Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/D63B58C0849B11EF86A9C17FC4F9AE02.roa
File: D63B58C0849B11EF86A9C17FC4F9AE02.roa (raw, json)
Hash identifier: Ys2gxIys2N/hn2jIbNvMPW46oeoM0ncTwoG5tpMgdLE=
Subject key identifier: 40:74:FF:6E:77:DE:F1:18:B1:72:C1:5F:0A:D9:F0:CC:E3:02:9F:5A
Certificate issuer: /CN=A91E0D87/serialNumber=725FD977CE734BBA9933F2943DC26939FA0608A7
Certificate serial: 0468
Authority key identifier: 72:5F:D9:77:CE:73:4B:BA:99:33:F2:94:3D:C2:69:39:FA:06:08:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cl_Zd85zS7qZM_KUPcJpOfoGCKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/D63B58C0849B11EF86A9C17FC4F9AE02.roa
Signing time: Mon 07 Oct 2024 11:03:52 +0000
ROA not before: Mon 07 Oct 2024 11:03:52 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 151734
IP address blocks: 103.204.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128 (0x468)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0D87, serialNumber=725FD977CE734BBA9933F2943DC26939FA0608A7
Validity
Not Before: Oct 7 11:03:52 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6703c018-0238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:84:e4:b0:32:58:da:d7:ed:47:ff:90:5e:07:
c8:80:7f:a5:61:85:f0:fa:61:24:49:ca:e1:39:64:
63:0e:d9:53:c9:bd:47:9c:ec:6e:b7:ce:88:a7:d3:
fd:17:de:9e:94:6e:bc:a9:5c:12:36:67:83:94:7d:
74:c7:82:09:82:20:1f:03:3c:e5:61:ea:96:52:da:
09:ff:02:62:04:1c:29:c3:5c:57:dc:33:7a:8f:9b:
e9:f5:a0:42:7c:0f:53:60:67:9a:36:f6:a5:0a:12:
f1:92:cc:00:7f:89:52:98:43:f0:40:25:62:6a:32:
ef:03:1b:4f:1f:04:0a:68:19:d2:82:08:c9:60:7d:
c3:45:e2:c1:e2:d5:d3:e7:82:9d:cb:ba:8e:fe:9c:
5e:3d:d0:30:7f:06:92:8f:c7:8e:60:ef:78:f4:cd:
6f:9a:ba:5c:5a:5b:18:c7:f6:b5:d8:52:76:e9:8a:
b9:27:45:1d:98:dd:bc:ae:0b:ea:3a:a0:34:25:93:
ea:fa:65:8c:c0:77:99:cc:67:9f:b5:d0:37:dc:a9:
e5:30:d1:2b:e6:2d:c8:10:98:0d:0e:45:29:91:8a:
b9:1e:75:82:d4:da:cd:58:0a:5c:de:16:e5:3e:a5:
6e:0f:7c:43:49:fa:cd:a3:bc:2c:98:c9:3e:b0:d3:
54:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:74:FF:6E:77:DE:F1:18:B1:72:C1:5F:0A:D9:F0:CC:E3:02:9F:5A
X509v3 Authority Key Identifier:
keyid:72:5F:D9:77:CE:73:4B:BA:99:33:F2:94:3D:C2:69:39:FA:06:08:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/cl_Zd85zS7qZM_KUPcJpOfoGCKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cl_Zd85zS7qZM_KUPcJpOfoGCKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/D63B58C0849B11EF86A9C17FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.22.0/24
