Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/2516FFC63F0811ECA5A09C0BC4F9AE02.roa
File: 2516FFC63F0811ECA5A09C0BC4F9AE02.roa (raw, json)
Hash identifier: FkxsLIvxozoxMe+Fr5eGE1OvH2xvNQcCXUGsUwBPMcI=
Subject key identifier: 33:52:5B:7B:A4:14:48:48:8C:B3:67:68:0B:1C:F3:30:9A:17:AB:B4
Certificate issuer: /CN=A9196E05/serialNumber=7FFBDC3F779A8F9965305E7DEE51E6A6C535FFB8
Certificate serial: 0666
Authority key identifier: 7F:FB:DC:3F:77:9A:8F:99:65:30:5E:7D:EE:51:E6:A6:C5:35:FF:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_vcP3eaj5llMF597lHmpsU1_7g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/2516FFC63F0811ECA5A09C0BC4F9AE02.roa
Signing time: Fri 04 Nov 2022 23:09:09 +0000
ROA not before: Fri 04 Nov 2022 23:09:09 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132295
IP address blocks: 103.129.32.0/22 maxlen: 22
103.129.32.0/23 maxlen: 23
103.129.32.0/24 maxlen: 24
103.129.33.0/24 maxlen: 24
103.129.34.0/23 maxlen: 23
103.129.34.0/24 maxlen: 24
103.129.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1638 (0x666)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196E05, serialNumber=7FFBDC3F779A8F9965305E7DEE51E6A6C535FFB8
Validity
Not Before: Nov 4 23:09:09 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63659b95-3618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:87:f6:b2:b7:4e:1c:ce:3f:16:fe:d6:32:de:
d2:28:67:11:95:82:64:e9:06:50:de:81:86:7a:f4:
b7:e6:de:7a:fd:59:9d:c2:c5:0c:9c:fe:cd:4c:eb:
33:df:b5:7e:b5:86:84:1f:ff:d3:cb:1a:47:e9:e7:
10:cc:35:f4:ae:ff:ed:e0:fb:54:7c:99:4e:5c:55:
fc:df:a0:7f:62:97:04:04:85:08:c7:47:97:80:18:
7b:0a:86:c8:d0:f4:c6:1a:37:bd:b6:11:5d:a8:67:
e4:4c:53:8c:fd:a7:2d:a6:f4:0a:4a:f0:9b:49:ca:
6a:66:85:0f:72:7a:d6:75:ad:7e:09:0e:dd:73:4e:
6c:d2:32:5b:fd:bd:8d:7f:72:5d:53:d4:00:c2:38:
01:ea:81:b3:35:6b:50:17:a8:0c:63:e7:ae:73:b5:
d4:91:93:13:f0:da:4a:82:72:15:c8:3f:59:90:84:
d1:41:33:95:cf:17:16:6d:38:83:03:b7:76:eb:f7:
e1:33:39:12:9f:d0:c0:e7:5d:2b:ed:c0:01:8a:43:
ef:95:4b:87:42:b3:01:0f:5e:c2:c6:89:fa:88:91:
bd:63:cd:a1:98:ee:8b:12:1d:77:f8:31:94:61:a1:
ef:51:31:55:8c:dd:be:b4:fd:c5:ce:3c:2d:a7:05:
75:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:52:5B:7B:A4:14:48:48:8C:B3:67:68:0B:1C:F3:30:9A:17:AB:B4
X509v3 Authority Key Identifier:
keyid:7F:FB:DC:3F:77:9A:8F:99:65:30:5E:7D:EE:51:E6:A6:C5:35:FF:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/f_vcP3eaj5llMF597lHmpsU1_7g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_vcP3eaj5llMF597lHmpsU1_7g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196E05/42955510CE5311EA8E8C924CC4F9AE02/2516FFC63F0811ECA5A09C0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:f7:36:c8:f0:f6:a3:fa:e7:10:00:91:58:61:c4:73:f2:47:
