key identifier: 71:18:65:E2:D8:21:94:1E:37:35:62:CF:93:00:DB:C3:51:76:2F:25
Certificate issuer: /CN=A9196E05/serialNumber=7FFBDC3F779A8F9965305E7DEE51E6A6C535FFB8
Certificate serial: 0670
Authority key identifier: 7F:FB:DC:3F:77:9A:8F:99:65:30:5E:7D:EE:51:E6:A6:C5:35:FF:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_vcP3eaj5llMF597lHmpsU1_7g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/1FC5D7BE67E711ED899D7018C4F9AE02.roa
Signing time: Sat 19 Nov 2022 08:49:49 +0000
ROA not before: Sat 19 Nov 2022 08:49:49 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132295
IP address blocks: 103.129.32.0/22 maxlen: 22
103.129.32.0/23 maxlen: 23
103.129.32.0/24 maxlen: 24
103.129.33.0/24 maxlen: 24
103.129.34.0/23 maxlen: 23
103.129.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1648 (0x670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196E05, serialNumber=7FFBDC3F779A8F9965305E7DEE51E6A6C535FFB8
Validity
Not Before: Nov 19 08:49:49 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=637898ac-4ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4a:98:49:d3:9e:96:cd:df:71:f2:13:62:5b:
4a:59:e6:f8:72:5a:eb:57:6e:6a:d1:a2:1b:e4:db:
11:f2:35:b9:16:92:e1:06:62:bc:37:75:e4:3b:e2:
6d:63:68:36:45:b7:48:6d:94:95:8d:15:44:34:c4:
00:e3:11:d3:ed:12:f4:30:8f:e1:d8:42:79:d1:69:
44:e7:9a:81:19:00:6d:18:67:f3:af:6d:a4:20:87:
ef:81:0c:4f:eb:3d:d2:3e:b4:c5:65:dd:da:7d:bf:
34:15:ca:0e:9b:04:60:04:67:23:d9:aa:b2:0d:ed:
cd:d0:6c:9b:e9:08:55:54:23:8d:a8:df:d4:6c:9f:
15:85:eb:69:11:ae:c0:d9:51:89:42:c7:f5:85:06:
e5:42:1e:98:ee:0c:78:77:d0:26:76:6e:58:a9:f7:
4a:41:9b:c1:87:ba:34:98:63:e1:55:10:50:d4:9f:
35:7a:13:48:12:32:f4:7c:dc:84:81:ba:28:34:0b:
f3:5a:94:6b:bd:21:db:a4:52:79:d5:c5:09:a3:71:
50:57:96:df:d3:61:b7:b2:87:a2:9a:36:f3:a0:23:
9a:82:2a:3d:b8:2b:e6:43:b7:45:8b:6b:d1:c8:dc:
c4:49:0f:28:fe:b2:66:ab:65:53:c5:c9:ae:a3:88:
d6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:18:65:E2:D8:21:94:1E:37:35:62:CF:93:00:DB:C3:51:76:2F:25
X509v3 Authority Key Identifier:
keyid:7F:FB:DC:3F:77:9A:8F:99:65:30:5E:7D:EE:51:E6:A6:C5:35:FF:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/f_vcP3eaj5llMF597lHmpsU1_7g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_vcP3eaj5llMF597lHmpsU1_7g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/1FC5D7BE67E711ED899D7018C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.32.0/22
Signature Algorithm: sha256WithRSAEncryption
