Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/132F2CD0F5BA11EB90F4A13DC4F9AE02.roa
File: 132F2CD0F5BA11EB90F4A13DC4F9AE02.roa (raw, json)
Hash identifier: mnIqJWf+lHQTF79pg3OrCz9LuX9Hdh+4NZ/wsU9oVm4=
Subject key identifier: A0:43:76:BB:3B:FB:FD:30:33:ED:77:F2:3A:10:03:DD:99:1C:06:89
Certificate issuer: /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial: 2395
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/132F2CD0F5BA11EB90F4A13DC4F9AE02.roa
Signing time: Fri 30 Dec 2022 18:55:35 +0000
ROA not before: Fri 30 Dec 2022 18:55:35 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 9541
IP address blocks: 103.138.210.0/24 maxlen: 24
103.178.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9109 (0x2395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B805
Validity
Not Before: Dec 30 18:55:35 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=63af3427-bdb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:dc:f3:97:13:cc:cb:23:86:e4:6e:ed:ed:f7:
eb:db:41:cb:91:dd:d6:0c:3a:07:5a:25:da:a0:cd:
29:fa:57:6f:c5:03:db:35:4e:c0:18:22:9d:8a:97:
f7:8c:5c:64:0d:29:cc:61:91:bd:d4:ce:1a:78:a2:
36:4d:0e:24:1a:92:de:8f:9d:b1:c7:62:c4:71:c9:
12:80:78:24:a6:28:46:2a:6e:be:38:11:f5:2b:3e:
f7:bf:42:d6:b3:b1:e0:40:51:b0:49:42:7a:8d:7f:
27:69:32:6a:77:80:ed:d8:89:01:04:54:f5:e6:be:
97:8d:a2:84:cf:92:6d:38:84:b4:d9:8f:de:a1:05:
f0:a5:7e:c5:1c:7f:7d:6f:b9:d6:93:c6:43:d2:ec:
a5:b0:c4:0f:27:77:76:11:10:f8:c1:d0:5c:78:75:
90:93:38:51:e2:81:9d:07:01:cb:3e:e8:0a:66:49:
20:c1:6e:6d:e4:7a:bc:82:c0:02:ae:fb:28:e3:6f:
0d:b4:8b:e3:1c:38:71:e2:e1:e1:9c:97:2c:20:f5:
db:cc:93:d4:73:6b:05:8d:04:4e:a6:86:c6:e2:55:
46:a8:a4:df:e8:e0:05:84:45:c0:77:e9:45:8f:dc:
b8:7e:37:d3:b3:c2:75:cb:77:eb:a1:a4:76:cc:87:
36:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:43:76:BB:3B:FB:FD:30:33:ED:77:F2:3A:10:03:DD:99:1C:06:89
X509v3 Authority Key Identifier:
keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/132F2CD0F5BA11EB90F4A13DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.210.0/24
103.178.52.0/24
Signature Algorithm: sha256WithRSAEncryption
40:1d:94:ab:97:1f:93:c2:9d:f4:0b:c4:2f:02:cb:4d:3e:af:
18:d3:eb:63:1a:f1:41:db:e9:43:46:aa:38:14:19:94:72:a8:
cb:d7:ca:c3:fe:3e:e3:eb:af:fa:12:dc:fe:08:1d:33:73:4b:
fd:44:54:4d:c2:ad:4a:ab:11:6f:3a:e8:1d:ff:49:e8:33:2d:
04:eb:49:37:79:70:5b:d9:c9:81:de:29:27:c6:be:25:f1:8a:
75:0a:41:84:ba:8e:ed:df:50:8f:a2:5a:04:fb:79:29:89:05:
9b:44:69:7d:f1:42:0a:68:e6:1c:9c:62:96:f5:28:7e:c8:41:
1c:7e:6e:10:6c:9f:7b:40:70:f9:63:56:09:e8:06:90:5e:61:
71:6c:3d:b1:49:41:01:d8:a7:fc:6b:49:20:4f:c0:8d:42:b2:
8b:44:8d:4d:02:36:7a:be:35:5a:dc:17:44:d7:1d:f1:ed:56:
de:e6:26:fc:88:3c:d0:0e:9d:92:0f:f4:a3:e5:8d:a1:1a:b7:
e2:86:f1:89:bd:53:ed:e1:91:45:d9:94:8c:71:8d:63:af:72:
77:5b:c7:9e:bd:21:5d:8d:69:08:fb:46:d1:3b:1a:e8:bf:29:
2d:b4:e5:ab:a1:4e:97:77:e6:d4:22:de:cb:0a:1e:e0:f8:81:
55:10:55:49
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICI5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjIxMjMwMTg1NTM1WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FmMzQyNy1iZGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyNzzlxPMyyOG5G7t7ffr20HLkd3WDDoHWiXaoM0p+ldvxQPbNU7AGCKdipf3
jFxkDSnMYZG91M4aeKI2TQ4kGpLej52xx2LEcckSgHgkpihGKm6+OBH1Kz73v0LW
s7HgQFGwSUJ6jX8naTJqd4Dt2IkBBFT15r6XjaKEz5JtOIS02Y/eoQXwpX7FHH99
b7nWk8ZD0uylsMQPJ3d2ERD4wdBceHWQkzhR4oGdBwHLPugKZkkgwW5t5Hq8gsAC
rvso428NtIvjHDhx4uHhnJcsIPXbzJPUc2sFjQROpobG4lVGqKTf6OAFhEXAd+lF
j9y4fjfTs8J1y3froaR2zIc2SwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKBDdrs7
+/0wM+138joQA92ZHAaJMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvMTMyRjJDRDBG
NUJBMTFFQjkwRjRBMTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnitIDBABnsjQwDQYJKoZIhvcNAQELBQADggEBAEAdlKuX
H5PCnfQLxC8Cy00+rxjT62Ma8UHb6UNGqjgUGZRyqMvXysP+PuPrr/oS3P4IHTNz
S/1EVE3CrUqrEW866B3/SegzLQTrSTd5cFvZyYHeKSfGviXxinUKQYS6ju3fUI+i
WgT7eSmJBZtEaX3xQgpo5hycYpb1KH7IQRx+bhBsn3tAcPljVgnoBpBeYXFsPbFJ
QQHYp/xrSSBPwI1CsotEjU0CNnq+NVrcF0TXHfHtVt7mJvyIPNAOnZIP9KPljaEa
t+KG8Ym9U+3hkUXZlIxxjWOvcndbx569IV2NaQj7RtE7Gui/KS205auhTpd35tQi
3ssKHuD4gVUQVUk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:41 2025 by rpki-client