Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/A26B8D8C291D11EF8B477672C4F9AE02.roa
File: A26B8D8C291D11EF8B477672C4F9AE02.roa (raw, json)
Hash identifier: EGJImRNUWAKC1/eQbj2XKEJNP6UKYdGhDYH48Ms2uDA=
Subject key identifier: 45:6F:B8:4D:F6:BC:EB:D6:0D:AA:E1:A9:A9:20:AD:CE:44:1F:88:54
Certificate issuer: /CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5
Certificate serial: 091D
Authority key identifier: 0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/A26B8D8C291D11EF8B477672C4F9AE02.roa
Signing time: Thu 13 Jun 2024 00:41:13 +0000
ROA not before: Thu 13 Jun 2024 00:41:13 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 141342
IP address blocks: 103.74.20.0/24 maxlen: 24
103.74.21.0/24 maxlen: 24
103.74.22.0/24 maxlen: 24
103.74.23.0/24 maxlen: 24
103.235.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2333 (0x91d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6943
Validity
Not Before: Jun 13 00:41:13 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=666a4029-c814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:89:aa:77:95:f2:66:1e:5a:d3:e3:79:15:86:
a4:a0:a5:42:58:e5:10:47:a4:9d:1f:9d:e7:35:81:
80:fb:7d:45:ce:32:f8:67:51:1d:a1:7c:7f:13:b9:
61:91:e6:89:92:2c:7a:5b:f1:13:7e:f8:ad:6d:94:
20:6d:5f:67:4d:0a:f5:36:9b:69:dd:bc:57:02:52:
9b:62:39:4a:b0:e3:9e:6c:db:f2:15:24:00:5f:d1:
b9:44:a0:7d:e4:13:d4:79:28:e4:88:e8:06:e7:bf:
a7:66:81:7b:75:5e:81:a5:59:0e:3c:87:72:3a:69:
ca:db:ed:ee:a1:bb:06:94:be:23:c0:62:15:60:af:
a8:86:36:48:7b:74:71:92:e8:ec:7a:a6:2c:a9:4c:
08:91:0a:4c:32:61:f8:0c:de:e8:78:17:13:ca:ef:
7c:47:48:86:0f:6b:3f:aa:fc:f7:5e:fc:b3:c5:c5:
b1:50:78:1b:d4:17:a9:21:37:aa:23:67:68:2c:ee:
c8:9a:99:b0:1c:4c:f4:b3:37:a7:68:d3:ca:dc:e7:
66:cd:44:52:0f:cf:0e:2a:e2:eb:3e:ec:4c:9f:c3:
b9:b2:78:eb:35:96:9f:38:0d:97:9b:c9:9d:f8:35:
8d:c5:86:d2:65:33:8d:b8:95:31:d7:b7:e4:fd:cd:
12:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6F:B8:4D:F6:BC:EB:D6:0D:AA:E1:A9:A9:20:AD:CE:44:1F:88:54
X509v3 Authority Key Identifier:
keyid:0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/CrmfUsmtm-C5wERwz7G2wjYP0PU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/A26B8D8C291D11EF8B477672C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.74.20.0/22
103.235.77.0/24
Signature Algorithm: sha256WithRSAEncryption
90:4d:bb:d4:0f:a0:b4:6c:ad:df:98:e8:86:68:d9:09:a0:f7:
66:29:0b:02:90:0d:fd:d1:55:f6:d0:ae:92:19:c3:bb:98:88:
9e:1f:ae:00:de:a8:a5:31:63:e1:e1:be:8f:0a:dc:a4:97:2e:
f8:ca:6f:6a:a0:58:76:db:ff:66:2b:76:6b:6f:52:75:3b:af:
f1:05:d0:a5:c9:8e:d3:b3:0a:63:a2:1b:13:f2:b7:67:3e:dd:
6a:f3:8d:1f:ab:53:c5:65:e5:1e:21:00:25:f3:8b:17:f2:f3:
32:ac:ab:ca:6b:21:76:38:79:81:34:b9:a2:22:ab:d0:e4:3f:
fa:3a:c8:b9:1a:70:41:4e:70:c8:e1:e6:e8:6c:ba:9e:4c:16:
c7:71:b6:4c:98:b0:c0:96:89:9e:34:a2:d6:2e:f8:3e:9e:d8:
20:a4:8c:3b:45:9e:26:7e:4b:67:d0:06:f1:96:b0:71:dc:85:
b8:02:5d:ac:77:80:eb:47:58:e2:5f:de:61:1c:b5:3c:f8:f7:
d4:49:72:a0:d7:7a:b2:c5:86:11:86:fd:10:fb:54:12:3f:b3:
c0:09:0a:66:b2:12:b2:86:b1:42:01:71:7e:dd:6d:b5:1a:e8:
85:28:ac:8e:7f:ce:33:88:9c:8b:bc:a1:8b:5d:68:5d:2b:10:
1c:24:01:9a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTY5NDMxMTAvBgNVBAUTKDBBQjk5RjUyQzlBRDlCRTBCOUMwNDQ3MENGQjFCNkMy
MzYwRkQwRjUwHhcNMjQwNjEzMDA0MTEzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZhNDAyOS1jODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs4mqd5XyZh5a0+N5FYakoKVCWOUQR6SdH53nNYGA+31FzjL4Z1EdoXx/E7lh
keaJkix6W/ETfvitbZQgbV9nTQr1Nptp3bxXAlKbYjlKsOOebNvyFSQAX9G5RKB9
5BPUeSjkiOgG57+nZoF7dV6BpVkOPIdyOmnK2+3uobsGlL4jwGIVYK+ohjZIe3Rx
kujseqYsqUwIkQpMMmH4DN7oeBcTyu98R0iGD2s/qvz3XvyzxcWxUHgb1BepITeq
I2doLO7ImpmwHEz0szenaNPK3OdmzURSD88OKuLrPuxMn8O5snjrNZafOA2Xm8md
+DWNxYbSZTONuJUx17fk/c0SowIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEVvuE32
vOvWDarhqakgrc5EH4hUMB8GA1UdIwQYMBaAFAq5n1LJrZvgucBEcM+xtsI2D9D1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjk0My9CNzE4MTE2ODhE
NTExMUVBQjhCMjYzODRDNEY5QUUwMi9Dcm1mVXNtdG0tQzV3RVJ3ejdHMndqWVAw
UFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NybWZVc210bS1DNXdFUnd6N0cyd2pZUDBQVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTY5NDMvQjcxODExNjg4RDUxMTFFQUI4QjI2Mzg0QzRGOUFFMDIvQTI2QjhEOEMy
OTFEMTFFRjhCNDc3NjcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnShQDBABn600wDQYJKoZIhvcNAQELBQADggEBAJBNu9QP
oLRsrd+Y6IZo2Qmg92YpCwKQDf3RVfbQrpIZw7uYiJ4frgDeqKUxY+Hhvo8K3KSX
LvjKb2qgWHbb/2YrdmtvUnU7r/EF0KXJjtOzCmOiGxPyt2c+3WrzjR+rU8Vl5R4h
ACXzixfy8zKsq8prIXY4eYE0uaIiq9DkP/o6yLkacEFOcMjh5uhsup5MFsdxtkyY
sMCWiZ40otYu+D6e2CCkjDtFniZ+S2fQBvGWsHHchbgCXax3gOtHWOJf3mEctTz4
99RJcqDXerLFhhGG/RD7VBI/s8AJCmayErKGsUIBcX7dbbUa6IUorI5/zjOInIu8
oYtdaF0rEBwkAZo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:33:58 2025 by rpki-client