Signature Algorithm: sha256WithRSAEncryption
73:30:55:9f:a3:b3:33:06:2b:81:6b:d6:57:f8:ac:03:cd:ad:
f6:4d:33:d4:a9:62:8e:89:50:83:4f:9e:ff:43:a7:90:8e:81:
b5:0a:0c:f8:87:a4:46:ca:af:d3:24:c4:71:55:e4:54:45:59:
b8:86:38:4e:43:d3:66:f3:13:44:f3:53:3c:e3:e3:ea:73:3e:
96:39:d0:3c:30:57:ea:e7:07:ff:05:89:35:6b:80:b7:23:10:
0c:e9:d0:35:5d:2b:65:2f:48:2e:89:1d:ab:04:0f:b8:60:76:
24:d9:19:0e:36:9d:de:7f:97:10:36:9f:b0:ae:9b:65:d5:b0:
17:87:0e:cf:87:9d:cb:e5:ad:fb:64:cc:02:a8:38:a9:e2:ea:
85:85:60:b5:e2:ac:ad:88:23:73:15:97:c0:35:0a:6f:f7:ca:
58:9c:f8:62:86:21:af:64:d9:de:11:83:c6:1b:79:c4:90:e6:
a9:a8:8e:bb:92:98:09:96:b5:0b:0e:1d:12:31:82:00:bb:a5:
4f:f6:a0:f9:53:e7:b2:b8:6a:1e:1c:98:de:5c:3b:27:06:30:
0c:42:86:20:7b:6f:16:c6:d5:99:ce:13:ed:60:6e:10:05:4f:
3b:c4:6b:f1:3a:2c:95:ee:50:b2:a5:28:2e:ad:b5:17:68:2d:
d5:c2:a1:e3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBEODcxMTAvBgNVBAUTKDcyNUZEOTc3Q0U3MzRCQkE5OTMzRjI5NDNEQzI2OTM5
RkEwNjA4QTcwHhcNMjQxMDA3MTEwMzUyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzAzYzAxOC0wMjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuITksDJY2tftR/+QXgfIgH+lYYXw+mEkScrhOWRjDtlTyb1HnOxut86Ip9P9
F96elG68qVwSNmeDlH10x4IJgiAfAzzlYeqWUtoJ/wJiBBwpw1xX3DN6j5vp9aBC
fA9TYGeaNvalChLxkswAf4lSmEPwQCViajLvAxtPHwQKaBnSggjJYH3DReLB4tXT
54Kdy7qO/pxePdAwfwaSj8eOYO949M1vmrpcWlsYx/a12FJ26Yq5J0UdmN28rgvq
OqA0JZPq+mWMwHeZzGeftdA33KnlMNEr5i3IEJgNDkUpkYq5HnWC1NrNWApc3hbl
PqVuD3xDSfrNo7wsmMk+sNNUyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEB0/253
3vEYsXLBXwrZ8MzjAp9aMB8GA1UdIwQYMBaAFHJf2XfOc0u6mTPylD3CaTn6Bgin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEQ4Ny9GNjgzQ0VGMjIx
RUIxMUVDOTI1MDE4MTlDNEY5QUUwMi9jbF9aZDg1elM3cVpNX0tVUGNKcE9mb0dD
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NsX1pkODV6UzdxWk1fS1VQY0pwT2ZvR0NLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBEODcvRjY4M0NFRjIyMUVCMTFFQzkyNTAxODE5QzRGOUFFMDIvRDYzQjU4QzA4
NDlCMTFFRjg2QTlDMTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnzBYwDQYJKoZIhvcNAQELBQADggEBAHMwVZ+jszMGK4Fr
1lf4rAPNrfZNM9SpYo6JUINPnv9Dp5COgbUKDPiHpEbKr9MkxHFV5FRFWbiGOE5D
02bzE0TzUzzj4+pzPpY50DwwV+rnB/8FiTVrgLcjEAzp0DVdK2UvSC6JHasED7hg
diTZGQ42nd5/lxA2n7Cum2XVsBeHDs+HncvlrftkzAKoOKni6oWFYLXirK2II3MV
l8A1Cm/3ylic+GKGIa9k2d4Rg8YbecSQ5qmojruSmAmWtQsOHRIxggC7pU/2oPlT
57K4ah4cmN5cOycGMAxChiB7bxbG1ZnOE+1gbhAFTzvEa/E6LJXuULKlKC6ttRdo
LdXCoeM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:17:16 2025 by rpki-client