Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/30EFF8D6CB0911EE9260454CC4F9AE02.roa
File: 30EFF8D6CB0911EE9260454CC4F9AE02.roa (raw, json)
Hash identifier: UBSpkQC7C+2SrJFHCSQjRknYvUnfoKT6zqO+Fgh1ODg=
Subject key identifier: A6:B6:08:C6:16:1E:14:C0:FE:5F:E5:9E:09:04:B1:3A:46:52:87:28
Certificate issuer: /CN=A918E4B7/serialNumber=0AB6DD26515C53ECC5B0462B4C475D5A7E5A5537
Certificate serial: 0400
Authority key identifier: 0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/30EFF8D6CB0911EE9260454CC4F9AE02.roa
Signing time: Wed 14 Feb 2024 07:18:03 +0000
ROA not before: Wed 14 Feb 2024 07:18:03 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 8888
IP address blocks: 103.125.218.0/24 maxlen: 24
2403:fa40:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1024 (0x400)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E4B7
Validity
Not Before: Feb 14 07:18:03 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65cc692b-27df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:49:01:fc:8f:7e:56:34:7f:04:84:71:50:4e:
1e:85:d6:08:fc:d2:07:50:aa:f2:f9:f3:c6:a4:80:
31:ad:47:7b:e1:78:ca:be:8a:2b:c7:17:70:8d:24:
3b:be:a0:0d:18:01:e1:14:f4:f9:d3:37:8d:fb:62:
bf:96:6f:80:ff:fa:f8:91:30:ba:15:22:77:6d:eb:
82:e8:79:0d:5a:68:e0:8f:6c:aa:2d:94:03:77:6a:
da:f3:5f:73:ea:f1:e5:91:ff:8e:61:09:8f:a4:7e:
68:b9:69:b8:af:a8:44:15:ed:a4:16:94:cf:f6:22:
97:ba:67:14:a4:d9:05:bc:66:b5:5d:04:fa:d8:db:
e5:5b:c8:95:fe:69:4e:9b:6f:86:3a:72:28:38:c2:
84:3b:a0:a3:c6:b8:23:a0:37:53:c3:6d:eb:01:4a:
e9:c6:62:b7:00:98:73:7d:29:01:14:01:ad:e2:02:
9b:51:ca:66:c4:0a:8a:f8:2b:aa:13:0f:86:45:2d:
a3:cd:69:ad:0a:58:17:e6:fe:02:7b:51:cc:17:93:
44:d4:50:14:27:3d:9c:c0:ea:c3:85:74:80:84:e7:
ad:9f:f7:50:15:e0:66:2e:af:06:8e:9d:5d:40:a7:
b8:5f:6d:be:83:50:56:2b:40:c9:d5:b9:7d:44:41:
2c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B6:08:C6:16:1E:14:C0:FE:5F:E5:9E:09:04:B1:3A:46:52:87:28
X509v3 Authority Key Identifier:
keyid:0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/30EFF8D6CB0911EE9260454CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.125.218.0/24
IPv6:
2403:fa40:2::/48
Signature Algorithm: sha256WithRSAEncryption
20:ca:24:50:1e:07:79:c4:1a:47:cc:67:0e:18:75:9e:53:de:
97:14:ed:a0:dd:3f:e7:8b:7b:13:b1:85:53:69:ae:bb:6a:e9:
5f:da:cc:59:da:07:bb:4a:f7:05:65:e0:33:72:8f:c6:56:92:
fa:22:e3:b2:cc:4e:5d:de:4e:f2:fe:b8:ec:c7:c5:c3:84:15:
49:61:ae:aa:10:cf:3e:8e:cc:05:55:a8:be:32:0c:d9:b6:7a:
58:8d:94:c0:c9:cc:14:b4:b9:b9:ba:2a:a5:37:33:d9:56:72:
26:a4:8e:11:71:66:10:61:6e:2b:0b:05:3a:2d:e8:91:a0:ed:
d2:1c:52:5c:21:e5:2e:6a:09:1b:f6:e6:31:85:9d:2e:da:c8:
fa:ca:41:4b:18:e0:6f:11:f4:70:a3:54:ca:ec:5e:e8:11:d9:
71:42:4a:23:e5:b3:47:45:e4:84:e6:a3:d7:6c:17:e9:0e:18:
a5:d2:b7:ad:36:8f:ff:61:4a:e0:13:dc:71:09:46:24:9b:e0:
22:04:09:52:f0:27:91:ae:61:e5:a5:8b:df:4c:5a:1f:7f:c9:
b8:e8:17:bf:b3:e3:d1:dc:2e:2a:3a:fb:a9:bd:d2:d0:ad:6d:
db:19:d1:0b:db:8b:97:57:6c:0c:25:f9:3b:15:69:c8:8a:9c:
a4:36:bc:d3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU0QjcxMTAvBgNVBAUTKDBBQjZERDI2NTE1QzUzRUNDNUIwNDYyQjRDNDc1RDVB
N0U1QTU1MzcwHhcNMjQwMjE0MDcxODAzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNjNjkyYi0yN2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0kB/I9+VjR/BIRxUE4ehdYI/NIHUKry+fPGpIAxrUd74XjKvoorxxdwjSQ7
vqANGAHhFPT50zeN+2K/lm+A//r4kTC6FSJ3beuC6HkNWmjgj2yqLZQDd2ra819z
6vHlkf+OYQmPpH5ouWm4r6hEFe2kFpTP9iKXumcUpNkFvGa1XQT62NvlW8iV/mlO
m2+GOnIoOMKEO6CjxrgjoDdTw23rAUrpxmK3AJhzfSkBFAGt4gKbUcpmxAqK+Cuq
Ew+GRS2jzWmtClgX5v4Ce1HMF5NE1FAUJz2cwOrDhXSAhOetn/dQFeBmLq8Gjp1d
QKe4X22+g1BWK0DJ1bl9REEsjQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKa2CMYW
HhTA/l/lngkEsTpGUocoMB8GA1UdIwQYMBaAFAq23SZRXFPsxbBGK0xHXVp+WlU3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTRCNy9FQjMxMkYwMjFF
QUExMUVDQjc1NkJGMzBDNEY5QUUwMi9DcmJkSmxGY1UtekZzRVlyVEVkZFduNWFW
VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NyYmRKbEZjVS16RnNFWXJURWRkV241YVZUYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEU0QjcvRUIzMTJGMDIxRUFBMTFFQ0I3NTZCRjMwQzRGOUFFMDIvMzBFRkY4RDZD
QjA5MTFFRTkyNjA0NTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnfdowDwQCAAIwCQMHACQD+kAAAjANBgkqhkiG9w0BAQsF
AAOCAQEAIMokUB4HecQaR8xnDhh1nlPelxTtoN0/54t7E7GFU2muu2rpX9rMWdoH
u0r3BWXgM3KPxlaS+iLjssxOXd5O8v647MfFw4QVSWGuqhDPPo7MBVWovjIM2bZ6
WI2UwMnMFLS5uboqpTcz2VZyJqSOEXFmEGFuKwsFOi3okaDt0hxSXCHlLmoJG/bm
MYWdLtrI+spBSxjgbxH0cKNUyuxe6BHZcUJKI+WzR0XkhOaj12wX6Q4YpdK3rTaP
/2FK4BPccQlGJJvgIgQJUvAnka5h5aWL30xaH3/JuOgXv7Pj0dwuKjr7qb3S0K1t
2xnRC9uLl1dsDCX5OxVpyIqcpDa80w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:09 2025 by rpki-client