Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/D2665B2079E811ECAA64F857C4F9AE02.roa
File: D2665B2079E811ECAA64F857C4F9AE02.roa (raw, json)
Hash identifier: J/cg0cjezPFEHl2oTtetO0STlqrxjGCK7cqwjjwhRGA=
Subject key identifier: E3:C1:DF:D3:D4:FB:E3:C8:37:67:58:49:7E:26:14:A8:4A:9F:64:75
Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial: 22
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/D2665B2079E811ECAA64F857C4F9AE02.roa
Signing time: Fri 21 Jan 2022 02:22:53 +0000
ROA not before: Fri 21 Jan 2022 02:22:53 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 136526
IP address blocks: 103.254.72.0/24 maxlen: 24
103.254.73.0/24 maxlen: 24
103.254.74.0/24 maxlen: 24
103.254.75.0/24 maxlen: 24
192.51.188.0/24 maxlen: 24
192.197.113.0/24 maxlen: 24
199.212.57.0/24 maxlen: 24
204.52.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEB81
Validity
Not Before: Jan 21 02:22:53 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61ea18fd-9a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:64:08:68:9a:55:ba:b8:0c:b5:d3:19:66:1e:
56:73:d9:53:10:04:a2:0c:69:9b:54:83:7c:98:05:
30:77:8c:42:9f:05:03:b1:cb:00:e1:10:a9:a2:e9:
89:da:b6:20:df:c0:a4:ca:33:99:f5:68:09:4d:a6:
f7:9f:dc:02:f3:9d:b5:b1:db:eb:4c:91:85:98:bb:
ad:27:c8:75:8d:ff:bd:00:18:96:9c:d9:37:97:69:
78:ec:e8:a6:a5:2d:2e:20:b9:53:ed:12:a9:3f:9f:
06:7b:da:c9:1b:5b:4b:0a:8f:db:90:d6:30:e0:40:
0b:18:08:a2:dc:3f:e5:ee:67:71:5a:b1:d9:df:cb:
8f:7b:89:b7:23:8c:74:e8:c2:d1:a3:41:b1:95:97:
ef:82:17:a2:ba:da:26:e1:5a:b5:c8:23:2a:a3:fd:
7d:b5:88:b1:8d:a4:d7:67:93:8c:db:44:b8:7c:6c:
9d:a4:72:46:ed:eb:84:06:06:e8:15:4c:6f:e4:81:
bc:4b:b7:76:ef:03:47:11:11:63:67:f0:24:17:a6:
26:92:b6:db:18:b9:4e:67:fa:9c:a4:42:f5:87:96:
97:67:50:34:da:c2:ec:3f:d0:66:05:c4:60:d4:77:
c4:c0:85:d0:c7:7e:81:b3:f9:4b:bf:f3:92:c7:56:
3c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C1:DF:D3:D4:FB:E3:C8:37:67:58:49:7E:26:14:A8:4A:9F:64:75
X509v3 Authority Key Identifier:
keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/D2665B2079E811ECAA64F857C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.72.0/22
192.51.188.0/24
192.197.113.0/24
199.212.57.0/24
204.52.191.0/24
Signature Algorithm: sha256WithRSAEncryption
29:65:9d:42:f0:d0:12:dd:5a:d0:92:42:0e:2f:cc:03:0e:ad:
2e:3d:db:e2:ee:22:81:49:0b:e0:71:93:1f:18:63:95:bf:59:
ec:25:94:57:78:7d:35:27:6f:2f:69:e4:34:fa:33:fb:5c:6f:
1a:fd:9d:3a:28:c0:28:e9:6d:a8:f8:f8:3a:7d:1a:75:f7:1b:
68:9b:b6:dc:04:0c:07:2a:00:c0:91:e8:d9:1a:b5:83:53:26:
6c:37:e4:bf:f0:b0:df:c4:ea:82:76:04:58:c7:93:53:f1:38:
15:4e:ec:c8:c3:77:dc:7c:8c:ec:2c:7d:dd:da:f0:ce:23:21:
ad:a6:c4:9b:41:cf:9d:32:48:8f:e5:42:f7:c5:40:03:3a:a2:
85:c5:54:b2:95:07:2f:44:b2:41:05:d7:aa:f1:35:fd:dc:3e:
e3:3b:d5:2f:a1:33:ee:de:17:24:c0:a2:9a:6c:78:14:5d:25:
c3:ee:64:79:33:2b:ee:c0:56:68:8e:ff:1e:f3:0a:99:5e:9d:
84:c5:81:80:b1:ce:f0:fb:a2:50:47:35:b6:95:8f:7e:4f:e5:
ae:9f:f1:74:f6:1f:b1:22:4a:39:86:6d:b2:77:e9:a0:a3:47:
80:ab:c0:7d:c0:5e:aa:df:20:1a:7f:52:7a:9b:6c:fe:52:f8:
5b:15:0f:c1
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RUI4MTExMC8GA1UEBRMoNzc3NjYxMkE0M0MyMkQwQTY2QjhGMTM2ODBCMzA1OEJF
RDVEOTg5MjAeFw0yMjAxMjEwMjIyNTNaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxZWExOGZkLTlhNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5ZAhomlW6uAy10xlmHlZz2VMQBKIMaZtUg3yYBTB3jEKfBQOxywDhEKmi6Yna
tiDfwKTKM5n1aAlNpvef3ALznbWx2+tMkYWYu60nyHWN/70AGJac2TeXaXjs6Kal
LS4guVPtEqk/nwZ72skbW0sKj9uQ1jDgQAsYCKLcP+XuZ3Fasdnfy497ibcjjHTo
wtGjQbGVl++CF6K62ibhWrXIIyqj/X21iLGNpNdnk4zbRLh8bJ2kckbt64QGBugV
TG/kgbxLt3bvA0cREWNn8CQXpiaSttsYuU5n+pykQvWHlpdnUDTawuw/0GYFxGDU
d8TAhdDHfoGz+Uu/85LHVjxzAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQU48Hf09T7
48g3Z1hJfiYUqEqfZHUwHwYDVR0jBBgwFoAUd3ZhKkPCLQpmuPE2gLMFi+1dmJIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURFQjgxL0NGOTY2M0M2NzBG
NzExRUNCMzE4RTQzQUM0RjlBRTAyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1K
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZDNaaEtrUENMUXBtdVBFMmdMTUZpLTFkbUpJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RUI4MS9DRjk2NjNDNjcwRjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9EMjY2NUIyMDc5
RTgxMUVDQUE2NEY4NTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAmf+SAMEAMAzvAMEAMDFcQMEAMfUOQMEAMw0vzANBgkqhkiG
9w0BAQsFAAOCAQEAKWWdQvDQEt1a0JJCDi/MAw6tLj3b4u4igUkL4HGTHxhjlb9Z
7CWUV3h9NSdvL2nkNPoz+1xvGv2dOijAKOltqPj4On0adfcbaJu23AQMByoAwJHo
2Rq1g1MmbDfkv/Cw38TqgnYEWMeTU/E4FU7syMN33HyM7Cx93drwziMhrabEm0HP
nTJIj+VC98VAAzqihcVUspUHL0SyQQXXqvE1/dw+4zvVL6Ez7t4XJMCimmx4FF0l
w+5keTMr7sBWaI7/HvMKmV6dhMWBgLHO8PuiUEc1tpWPfk/lrp/xdPYfsSJKOYZt
snfpoKNHgKvAfcBeqt8gGn9Septs/lL4WxUPwQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:49:59 2025 by rpki-client