Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/FDE7D4120EB411ECBD753970C4F9AE02.roa
File: FDE7D4120EB411ECBD753970C4F9AE02.roa (raw, json)
Hash identifier: 6XREs3SMr7PpZe5UIUXzf2b78m9eg97oQ7HwY8XNWXA=
Subject key identifier: 0F:D2:2F:AB:2E:F0:65:92:A1:D7:6A:47:28:AD:F3:8D:B1:4B:B2:C7
Certificate issuer: /CN=A91CB09E/serialNumber=1760FF71E16BCFEEE7B8D6710D63606799AEF767
Certificate serial: 041B
Authority key identifier: 17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/FDE7D4120EB411ECBD753970C4F9AE02.roa
Signing time: Fri 05 May 2023 03:03:30 +0000
ROA not before: Fri 05 May 2023 03:03:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134428
IP address blocks: 103.136.148.0/24 maxlen: 24
103.136.149.0/24 maxlen: 24
103.136.150.0/24 maxlen: 24
103.136.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1051 (0x41b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB09E
Validity
Not Before: May 5 03:03:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64547202-8082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b8:ba:17:18:99:01:ff:63:3d:3a:a3:ef:a0:
6a:05:64:c8:3b:08:31:e5:bf:13:58:28:76:71:12:
64:fd:ea:09:55:eb:c3:65:bd:35:b1:fe:44:a1:e4:
e3:96:77:8c:52:38:34:bb:84:a0:ff:d3:6c:c3:5f:
ca:e9:53:be:01:40:fd:d4:0e:91:13:f4:a2:84:fe:
1c:cb:fa:43:70:d6:9f:25:81:a5:9c:ea:a5:02:0b:
c2:31:32:76:30:8a:6d:a7:d1:a5:a1:a3:b0:a4:c8:
c7:62:3a:31:d0:02:99:49:ba:94:98:0d:e1:72:b1:
be:14:f1:df:51:39:cc:b9:3f:24:a4:05:66:d1:01:
20:97:4c:ee:2f:6d:43:0d:80:2d:67:fc:97:7f:e1:
00:cb:8a:fb:17:22:35:76:1d:a6:9e:bd:11:46:84:
02:5c:b9:2d:5c:e8:66:45:47:80:99:71:cb:18:69:
8c:16:75:60:b0:2f:09:8c:d8:65:96:e9:a4:d7:e5:
7d:9c:c7:3a:89:7e:b4:61:20:14:81:64:a2:c4:0d:
58:80:63:41:9f:ab:f7:90:99:a3:44:f3:19:a7:5a:
6e:dd:d4:57:d2:f1:9f:72:e2:76:5d:54:29:0a:f5:
9d:2e:d4:d7:62:40:c1:0f:c6:8b:6a:d8:2e:b3:89:
ca:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D2:2F:AB:2E:F0:65:92:A1:D7:6A:47:28:AD:F3:8D:B1:4B:B2:C7
X509v3 Authority Key Identifier:
keyid:17:60:FF:71:E1:6B:CF:EE:E7:B8:D6:71:0D:63:60:67:99:AE:F7:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/F2D_ceFrz-7nuNZxDWNgZ5mu92c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2D_ceFrz-7nuNZxDWNgZ5mu92c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB09E/47119D00D00B11EBB5890E7BC4F9AE02/FDE7D4120EB411ECBD753970C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.148.0/22
Signature Algorithm: sha256WithRSAEncryption