28:0f:a6:df:bf:d1:c4:73:fc:b1:b5:a5:1b:62:2e:ba:c3:a3:
11:88:b8:99:fb:62:b1:0e:5d:22:09:17:63:0a:f3:95:d3:7b:
3d:ed:3e:de:81:db:f8:47:c0:02:b3:50:3e:c7:bc:28:af:f4:
63:96:d1:36:2d:f6:28:8c:d0:24:5c:6f:f4:bb:26:0c:1d:0b:
21:9c:93:5a:03:0f:c5:8a:d6:38:b2:3d:4d:21:62:b1:36:84:
7a:aa:74:0a:0f:09:6a:66:cc:54:9a:5f:ff:b1:42:38:bf:f6:
f0:eb:fa:f2:5c:8c:87:f6:41:96:d7:76:5d:e9:66:96:1a:20:
11:65:e7:81:3e:48:cc:0f:9c:f7:d2:69:aa:8d:83:bd:2f:23:
f5:5e:d1:c5:a9:3d:49:34:79:c9:d5:73:f5:eb:d7:da:ba:22:
d0:a5:49:c0:ed:e9:83:96:d6:e8:b1:b3:40:98:2f:8a:d7:be:
26:a3:7a:32:7c:08:b2:3c:ee:fb:0a:87:e1:6c:0e:ba:cb:86:
af:22:56:51:7c:72:1d:67:89:99:d7:53:6b:53:e3:cb:cb:0c:
12:7e:a4:ae:5e:8c:d1:74:5d:22:5a:21:fb:fa:53:8d:2c:4f:
08:58:3d:21
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTZFMDUxMTAvBgNVBAUTKDdGRkJEQzNGNzc5QThGOTk2NTMwNUU3REVFNTFFNkE2
QzUzNUZGQjgwHhcNMjIxMTA0MjMwOTA5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY1OWI5NS0zNjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYf2srdOHM4/Fv7WMt7SKGcRlYJk6QZQ3oGGevS35t56/VmdwsUMnP7NTOsz
37V+tYaEH//TyxpH6ecQzDX0rv/t4PtUfJlOXFX836B/YpcEBIUIx0eXgBh7CobI
0PTGGje9thFdqGfkTFOM/actpvQKSvCbScpqZoUPcnrWda1+CQ7dc05s0jJb/b2N
f3JdU9QAwjgB6oGzNWtQF6gMY+euc7XUkZMT8NpKgnIVyD9ZkITRQTOVzxcWbTiD
A7d26/fhMzkSn9DA510r7cABikPvlUuHQrMBD17Cxon6iJG9Y82hmO6LEh13+DGU
YaHvUTFVjN2+tP3FzjwtpwV11wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDNSW3uk
FEhIjLNnaAsc8zCaF6u0MB8GA1UdIwQYMBaAFH/73D93mo+ZZTBefe5R5qbFNf+4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkUwNS80Mjk1NTUxMENF
NTMxMUVBOEU4QzkyNENDNEY5QUUwMi9mX3ZjUDNlYWo1bGxNRjU5N2xIbXBzVTFf
N2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZfdmNQM2VhajVsbE1GNTk3bEhtcHNVMV83Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTZFMDUvNDI5NTU1MTBDRTUzMTFFQThFOEM5MjRDQzRGOUFFMDIvMjUxNkZGQzYz
RjA4MTFFQ0E1QTA5QzBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJngSAwDQYJKoZIhvcNAQELBQADggEBALj3Nsjw9qP65xAA
kVhhxHPyRygPpt+/0cRz/LG1pRtiLrrDoxGIuJn7YrEOXSIJF2MK85XTez3tPt6B
2/hHwAKzUD7HvCiv9GOW0TYt9iiM0CRcb/S7JgwdCyGck1oDD8WK1jiyPU0hYrE2
hHqqdAoPCWpmzFSaX/+xQji/9vDr+vJcjIf2QZbXdl3pZpYaIBFl54E+SMwPnPfS
aaqNg70vI/Ve0cWpPUk0ecnVc/Xr19q6ItClScDt6YOW1uixs0CYL4rXviajejJ8
CLI87vsKh+FsDrrLhq8iVlF8ch1niZnXU2tT48vLDBJ+pK5ejNF0XSJaIfv6U40s
TwhYPSE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:53:08 2025 by rpki-client