Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/CEE28066D16911EE96114160C4F9AE02.roa
File: CEE28066D16911EE96114160C4F9AE02.roa (raw, json)
Hash identifier: RjSPr+nMWhiQzUCM3pwVSW2bQzwYd8XbQJWHdM+xxZM=
Subject key identifier: 98:B9:34:F5:8E:DA:2E:CA:1B:28:D8:79:BC:54:27:E2:83:4F:39:C5
Certificate issuer: /CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Certificate serial: 036A
Authority key identifier: 50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/CEE28066D16911EE96114160C4F9AE02.roa
Signing time: Thu 22 Feb 2024 10:04:47 +0000
ROA not before: Thu 22 Feb 2024 10:04:47 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136969
IP address blocks: 103.152.116.0/23 maxlen: 23
103.152.116.0/24 maxlen: 24
103.152.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 874 (0x36a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE06
Validity
Not Before: Feb 22 10:04:47 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65d71c3f-6b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4b:f2:e9:7d:a3:9c:8a:78:a0:44:f4:59:f2:
2a:db:3c:41:96:6e:38:08:26:c2:d7:b4:ea:c1:d8:
3c:1f:6b:26:af:72:ee:8b:e7:73:06:9c:79:82:5d:
2d:9e:56:0b:fb:b2:04:ec:26:d6:0f:79:bb:2f:4a:
80:ab:04:16:33:1e:86:85:66:ae:6b:91:05:9f:7c:
0f:54:a0:07:07:87:25:ae:22:b6:95:b3:fb:b4:89:
0e:5f:fe:fa:03:9b:93:41:0b:70:90:62:d8:54:64:
9b:cb:96:8a:e3:2c:60:d2:c8:57:76:f7:24:7b:30:
a8:71:fc:f4:ac:62:76:0b:db:7a:62:d6:1a:c2:dd:
61:52:29:50:51:36:56:15:f0:47:25:1d:6f:2d:db:
1c:cb:12:75:c2:76:ad:a9:23:08:ba:01:30:95:da:
f7:f7:4c:ed:71:44:9b:3f:e7:e6:be:28:d6:ea:57:
ea:0b:dc:69:9e:90:75:0d:11:18:ea:b6:76:56:ad:
5d:2b:4a:62:7d:76:8d:0f:19:b7:fb:e4:0a:a3:ec:
a4:11:81:ce:ec:2e:f6:8a:0e:8f:e8:1c:c6:d4:55:
1f:54:a0:58:78:b2:10:ec:07:35:d7:ec:bd:42:c0:
7f:88:35:9b:54:44:f4:02:90:c7:05:a8:c3:ce:06:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B9:34:F5:8E:DA:2E:CA:1B:28:D8:79:BC:54:27:E2:83:4F:39:C5
X509v3 Authority Key Identifier:
keyid:50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/UHOVHlwVgmk6hwcu5UjGVIWwWiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/CEE28066D16911EE96114160C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.116.0/23
Signature Algorithm: sha256WithRSAEncryption
77:ac:7c:f1:5b:6f:0f:5c:51:24:e8:e2:25:75:a0:d8:63:77:
ff:72:8e:28:4b:8a:e5:b3:ab:b6:b1:e9:d2:0b:9d:3a:c0:b2:
4e:c9:6d:82:46:34:c0:e4:48:86:26:b7:d9:ed:f0:36:e0:71:
ac:c6:02:f5:67:e4:8e:ad:29:44:00:d2:dc:47:28:2c:50:c8:
3e:f2:5f:27:ab:70:44:b8:f1:00:e9:70:bd:dc:59:45:b8:34:
77:cb:22:af:6f:31:d2:31:40:e7:65:f2:d1:ce:e9:94:c2:04:
ad:a4:38:81:1e:6c:a9:67:08:3c:f1:21:c1:cc:14:e5:7c:13:
73:3d:4f:2e:9c:f4:4f:c8:cd:db:ff:62:7c:31:ec:9c:70:3a:
eb:3d:54:79:f6:50:00:94:f3:e2:a7:2a:b5:d5:fa:bc:92:7f:
02:c7:10:69:15:59:30:ff:38:df:6e:e2:c4:26:d5:d5:e8:9d:
34:10:22:41:54:1c:af:69:f6:f7:2a:16:47:1e:35:43:33:28:
10:0c:9c:4b:fb:73:ba:14:91:af:8c:81:fc:3a:af:e2:6e:78:
34:17:2d:62:3c:b7:b6:5d:58:8c:09:cd:44:9f:c1:28:d3:43:
53:32:bb:e5:44:3d:a8:57:26:96:e0:67:54:ed:84:8f:37:f2:
80:7a:39:d3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMDYxMTAvBgNVBAUTKDUwNzM5NTFFNUMxNTgyNjkzQTg3MDcyRUU1NDhDNjU0
ODVCMDVBMkMwHhcNMjQwMjIyMTAwNDQ3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ3MWMzZi02YjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA20vy6X2jnIp4oET0WfIq2zxBlm44CCbC17Tqwdg8H2smr3Lui+dzBpx5gl0t
nlYL+7IE7CbWD3m7L0qAqwQWMx6GhWaua5EFn3wPVKAHB4clriK2lbP7tIkOX/76
A5uTQQtwkGLYVGSby5aK4yxg0shXdvckezCocfz0rGJ2C9t6YtYawt1hUilQUTZW
FfBHJR1vLdscyxJ1wnatqSMIugEwldr390ztcUSbP+fmvijW6lfqC9xpnpB1DREY
6rZ2Vq1dK0pifXaNDxm3++QKo+ykEYHO7C72ig6P6BzG1FUfVKBYeLIQ7Ac11+y9
QsB/iDWbVET0ApDHBajDzgaqlwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJi5NPWO
2i7KGyjYebxUJ+KDTznFMB8GA1UdIwQYMBaAFFBzlR5cFYJpOocHLuVIxlSFsFos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUwNi8wNTU5RUVBRTVD
QkUxMUVDQjI3M0RDN0NDNEY5QUUwMi9VSE9WSGx3VmdtazZod2N1NVVqR1ZJV3dX
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VIT1ZIbHdWZ21rNmh3Y3U1VWpHVklXd1dpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMDYvMDU1OUVFQUU1Q0JFMTFFQ0IyNzNEQzdDQzRGOUFFMDIvQ0VFMjgwNjZE
MTY5MTFFRTk2MTE0MTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmHQwDQYJKoZIhvcNAQELBQADggEBAHesfPFbbw9cUSTo
4iV1oNhjd/9yjihLiuWzq7ax6dILnTrAsk7JbYJGNMDkSIYmt9nt8DbgcazGAvVn
5I6tKUQA0txHKCxQyD7yXyercES48QDpcL3cWUW4NHfLIq9vMdIxQOdl8tHO6ZTC
BK2kOIEebKlnCDzxIcHMFOV8E3M9Ty6c9E/Izdv/Ynwx7JxwOus9VHn2UACU8+Kn
KrXV+rySfwLHEGkVWTD/ON9u4sQm1dXonTQQIkFUHK9p9vcqFkceNUMzKBAMnEv7
c7oUka+Mgfw6r+JueDQXLWI8t7ZdWIwJzUSfwSjTQ1Myu+VEPahXJpbgZ1TthI83
8oB6OdM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:50:00 2025 by rpki-client