Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/924390909F0811ECAE659F82C4F9AE02.roa
File: 924390909F0811ECAE659F82C4F9AE02.roa (raw, json)
Hash identifier: 0TKJse0H+A5SlMclxKdSnEU5BXCOtIgOxavU8IfnT5k=
Subject key identifier: 78:23:8F:4B:9B:7E:C9:50:EB:CF:17:7F:A5:77:2D:A2:4F:7F:CF:DE
Certificate issuer: /CN=A914E9C1/serialNumber=0A1DE18DFC98E4ACB3FA233368105A73D1D419F3
Certificate serial: 5E
Authority key identifier: 0A:1D:E1:8D:FC:98:E4:AC:B3:FA:23:33:68:10:5A:73:D1:D4:19:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/924390909F0811ECAE659F82C4F9AE02.roa
Signing time: Tue 08 Mar 2022 17:52:51 +0000
ROA not before: Tue 08 Mar 2022 17:52:51 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 3786
IP address blocks: 103.91.217.0/24 maxlen: 24
103.99.208.0/24 maxlen: 24
103.99.209.0/24 maxlen: 24
103.99.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94 (0x5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E9C1
Validity
Not Before: Mar 8 17:52:51 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=622797f2-fe55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:33:b8:37:11:81:76:4b:aa:5a:e8:91:5d:5f:
07:22:79:26:91:e6:ad:a4:b5:92:53:6f:d7:90:59:
fc:7e:4b:ad:39:cd:da:bc:b9:ef:ad:2c:ad:c3:20:
b8:85:fc:ff:d3:6a:2f:24:b9:b3:c0:95:2c:47:f0:
e7:0a:db:cc:32:00:38:14:84:7a:42:07:94:b0:86:
3e:89:44:c5:02:17:4a:ea:89:76:43:67:3c:92:e7:
58:71:7e:cc:dd:42:5e:9f:66:c0:87:a8:3b:11:72:
87:b7:94:3e:61:ea:79:d5:44:ff:70:a8:9b:eb:f8:
a0:81:c7:39:c0:c6:7d:e8:22:f1:63:7f:41:f9:ae:
a4:49:8c:38:ea:66:47:ab:86:6b:36:cc:f9:48:e4:
54:07:0c:99:fd:18:ab:18:f8:13:a3:4a:45:c2:10:
06:6f:de:a6:79:bb:57:17:df:55:73:06:6b:a8:1b:
ed:5c:f9:bb:bc:30:9f:44:fb:61:71:bd:40:ec:db:
71:3a:08:a4:07:43:5d:d1:9b:78:e1:97:49:ce:cd:
ea:c4:83:1c:c6:2e:0d:47:f9:eb:80:5f:c5:59:8b:
7a:7b:b5:64:08:e8:de:2a:43:6c:81:d4:d3:86:59:
b0:50:d1:11:01:a1:54:01:6f:f6:df:1f:1e:e0:1b:
55:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:23:8F:4B:9B:7E:C9:50:EB:CF:17:7F:A5:77:2D:A2:4F:7F:CF:DE
X509v3 Authority Key Identifier:
keyid:0A:1D:E1:8D:FC:98:E4:AC:B3:FA:23:33:68:10:5A:73:D1:D4:19:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/924390909F0811ECAE659F82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.217.0/24
103.99.208.0-103.99.210.255
Signature Algorithm: sha256WithRSAEncryption
6a:16:5a:ff:e9:04:50:92:49:33:ff:11:4e:3b:b1:f6:a0:c8:
ba:b0:31:40:39:c0:41:43:af:1a:62:1a:a3:63:81:bf:b3:72:
