Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/DCC1FA1218E711EEA38A860FC4F9AE02.roa
File: DCC1FA1218E711EEA38A860FC4F9AE02.roa (raw, json)
Hash identifier: MzjBDHLqdd2wSPN2bz6/HV/noRm1dLYbGOmedTUPnLg=
Subject key identifier: 93:88:0E:1F:A5:96:30:ED:18:E8:9F:D9:EC:3F:34:B8:FA:F9:D2:5D
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04A2
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/DCC1FA1218E711EEA38A860FC4F9AE02.roa
Signing time: Fri 01 Sep 2023 13:27:00 +0000
ROA not before: Fri 01 Sep 2023 13:27:00 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 20473
IP address blocks: 43.255.122.0/24 maxlen: 24
103.231.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1186 (0x4a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322, serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 1 13:27:00 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64f1e6a4-1198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:69:39:63:55:40:4f:40:fb:ea:a7:57:22:c9:
ca:d4:33:e7:bd:e5:0b:2c:c8:aa:9b:90:e3:ca:54:
cb:1d:89:bf:1b:1f:22:c1:b0:17:b9:8b:fe:f0:0d:
15:56:50:6f:d9:95:8d:1b:a4:c9:cb:2f:48:db:f9:
ce:b7:d7:33:1c:1a:6f:82:8f:d6:01:aa:3b:b8:5a:
96:7b:2f:fe:83:b0:07:48:ed:d6:76:e6:46:cc:b1:
f9:57:51:b5:42:cc:a7:fa:f2:35:3e:e4:9e:6e:8e:
d6:91:a6:0a:e3:bd:cb:6f:dc:5c:0e:4c:2d:92:25:
50:c0:7b:17:fa:d8:23:0b:b4:a2:70:33:be:d4:48:
9b:ba:56:64:2a:9e:a2:36:30:c7:fe:2f:9d:46:c6:
76:b3:78:a4:86:91:19:a2:0a:27:1e:04:ff:03:8d:
62:b5:4a:cc:37:3e:a3:9a:1a:31:45:90:92:aa:a2:
ba:07:48:62:e6:fd:05:be:ef:f7:e8:8e:ee:9f:11:
23:d9:d7:6c:51:38:c1:b7:c7:6e:c1:d9:c4:c1:c7:
87:5a:80:32:db:cc:bc:0a:06:bf:ea:e3:ff:51:a7:
d2:f8:e1:17:d5:1c:b4:b5:e4:72:dc:7c:35:f2:9e:
79:49:82:b3:91:c7:fd:65:86:73:ec:24:25:7f:92:
e7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:88:0E:1F:A5:96:30:ED:18:E8:9F:D9:EC:3F:34:B8:FA:F9:D2:5D
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/DCC1FA1218E711EEA38A860FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.122.0/24
103.231.58.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:5d:de:70:cd:9f:0d:57:a5:b4:e4:f5:1e:69:14:db:2e:a0:
70:25:a4:bf:d5:7f:e7:78:f1:f2:37:67:bb:7f:96:8a:29:32:
fa:a5:31:8b:8a:9f:94:cc:ac:3e:2d:1c:76:95:4f:56:55:98:
42:fa:56:c6:83:ed:47:c7:ee:fa:f9:be:56:6b:00:7c:7e:cd:
df:c5:1a:4a:07:50:3f:f6:c3:52:38:fa:43:ef:e3:c7:39:9f:
34:3a:fe:7f:d0:ee:e1:6c:03:8d:50:3e:07:09:9c:3a:5a:29:
a7:29:33:05:87:c9:3a:e5:f0:a5:d2:28:5a:52:b5:b0:98:35:
5a:f8:74:e8:49:47:60:ec:8a:cf:a0:be:c4:b2:83:e4:cc:fa:
e2:cc:d6:aa:32:f2:f8:69:f2:80:15:2b:52:0b:4f:09:37:cd:
56:e5:f5:b8:49:e0:fd:0b:f7:14:05:22:03:de:42:58:91:f7:
04:58:85:c6:a9:b0:21:53:c1:c3:3b:97:70:b2:3b:aa:b7:96:
30:e7:b0:1b:9d:83:05:95:0c:ec:2d:43:85:c2:67:43:51:ff:
f3:87:4a:0a:84:54:d5:11:e0:ff:11:ff:11:28:f6:a4:8f:cd:
ce:9c:82:02:58:94:ca:0e:4e:02:2a:ca:06:5f:be:e5:73:f5:
6d:ea:80:f9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTAxMTMyNzAwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYxZTZhNC0xMTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2k5Y1VAT0D76qdXIsnK1DPnveULLMiqm5DjylTLHYm/Gx8iwbAXuYv+8A0V
VlBv2ZWNG6TJyy9I2/nOt9czHBpvgo/WAao7uFqWey/+g7AHSO3WduZGzLH5V1G1
Qsyn+vI1PuSebo7WkaYK473Lb9xcDkwtkiVQwHsX+tgjC7SicDO+1EibulZkKp6i
NjDH/i+dRsZ2s3ikhpEZogonHgT/A41itUrMNz6jmhoxRZCSqqK6B0hi5v0Fvu/3
6I7unxEj2ddsUTjBt8duwdnEwceHWoAy28y8Cga/6uP/UafS+OEX1Ry0teRy3Hw1
8p55SYKzkcf9ZYZz7CQlf5LnWQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJOIDh+l
ljDtGOif2ew/NLj6+dJdMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRENDMUZBMTIx
OEU3MTFFRUEzOEE4NjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr/3oDBABn5zowDQYJKoZIhvcNAQELBQADggEBAKdd3nDN
nw1XpbTk9R5pFNsuoHAlpL/Vf+d48fI3Z7t/loopMvqlMYuKn5TMrD4tHHaVT1ZV
mEL6VsaD7UfH7vr5vlZrAHx+zd/FGkoHUD/2w1I4+kPv48c5nzQ6/n/Q7uFsA41Q
PgcJnDpaKacpMwWHyTrl8KXSKFpStbCYNVr4dOhJR2Dsis+gvsSyg+TM+uLM1qoy
8vhp8oAVK1ILTwk3zVbl9bhJ4P0L9xQFIgPeQliR9wRYhcapsCFTwcM7l3CyO6q3
ljDnsBudgwWVDOwtQ4XCZ0NR//OHSgqEVNUR4P8R/xEo9qSPzc6cggJYlMoOTgIq
ygZfvuVz9W3qgPk=
-----END CERTIFICATE-----
Generated at Mon May 12 12:43:33 2025 by rpki-client