14:19:5c:f8:4c:46:20:1f:6e:29:48:74:f8:f9:27:56:d5:68:
f7:6f:a5:59:1b:10:7c:95:c7:ff:d9:45:52:00:92:83:af:a7:
2b:aa:9b:46:30:08:8f:c4:f7:6b:37:44:d1:c9:2e:43:8c:49:
01:c0:64:9e:68:97:1a:1a:bf:69:43:0f:e0:e6:09:4f:2a:6d:
0b:c8:03:bb:2d:d7:dd:df:9b:af:27:d9:6c:7f:95:f7:1d:67:
77:b3:1f:e1:40:92:fc:95:a9:3f:74:d9:3d:2a:d4:53:82:0a:
04:8c:16:a5:00:31:88:c3:86:68:de:98:f6:25:43:4c:4f:ba:
a9:40:9d:d9:00:39:78:7b:f4:ec:b5:ae:2f:d0:c4:8a:47:1c:
91:5f:04:a2:f7:37:4e:a2:26:95:a0:22:57:b7:51:7f:4c:06:
b2:38:0d:8a:a9:f1:dd:6e:c1:d4:85:79:b1:3f:73:17:23:36:
38:9b:44:b3:3b:6a:b1:2e:6e:18:7d:e8:e3:01:e9:0d:ec:8f:
7b:6a:85:86:19:25:d3:48:47:ca:bc:ce:63:b2:0c:fa:ba:76:
b3:a4:b4:3a:3f:8b:5c:b4:03:5f:86:31:c1:49:ed:76:34:42:
d6:c1:9d:60:fa:ed:30:ae:5f:60:d7:07:84:58:d6:6b:6e:81:
00:4c:db:4b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0IwOUUxMTAvBgNVBAUTKDE3NjBGRjcxRTE2QkNGRUVFN0I4RDY3MTBENjM2MDY3
OTlBRUY3NjcwHhcNMjMwNTA1MDMwMzMwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU0NzIwMi04MDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1bi6FxiZAf9jPTqj76BqBWTIOwgx5b8TWCh2cRJk/eoJVevDZb01sf5EoeTj
lneMUjg0u4Sg/9Nsw1/K6VO+AUD91A6RE/SihP4cy/pDcNafJYGlnOqlAgvCMTJ2
MIptp9GloaOwpMjHYjox0AKZSbqUmA3hcrG+FPHfUTnMuT8kpAVm0QEgl0zuL21D
DYAtZ/yXf+EAy4r7FyI1dh2mnr0RRoQCXLktXOhmRUeAmXHLGGmMFnVgsC8JjNhl
lumk1+V9nMc6iX60YSAUgWSixA1YgGNBn6v3kJmjRPMZp1pu3dRX0vGfcuJ2XVQp
CvWdLtTXYkDBD8aLatgus4nKMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA/SL6su
8GWSoddqRyit842xS7LHMB8GA1UdIwQYMBaAFBdg/3Hha8/u57jWcQ1jYGeZrvdn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjA5RS80NzExOUQwMEQw
MEIxMUVCQjU4OTBFN0JDNEY5QUUwMi9GMkRfY2VGcnotN251Tlp4RFdOZ1o1bXU5
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YyRF9jZUZyei03bnVOWnhEV05nWjVtdTkyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0IwOUUvNDcxMTlEMDBEMDBCMTFFQkI1ODkwRTdCQzRGOUFFMDIvRkRFN0Q0MTIw
RUI0MTFFQ0JENzUzOTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniJQwDQYJKoZIhvcNAQELBQADggEBABQZXPhMRiAfbilI
dPj5J1bVaPdvpVkbEHyVx//ZRVIAkoOvpyuqm0YwCI/E92s3RNHJLkOMSQHAZJ5o
lxoav2lDD+DmCU8qbQvIA7st193fm68n2Wx/lfcdZ3ezH+FAkvyVqT902T0q1FOC
CgSMFqUAMYjDhmjemPYlQ0xPuqlAndkAOXh79Oy1ri/QxIpHHJFfBKL3N06iJpWg
Ile3UX9MBrI4DYqp8d1uwdSFebE/cxcjNjibRLM7arEubhh96OMB6Q3sj3tqhYYZ
JdNIR8q8zmOyDPq6drOktDo/i1y0A1+GMcFJ7XY0QtbBnWD67TCuX2DXB4RY1mtu
gQBM20s=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:04 2025 by rpki-client