03:a8:ef:3f:6f:4a:44:e9:d0:72:e9:db:32:8e:3e:29:d3:42:
d3:0a:b4:05:f4:51:46:ae:31:40:ba:7e:5a:a2:a2:e5:6f:a1:
4c:5e:7e:0e:eb:a7:db:0b:f0:fe:7e:0e:91:67:77:1f:06:a7:
a9:8a:d3:e4:3d:3d:4a:10:b0:38:f1:0b:ab:cc:d7:51:f7:7a:
19:a5:5a:3b:a2:93:c0:36:d4:4b:a3:3c:eb:b9:68:91:b6:fb:
66:28:4e:e2:55:76:da:79:00:45:b8:c8:3c:77:14:46:c7:49:
1a:5c:dc:29:d5:c2:d7:a7:96:b4:38:cf:9a:7c:21:cf:a2:d7:
3b:a4:5b:ac:73:e0:26:5a:17:90:de:24:e2:32:99:66:c0:e1:
25:bf:0f:ae:c1:4c:6c:43:c9:8e:1b:8f:05:31:55:ec:f5:02:
03:4c:e4:6d:38:dd:90:9a:3b:b2:d8:ee:c9:69:37:7e:55:a3:
d1:ff:79:32:e8:5d:9b:a5:9f:c7:19:66:ae:7c:99:6d:dd:ee:
7e:3d:1d:93:89:0e:18:9a:b0:e3:e3:04:f1:46:f2:40:7d:85:
25:15:0b:35
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBXjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RTlDMTExMC8GA1UEBRMoMEExREUxOERGQzk4RTRBQ0IzRkEyMzMzNjgxMDVBNzNE
MUQ0MTlGMzAeFw0yMjAzMDgxNzUyNTFaFw0yMjEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMjc5N2YyLWZlNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTM7g3EYF2S6pa6JFdXwcieSaR5q2ktZJTb9eQWfx+S605zdq8ue+tLK3DILiF
/P/Tai8kubPAlSxH8OcK28wyADgUhHpCB5Swhj6JRMUCF0rqiXZDZzyS51hxfszd
Ql6fZsCHqDsRcoe3lD5h6nnVRP9wqJvr+KCBxznAxn3oIvFjf0H5rqRJjDjqZker
hms2zPlI5FQHDJn9GKsY+BOjSkXCEAZv3qZ5u1cX31VzBmuoG+1c+bu8MJ9E+2Fx
vUDs23E6CKQHQ13Rm3jhl0nOzerEgxzGLg1H+euAX8VZi3p7tWQI6N4qQ2yB1NOG
WbBQ0REBoVQBb/bfHx7gG1XFAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUeCOPS5t+
yVDrzxd/pXctok9/z94wHwYDVR0jBBgwFoAUCh3hjfyY5Kyz+iMzaBBac9HUGfMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRFOUMxL0VFNzAyRjQ0N0FD
OTExRUM5REE1NUI0NkM0RjlBRTAyL0NoM2hqZnlZNUt5ei1pTXphQkJhYzlIVUdm
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ2gzaGpmeVk1S3l6LWlNemFCQmFjOUhVR2ZNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RTlDMS9FRTcwMkY0NDdBQzkxMUVDOURBNTVCNDZDNEY5QUUwMi85MjQzOTA5MDlG
MDgxMUVDQUU2NTlGODJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFAMEAGdb2TAMAwQEZ2PQAwQAZ2PSMA0GCSqGSIb3DQEBCwUAA4IB
AQBqFlr/6QRQkkkz/xFOO7H2oMi6sDFAOcBBQ68aYhqjY4G/s3IDqO8/b0pE6dBy
6dsyjj4p00LTCrQF9FFGrjFAun5aoqLlb6FMXn4O66fbC/D+fg6RZ3cfBqepitPk
PT1KELA48QurzNdR93oZpVo7opPANtRLozzruWiRtvtmKE7iVXbaeQBFuMg8dxRG
x0kaXNwp1cLXp5a0OM+afCHPotc7pFusc+AmWheQ3iTiMplmwOElvw+uwUxsQ8mO
G48FMVXs9QIDTORtON2Qmjuy2O7JaTd+VaPR/3ky6F2bpZ/HGWaufJlt3e5+PR2T
iQ4YmrDj4wTxRvJAfYUlFQs1
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:49:44 2025 by rpki-client