Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0847F33C40E711ED819E7369C4F9AE02.roa
File: 0847F33C40E711ED819E7369C4F9AE02.roa (raw, json)
Hash identifier: 0bVpQPmak2gxwkU4wtfQ02eSEGu8DUP1JgdYEuD9bqI=
Subject key identifier: 28:97:B0:A4:35:01:96:3F:F5:B6:EE:EA:5B:3F:23:EB:17:7C:C5:18
Certificate issuer: /CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Certificate serial: 0598
Authority key identifier: 24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0847F33C40E711ED819E7369C4F9AE02.roa
Signing time: Sat 26 Aug 2023 23:00:12 +0000
ROA not before: Sat 26 Aug 2023 23:00:12 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 139088
IP address blocks: 103.152.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1432 (0x598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E99B, serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Validity
Not Before: Aug 26 23:00:12 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64ea83fc-04b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:09:e0:3c:09:28:d2:c7:af:06:88:73:2b:
c2:ac:c7:87:2f:f4:b1:2e:78:14:27:25:f8:7d:a9:
91:cb:ea:47:74:c3:f7:95:a4:58:d3:7a:a4:f7:b3:
fe:ce:fe:7b:0d:86:de:42:ba:f1:aa:6b:40:d8:21:
67:b2:c7:1f:b8:05:07:d5:80:30:8f:6c:76:d4:42:
74:3e:3f:21:74:d5:8a:70:25:a7:62:de:f1:e5:77:
d7:f4:e5:6c:38:d2:2d:26:b5:1b:2c:e0:37:67:30:
82:39:5f:6c:15:ca:5e:0c:c2:bc:8f:cf:de:d3:42:
4d:df:bf:7c:78:1d:de:44:4a:f5:2c:b9:7d:00:cb:
9f:7c:f7:39:ef:88:2b:02:9c:e7:1f:5b:c1:df:86:
15:21:12:7f:b5:44:80:17:37:85:41:39:ce:ff:9b:
5d:48:d8:dd:d1:f2:7b:d2:36:3a:6c:a3:61:67:7f:
46:1a:4f:04:68:64:7e:66:29:41:61:f4:06:b1:1e:
ae:a5:ce:3e:f7:79:e7:de:e9:37:f9:df:f8:1c:f2:
7f:15:d1:32:8b:d8:df:4c:8a:63:c2:8f:1f:56:aa:
32:f9:5a:f3:1a:00:fe:b3:09:4b:93:15:51:28:25:
1e:6b:5e:f2:3d:f7:55:97:cc:cd:18:2d:0c:2d:ca:
f8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:97:B0:A4:35:01:96:3F:F5:B6:EE:EA:5B:3F:23:EB:17:7C:C5:18
X509v3 Authority Key Identifier:
keyid:24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/JG9qS-FbAM_sDcOZpehDn5OckXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0847F33C40E711ED819E7369C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.101.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4d:d5:d9:c5:ce:05:a5:1a:a2:f3:c1:89:5e:47:3b:74:04:
9e:e2:f1:bf:4b:0d:6b:21:43:45:f8:bd:ca:f7:b1:f1:7f:34:
f6:b4:5b:a9:9d:40:3d:a3:94:4c:71:31:c8:22:ba:cb:80:c6:
ca:d0:cb:5c:da:a9:46:4f:15:e2:01:6a:9e:6d:21:15:b2:73:
a9:d4:28:5e:a8:b8:1a:e2:68:b8:2a:b3:49:77:65:ba:61:e4:
bb:5e:52:37:13:e9:3b:b3:53:71:35:17:46:11:ff:26:e8:a1:
86:7e:01:12:6c:dc:1d:cd:87:97:23:74:1e:95:2e:00:a6:11:
b0:72:4d:12:4c:a3:89:01:80:06:04:a9:cf:db:e2:34:c4:72:
3a:7d:3d:8a:8e:03:26:36:6c:71:e0:cb:5c:37:97:75:78:b1:
b4:3d:8c:10:14:c2:4b:11:db:57:45:13:9d:fb:b0:e3:22:12:
1f:08:e6:67:c1:18:01:4d:d2:1a:4f:4b:9e:95:de:7c:60:de:
ca:b8:2b:95:7c:e1:fe:ae:9b:ea:9c:b3:02:f0:1f:08:ac:21:
e6:39:9f:f3:26:af:75:b9:87:5e:b9:48:7c:07:9c:75:7c:94:
be:8c:8a:d9:f8:71:d3:34:b5:0a:ad:31:63:e2:23:a8:01:9b:
c9:b8:99:bd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OUIxMTAvBgNVBAUTKDI0NkY2QTRCRTE1QjAwQ0ZFQzBEQzM5OUE1RTg0MzlG
OTM5QzkxNzQwHhcNMjMwODI2MjMwMDEyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVhODNmYy0wNGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoUkJ4DwJKNLHrwaIcyvCrMeHL/SxLngUJyX4famRy+pHdMP3laRY03qk97P+
zv57DYbeQrrxqmtA2CFnsscfuAUH1YAwj2x21EJ0Pj8hdNWKcCWnYt7x5XfX9OVs
ONItJrUbLOA3ZzCCOV9sFcpeDMK8j8/e00JN3798eB3eREr1LLl9AMuffPc574gr
ApznH1vB34YVIRJ/tUSAFzeFQTnO/5tdSNjd0fJ70jY6bKNhZ39GGk8EaGR+ZilB
YfQGsR6upc4+93nn3uk3+d/4HPJ/FdEyi9jfTIpjwo8fVqoy+VrzGgD+swlLkxVR
KCUea17yPfdVl8zNGC0MLcr44QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCiXsKQ1
AZY/9bbu6ls/I+sXfMUYMB8GA1UdIwQYMBaAFCRvakvhWwDP7A3DmaXoQ5+TnJF0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5Qi83MzNEQTRFODVC
MzMxMUVCODAwQ0I4MENDNEY5QUUwMi9KRzlxUy1GYkFNX3NEY09acGVoRG41T2Nr
WFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pHOXFTLUZiQU1fc0RjT1pwZWhEbjVPY2tYUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OUIvNzMzREE0RTg1QjMzMTFFQjgwMENCODBDQzRGOUFFMDIvMDg0N0YzM0M0
MEU3MTFFRDgxOUU3MzY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmGUwDQYJKoZIhvcNAQELBQADggEBAA1N1dnFzgWlGqLz
wYleRzt0BJ7i8b9LDWshQ0X4vcr3sfF/NPa0W6mdQD2jlExxMcgiusuAxsrQy1za
qUZPFeIBap5tIRWyc6nUKF6ouBriaLgqs0l3Zbph5LteUjcT6TuzU3E1F0YR/ybo
oYZ+ARJs3B3Nh5cjdB6VLgCmEbByTRJMo4kBgAYEqc/b4jTEcjp9PYqOAyY2bHHg
y1w3l3V4sbQ9jBAUwksR21dFE537sOMiEh8I5mfBGAFN0hpPS56V3nxg3sq4K5V8
4f6um+qcswLwHwisIeY5n/Mmr3W5h165SHwHnHV8lL6Mitn4cdM0tQqtMWPiI6gB
m8m4mb0=
-----END CERTIFICATE-----
Generated at Mon Jun 2 05:38:55 2025 by rpki-client