Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A53244160B6811EFB0BE5162C4F9AE02.roa
File: A53244160B6811EFB0BE5162C4F9AE02.roa (raw, json)
Hash identifier: elXPEfEoxHI2cIbDDhhdmt5hm744eVEcjoIx+FSj9tk=
Subject key identifier: 0D:9B:E4:63:04:D1:55:D0:6D:E9:79:4E:31:B8:63:29:35:5A:9A:9E
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1184
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A53244160B6811EFB0BE5162C4F9AE02.roa
Signing time: Mon 06 May 2024 05:22:35 +0000
ROA not before: Mon 06 May 2024 05:22:35 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 103.151.27.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.250.0/24 maxlen: 24
115.167.49.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.152.0/21 maxlen: 21
202.92.18.0/24 maxlen: 24
202.92.20.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4484 (0x1184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: May 6 05:22:35 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6638691b-8078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:89:0f:a1:5f:5e:cf:5b:26:dc:92:99:d6:0d:
64:78:61:3e:71:90:55:4c:ad:73:5e:f7:a5:c2:63:
94:58:9c:7e:e2:51:62:f1:13:da:66:93:e3:9d:61:
ec:1b:c8:15:1f:16:e2:03:93:72:6e:21:51:55:8b:
21:86:03:50:48:99:68:ef:f1:f7:89:a6:75:40:fe:
b5:5c:44:9a:39:0e:e9:90:e7:55:0b:78:81:f5:a7:
26:76:92:7a:8b:71:3a:15:c5:c5:8c:f3:6a:25:2c:
d1:03:a2:f8:e1:75:ab:ac:b8:c2:e4:ef:70:bd:f5:
7e:9d:74:ca:87:b3:ad:ac:8e:a9:3e:ee:88:1e:f1:
92:69:f4:44:8f:7b:90:f4:37:44:2e:af:c4:52:33:
0d:7d:74:c3:51:2d:da:f4:db:d0:fb:9f:2d:af:02:
01:b8:0f:a9:7e:6b:fd:0c:2e:f5:64:7d:16:02:00:
cf:ac:9d:d9:fb:fe:79:a0:6d:95:d5:82:4d:9c:bb:
b7:11:e0:29:38:06:db:ee:a9:91:78:0e:fa:52:7b:
ea:49:6b:49:31:02:1b:20:9e:a6:e9:a2:c0:f1:aa:
33:3a:fd:98:19:11:a3:2b:cf:1f:71:5e:cd:eb:b2:
0d:c4:52:c2:69:59:8e:7c:80:f3:bc:63:05:f3:f3:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9B:E4:63:04:D1:55:D0:6D:E9:79:4E:31:B8:63:29:35:5A:9A:9E
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/A53244160B6811EFB0BE5162C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.27.0/24
113.203.208.0/24
113.203.216.0/23
113.203.231.0/24
113.203.250.0/24
115.167.49.0/24
115.167.78.0/24
180.178.142.0/24
180.178.152.0/21
202.92.18.0/24
202.92.20.0/24
223.29.227.0/24
223.29.235.0-223.29.236.255
223.29.238.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:0c:91:b1:cc:8b:be:35:64:17:ab:c0:f3:f9:69:b7:89:ae:
ac:00:b2:9a:c0:ba:c7:db:15:e1:05:90:2d:67:25:bc:cf:00:
95:af:07:c3:18:5a:10:43:77:bf:5c:1b:83:3e:4f:89:66:c5:
59:11:12:c0:1d:cb:59:3b:80:4f:d7:d4:ef:5b:6f:5e:0d:b5:
7a:8b:f6:c2:aa:d2:55:9a:a5:6a:27:09:13:de:53:b0:0c:df:
81:c4:92:87:f7:b4:65:5d:d8:b9:20:f8:a4:ce:4c:16:88:a2:
ab:8a:92:d3:e3:a0:92:26:2b:c4:2e:13:bc:34:ee:11:dc:dc:
7c:9e:16:e6:22:8e:04:74:b2:6e:0e:2d:d5:5a:60:6c:6b:26:
c4:12:62:d7:79:47:60:b0:6c:98:19:91:87:3a:d2:b3:51:30:
0d:12:a4:46:0f:9e:ba:72:9d:8b:03:a8:2c:41:ef:ec:ca:cb:
33:4e:06:ac:e8:27:f6:5f:f6:c5:09:f4:f0:d3:45:0f:42:69:
9f:96:82:ed:73:ef:96:b4:da:3e:90:76:37:6e:80:ba:55:10:
fd:92:09:ee:54:5a:13:6d:49:c7:ad:1a:81:1f:53:86:7f:aa:
fa:ab:f1:94:4a:6a:eb:3a:80:49:74:e5:c8:63:fb:ea:46:5e:
68:78:c0:59
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICEYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNTA2MDUyMjM1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4NjkxYi04MDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYkPoV9ez1sm3JKZ1g1keGE+cZBVTK1zXvelwmOUWJx+4lFi8RPaZpPjnWHs
G8gVHxbiA5NybiFRVYshhgNQSJlo7/H3iaZ1QP61XESaOQ7pkOdVC3iB9acmdpJ6
i3E6FcXFjPNqJSzRA6L44XWrrLjC5O9wvfV+nXTKh7OtrI6pPu6IHvGSafREj3uQ
9DdELq/EUjMNfXTDUS3a9NvQ+58trwIBuA+pfmv9DC71ZH0WAgDPrJ3Z+/55oG2V
1YJNnLu3EeApOAbb7qmReA76UnvqSWtJMQIbIJ6m6aLA8aozOv2YGRGjK88fcV7N
67INxFLCaVmOfIDzvGMF8/NgcwIDAQABo4IC6zCCAucwHQYDVR0OBBYEFA2b5GME
0VXQbel5TjG4Yyk1WpqeMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQTUzMjQ0MTYw
QjY4MTFFRkIwQkU1MTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E
ZjBkMGIEAgABMFwDBABnlxsDBABxy9ADBAFxy9gDBABxy+cDBABxy/oDBABzpzED
BABzp04DBAC0so4DBAO0spgDBADKXBIDBADKXBQDBADfHeMwDAMEAN8d6wMEAN8d
7AMEAN8d7jANBgkqhkiG9w0BAQsFAAOCAQEAfAyRscyLvjVkF6vA8/lpt4murACy
msC6x9sV4QWQLWclvM8Ala8HwxhaEEN3v1wbgz5PiWbFWRESwB3LWTuAT9fU71tv
Xg21eov2wqrSVZqlaicJE95TsAzfgcSSh/e0ZV3YuSD4pM5MFoiiq4qS0+OgkiYr
xC4TvDTuEdzcfJ4W5iKOBHSybg4t1VpgbGsmxBJi13lHYLBsmBmRhzrSs1EwDRKk
Rg+eunKdiwOoLEHv7MrLM04GrOgn9l/2xQn08NNFD0Jpn5aC7XPvlrTaPpB2N26A
ulUQ/ZIJ7lRaE21Jx60agR9Thn+q+qvxlEpq6zqASXTlyGP76kZeaHjAWQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:09:53 2025 by rpki-client