81:c9:bc:9a:a8:a9:bb:a7:63:eb:53:ef:69:0c:aa:ea:22:4a:
98:be:ab:cb:ac:db:ea:5d:57:95:a9:e2:66:35:82:f3:26:a3:
4f:c2:92:ff:d7:de:2b:2d:46:c2:48:cb:f4:18:93:96:09:15:
65:4d:bd:cb:cd:00:4d:95:0b:2f:cb:75:d6:8c:c5:60:d9:15:
e7:a8:47:d5:5a:08:98:36:f8:62:f6:9a:e8:b9:71:18:d9:06:
91:1e:da:cd:99:d9:bc:8b:af:09:64:55:cb:9b:6d:d2:a1:f3:
2a:5b:ae:b8:63:e5:50:e8:41:54:58:2c:12:b3:aa:52:73:25:
93:5d:13:28:25:14:70:1d:f4:ce:61:2e:97:2f:d2:79:91:7b:
d0:c9:5d:76:ac:14:42:a6:4d:04:e7:6b:40:28:1d:fa:b3:1b:
97:76:a6:65:4e:11:9b:8a:7c:38:4e:92:6e:80:90:64:4e:75:
c7:62:1d:55:f0:81:40:a3:92:3d:61:36:7c:75:60:f5:0f:95:
04:02:b6:fb:f3:08:7b:3c:9e:72:38:a6:f6:9e:1f:45:3e:3a:
2a:be:4d:58:65:bf:34:ab:93:1f:ca:66:23:39:26:66:a8:09:
a9:bc:38:31:86:bf:a6:96:bc:2e:14:52:f1:e3:dc:cf:70:31:
c1:6c:4e:91
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTZFMDUxMTAvBgNVBAUTKDdGRkJEQzNGNzc5QThGOTk2NTMwNUU3REVFNTFFNkE2
QzUzNUZGQjgwHhcNMjIxMTE5MDg0OTQ5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc4OThhYy00ZWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8EqYSdOels3fcfITYltKWeb4clrrV25q0aIb5NsR8jW5FpLhBmK8N3XkO+Jt
Y2g2RbdIbZSVjRVENMQA4xHT7RL0MI/h2EJ50WlE55qBGQBtGGfzr22kIIfvgQxP
6z3SPrTFZd3afb80FcoOmwRgBGcj2aqyDe3N0Gyb6QhVVCONqN/UbJ8VhetpEa7A
2VGJQsf1hQblQh6Y7gx4d9Amdm5YqfdKQZvBh7o0mGPhVRBQ1J81ehNIEjL0fNyE
gbooNAvzWpRrvSHbpFJ51cUJo3FQV5bf02G3soeimjbzoCOagio9uCvmQ7dFi2vR
yNzESQ8o/rJmq2VTxcmuo4jWNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHEYZeLY
IZQeNzViz5MA28NRdi8lMB8GA1UdIwQYMBaAFH/73D93mo+ZZTBefe5R5qbFNf+4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkUwNS80Mjk1NTUxMENF
NTMxMUVBOEU4QzkyNENDNEY5QUUwMi9mX3ZjUDNlYWo1bGxNRjU5N2xIbXBzVTFf
N2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZfdmNQM2VhajVsbE1GNTk3bEhtcHNVMV83Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTZFMDUvNDI5NTU1MTBDRTUzMTFFQThFOEM5MjRDQzRGOUFFMDIvMUZDNUQ3QkU2
N0U3MTFFRDg5OUQ3MDE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJngSAwDQYJKoZIhvcNAQELBQADggEBAIHJvJqoqbunY+tT
72kMquoiSpi+q8us2+pdV5Wp4mY1gvMmo0/Ckv/X3istRsJIy/QYk5YJFWVNvcvN
AE2VCy/LddaMxWDZFeeoR9VaCJg2+GL2mui5cRjZBpEe2s2Z2byLrwlkVcubbdKh
8ypbrrhj5VDoQVRYLBKzqlJzJZNdEyglFHAd9M5hLpcv0nmRe9DJXXasFEKmTQTn
a0AoHfqzG5d2pmVOEZuKfDhOkm6AkGROdcdiHVXwgUCjkj1hNnx1YPUPlQQCtvvz
CHs8nnI4pvaeH0U+Oiq+TVhlvzSrkx/KZiM5JmaoCam8ODGGv6aWvC4UUvHj3M9w
McFsTpE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:00:09 2025 by rpki-client