Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/D0913EB2CFE211EE95FDE47FC4F9AE02.roa
File: D0913EB2CFE211EE95FDE47FC4F9AE02.roa (raw, json)
Hash identifier: RWnnSvZFjMLxE3Gh1ytkqK+2f8oa+P3FEfN7FoEoZlM=
Subject key identifier: 14:69:BA:AE:74:6A:0F:ED:64:71:31:10:1A:FD:74:B2:55:0E:3D:E4
Certificate issuer: /CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Certificate serial: 0363
Authority key identifier: 50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/D0913EB2CFE211EE95FDE47FC4F9AE02.roa
Signing time: Tue 20 Feb 2024 11:25:56 +0000
ROA not before: Tue 20 Feb 2024 11:25:56 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 140732
IP address blocks: 103.152.116.0/23 maxlen: 23
103.152.116.0/24 maxlen: 24
103.152.117.64/26 maxlen: 26
103.152.117.128/26 maxlen: 26
103.152.117.192/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 867 (0x363)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE06
Validity
Not Before: Feb 20 11:25:56 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65d48c44-54bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:aa:13:98:c9:4e:f8:a5:40:2a:83:ba:e2:
3e:a3:55:07:e7:0d:77:22:0f:48:af:dd:2e:44:ee:
82:95:e9:d4:27:f1:b4:9f:17:2a:e2:be:1b:c2:d4:
49:74:c1:71:65:ed:fb:0e:85:c1:7b:3b:1f:6b:d6:
83:8c:c2:7e:5c:d7:b5:ab:21:5e:84:7b:e5:39:1e:
0a:65:fc:02:1c:2a:fd:55:7b:df:96:5b:4d:2d:34:
c6:3d:b3:f8:27:53:8f:4d:ad:1c:14:f9:ab:9b:11:
b2:75:db:1f:7c:89:a3:ec:94:fc:d3:6b:dd:fb:e8:
7e:0a:79:42:f6:1c:d0:c8:f2:c9:5b:0a:08:8d:3e:
39:b6:71:a1:d6:e7:b7:80:5a:5a:1c:18:ee:08:38:
16:34:2d:8e:8f:88:c8:e0:d9:f9:fc:7d:1f:cf:b3:
31:d2:91:57:53:29:05:96:a1:31:d5:d9:58:7d:83:
ba:f9:98:1f:cc:f1:90:f4:be:d1:66:90:a2:af:dc:
f0:9f:5a:35:2e:91:96:33:d2:79:32:6d:fb:da:2d:
65:86:a3:a4:c8:d6:33:e8:21:6f:95:49:d0:95:4d:
7e:ec:72:83:bc:27:36:55:18:23:a4:80:31:dc:cd:
0d:19:2a:cc:3a:b5:e1:86:23:59:14:79:52:bd:d8:
ba:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:69:BA:AE:74:6A:0F:ED:64:71:31:10:1A:FD:74:B2:55:0E:3D:E4
X509v3 Authority Key Identifier:
keyid:50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/UHOVHlwVgmk6hwcu5UjGVIWwWiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/D0913EB2CFE211EE95FDE47FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.116.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:de:5f:5e:a4:b8:22:a7:72:e5:d3:25:73:c2:8e:3c:36:77:
fb:fb:c1:f3:5f:6b:84:e9:f6:ef:0a:43:70:b9:ee:b0:f5:64:
42:d9:1d:46:2d:d2:48:3e:65:da:54:b4:49:94:da:1a:98:44:
03:33:a5:f2:08:df:09:6f:90:a3:8e:75:e3:e4:66:1b:52:c1:
2b:8a:a4:03:e2:77:1e:14:89:25:53:94:50:da:d8:c7:03:f3:
b5:4d:f2:d8:e9:b1:d8:4a:ff:ac:88:66:ca:f0:a4:69:0a:81:
75:91:35:d8:b1:45:76:b3:5c:9b:34:c5:98:4e:03:4a:6d:3c:
65:1f:8c:68:54:f9:e0:5e:93:55:22:2d:0b:c0:59:b5:dc:c5:
c9:48:01:36:58:79:91:b7:fe:3c:3c:00:1b:e0:fb:47:e9:9a:
56:ca:76:f9:0d:c0:f0:be:d1:96:2e:8b:6a:7d:21:e8:34:20:
a7:d3:91:14:50:3a:d8:c0:45:a9:28:d3:66:8d:3c:f8:cc:6b:
53:ee:42:fa:c2:3e:77:c1:43:2a:65:8b:f7:7f:e8:8f:de:8b:
0d:06:17:c8:33:26:8e:cc:23:20:6f:d3:46:bb:54:37:f5:2b:
97:f3:ef:75:f4:0e:6c:69:25:9c:ff:41:9e:53:db:ce:85:b1:
a1:45:7c:53
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA2MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMDYxMTAvBgNVBAUTKDUwNzM5NTFFNUMxNTgyNjkzQTg3MDcyRUU1NDhDNjU0
ODVCMDVBMkMwHhcNMjQwMjIwMTEyNTU2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ0OGM0NC01NGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArCyqE5jJTvilQCqDuuI+o1UH5w13Ig9Ir90uRO6ClenUJ/G0nxcq4r4bwtRJ
dMFxZe37DoXBezsfa9aDjMJ+XNe1qyFehHvlOR4KZfwCHCr9VXvflltNLTTGPbP4
J1OPTa0cFPmrmxGyddsffImj7JT802vd++h+CnlC9hzQyPLJWwoIjT45tnGh1ue3
gFpaHBjuCDgWNC2Oj4jI4Nn5/H0fz7Mx0pFXUykFlqEx1dlYfYO6+ZgfzPGQ9L7R
ZpCir9zwn1o1LpGWM9J5Mm372i1lhqOkyNYz6CFvlUnQlU1+7HKDvCc2VRgjpIAx
3M0NGSrMOrXhhiNZFHlSvdi6MwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBRpuq50
ag/tZHExEBr9dLJVDj3kMB8GA1UdIwQYMBaAFFBzlR5cFYJpOocHLuVIxlSFsFos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUwNi8wNTU5RUVBRTVD
QkUxMUVDQjI3M0RDN0NDNEY5QUUwMi9VSE9WSGx3VmdtazZod2N1NVVqR1ZJV3dX
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VIT1ZIbHdWZ21rNmh3Y3U1VWpHVklXd1dpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMDYvMDU1OUVFQUU1Q0JFMTFFQ0IyNzNEQzdDQzRGOUFFMDIvRDA5MTNFQjJD
RkUyMTFFRTk1RkRFNDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmHQwDQYJKoZIhvcNAQELBQADggEBABreX16kuCKncuXT
JXPCjjw2d/v7wfNfa4Tp9u8KQ3C57rD1ZELZHUYt0kg+ZdpUtEmU2hqYRAMzpfII
3wlvkKOOdePkZhtSwSuKpAPidx4UiSVTlFDa2McD87VN8tjpsdhK/6yIZsrwpGkK
gXWRNdixRXazXJs0xZhOA0ptPGUfjGhU+eBek1UiLQvAWbXcxclIATZYeZG3/jw8
ABvg+0fpmlbKdvkNwPC+0ZYui2p9Ieg0IKfTkRRQOtjARako02aNPPjMa1PuQvrC
PnfBQypli/d/6I/eiw0GF8gzJo7MIyBv00a7VDf1K5fz73X0DmxpJZz/QZ5T286F
saFFfFM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:50:00 2025 by rpki-client