Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/DB09E7ACC85511EEA231C150C4F9AE02.roa
File: DB09E7ACC85511EEA231C150C4F9AE02.roa (raw, json)
Hash identifier: zvlciIcUbQoeitbnxMTPzdwMr5DKT7EC8Lh2doDOFbk=
Subject key identifier: 6B:B0:8B:1B:EC:36:35:A7:A7:90:07:7E:A7:17:82:7F:66:A9:24:D9
Certificate issuer: /CN=A91EEE06/serialNumber=5073951E5C1582693A87072EE548C65485B05A2C
Certificate serial: 035A
Authority key identifier: 50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/DB09E7ACC85511EEA231C150C4F9AE02.roa
Signing time: Sun 11 Feb 2024 10:52:25 +0000
ROA not before: Sun 11 Feb 2024 10:52:25 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136969
IP address blocks: 103.152.116.0/23 maxlen: 23
103.152.116.0/24 maxlen: 24
103.152.117.0/24 maxlen: 24
103.152.117.0/26 maxlen: 26
103.152.117.64/26 maxlen: 26
103.152.117.128/26 maxlen: 26
103.152.117.192/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 858 (0x35a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE06
Validity
Not Before: Feb 11 10:52:25 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65c8a6e9-7aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b4:96:50:2c:d3:19:43:51:de:3e:2f:12:25:
63:8a:c5:08:ba:a3:48:56:f3:eb:79:13:c7:5f:da:
16:cb:df:75:1e:f3:8e:62:11:b7:b4:25:7b:ef:8d:
63:ab:0b:08:16:f8:df:b5:dd:26:2e:47:8c:4a:e5:
61:15:b4:3a:85:1f:bb:70:74:38:dc:d5:49:a2:95:
a3:23:fb:64:0a:98:42:a5:f6:56:88:11:91:57:dd:
75:bb:34:13:f9:79:dc:f9:3b:59:cd:b4:4e:df:74:
50:d5:c9:07:06:64:cb:6c:18:69:ed:de:9d:ee:39:
39:91:c2:ab:10:df:a5:d5:ee:4e:05:f3:42:3b:8c:
7c:2b:ee:7d:bc:a9:8f:6e:00:b9:31:b8:ad:58:7e:
a9:d4:2e:11:df:73:f7:88:d5:90:40:a0:0b:6e:f4:
23:be:b5:d2:dd:08:94:43:8c:0c:d8:17:e2:de:8c:
c9:d2:a7:81:57:d3:07:66:ed:e5:79:92:bf:30:05:
0d:ae:22:23:34:34:e6:ec:9e:b1:03:1f:4d:a5:f7:
de:26:10:82:09:d5:28:13:0a:0a:12:9b:1e:94:bd:
ad:07:b1:43:a0:cf:24:b8:c5:56:47:93:3d:81:d9:
1d:91:36:5e:04:e5:70:28:17:ba:08:20:f2:85:c6:
96:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B0:8B:1B:EC:36:35:A7:A7:90:07:7E:A7:17:82:7F:66:A9:24:D9
X509v3 Authority Key Identifier:
keyid:50:73:95:1E:5C:15:82:69:3A:87:07:2E:E5:48:C6:54:85:B0:5A:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/UHOVHlwVgmk6hwcu5UjGVIWwWiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UHOVHlwVgmk6hwcu5UjGVIWwWiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE06/0559EEAE5CBE11ECB273DC7CC4F9AE02/DB09E7ACC85511EEA231C150C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.116.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:3f:49:71:cd:ff:9f:4e:75:46:cd:e1:ef:1a:08:ff:c6:3b:
c9:da:34:81:51:09:cb:50:3b:03:ee:55:28:84:0a:58:1c:ce:
94:3b:72:8f:b3:98:fd:11:58:9e:8f:92:05:18:fc:ba:28:88:
5b:ab:2c:8d:b4:7f:9f:64:f4:02:7a:40:40:00:6b:e7:3d:26:
58:f8:2c:41:da:65:bf:82:e2:36:71:57:31:97:7a:23:d5:98:
28:58:1b:d9:70:74:aa:4b:08:c5:bb:f5:42:25:bd:2e:15:cd:
5f:73:c4:67:dd:63:77:2f:ef:88:66:97:9a:75:58:58:f5:c7:
38:08:82:4e:3d:e3:bd:04:91:88:15:3d:05:12:02:32:a2:1f:
de:ed:1b:8c:cf:93:e4:63:5d:68:17:e0:20:11:7c:64:d9:e4:
3d:54:48:9e:e9:27:8b:00:73:0e:f9:c0:e1:b7:b8:f7:59:ca:
73:a4:f2:45:1d:8a:5b:ad:eb:6e:0d:60:f8:b2:22:e0:6a:6b:
f1:10:a0:46:ec:f7:67:47:0b:3d:7c:1c:fe:7d:6e:22:c0:de:
21:d6:4b:bb:34:df:14:74:60:86:41:dc:e9:f6:b6:e9:86:9c:
84:24:30:c5:45:b2:5c:4c:6f:7a:57:a9:e7:50:e4:63:b6:66:
24:a2:cf:e0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA1owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMDYxMTAvBgNVBAUTKDUwNzM5NTFFNUMxNTgyNjkzQTg3MDcyRUU1NDhDNjU0
ODVCMDVBMkMwHhcNMjQwMjExMTA1MjI1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWM4YTZlOS03YWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApbSWUCzTGUNR3j4vEiVjisUIuqNIVvPreRPHX9oWy991HvOOYhG3tCV7741j
qwsIFvjftd0mLkeMSuVhFbQ6hR+7cHQ43NVJopWjI/tkCphCpfZWiBGRV911uzQT
+Xnc+TtZzbRO33RQ1ckHBmTLbBhp7d6d7jk5kcKrEN+l1e5OBfNCO4x8K+59vKmP
bgC5MbitWH6p1C4R33P3iNWQQKALbvQjvrXS3QiUQ4wM2Bfi3ozJ0qeBV9MHZu3l
eZK/MAUNriIjNDTm7J6xAx9NpffeJhCCCdUoEwoKEpselL2tB7FDoM8kuMVWR5M9
gdkdkTZeBOVwKBe6CCDyhcaWaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGuwixvs
NjWnp5AHfqcXgn9mqSTZMB8GA1UdIwQYMBaAFFBzlR5cFYJpOocHLuVIxlSFsFos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUwNi8wNTU5RUVBRTVD
QkUxMUVDQjI3M0RDN0NDNEY5QUUwMi9VSE9WSGx3VmdtazZod2N1NVVqR1ZJV3dX
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VIT1ZIbHdWZ21rNmh3Y3U1VWpHVklXd1dpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMDYvMDU1OUVFQUU1Q0JFMTFFQ0IyNzNEQzdDQzRGOUFFMDIvREIwOUU3QUND
ODU1MTFFRUEyMzFDMTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmHQwDQYJKoZIhvcNAQELBQADggEBACs/SXHN/59OdUbN
4e8aCP/GO8naNIFRCctQOwPuVSiEClgczpQ7co+zmP0RWJ6PkgUY/LooiFurLI20
f59k9AJ6QEAAa+c9Jlj4LEHaZb+C4jZxVzGXeiPVmChYG9lwdKpLCMW79UIlvS4V
zV9zxGfdY3cv74hml5p1WFj1xzgIgk49470EkYgVPQUSAjKiH97tG4zPk+RjXWgX
4CARfGTZ5D1USJ7pJ4sAcw75wOG3uPdZynOk8kUdilut624NYPiyIuBqa/EQoEbs
92dHCz18HP59biLA3iHWS7s03xR0YIZB3On2tumGnIQkMMVFslxMb3pXqedQ5GO2
ZiSiz+A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:49:50 2025 by rpki-client