Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DA55CAAC128D11EE9CBF6722C4F9AE02.roa
File: DA55CAAC128D11EE9CBF6722C4F9AE02.roa (raw, json)
Hash identifier: 8x4Mkf19gyjcIwBHwzjn6XsbjotpC1CBDRgePJgkoDw=
Subject key identifier: 9B:91:E7:FA:95:CD:F2:CD:F5:E4:1D:9D:44:DE:54:C6:14:CC:15:EE
Certificate issuer: /CN=A91415AA/serialNumber=16C01D9CA0FFBEFAE0BB010E5144507AEA410D03
Certificate serial: 06FB
Authority key identifier: 16:C0:1D:9C:A0:FF:BE:FA:E0:BB:01:0E:51:44:50:7A:EA:41:0D:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FsAdnKD_vvrguwEOUURQeupBDQM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DA55CAAC128D11EE9CBF6722C4F9AE02.roa
Signing time: Sat 24 Jun 2023 12:51:36 +0000
ROA not before: Sat 24 Jun 2023 12:51:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150774
IP address blocks: 103.160.158.0/27 maxlen: 27
103.160.158.16/28 maxlen: 28
103.160.158.32/27 maxlen: 28
103.160.158.64/26 maxlen: 27
103.160.158.64/27 maxlen: 28
103.160.158.96/28 maxlen: 28
103.160.158.144/28 maxlen: 28
103.160.158.160/27 maxlen: 28
103.160.158.192/26 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1787 (0x6fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91415AA, serialNumber=16C01D9CA0FFBEFAE0BB010E5144507AEA410D03
Validity
Not Before: Jun 24 12:51:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6496e6d8-254b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:21:dc:b8:7c:46:e0:fd:d1:1a:8d:d9:48:72:
ed:d8:43:df:1c:9b:b5:37:f3:6b:28:25:c1:39:21:
b0:48:a8:b5:74:93:87:96:e0:06:d0:dd:3f:bb:93:
25:97:13:d1:97:bc:e4:5e:5d:ba:b7:36:78:66:20:
63:45:dc:aa:70:9e:ac:43:36:e7:20:00:0f:ac:48:
25:7b:3d:ef:36:5f:74:65:87:41:7f:c6:b3:45:02:
bb:1a:e6:d1:54:30:fc:ce:f7:81:36:17:ea:77:04:
a7:0e:66:78:40:45:cd:0f:81:4b:3d:b3:6f:fe:89:
08:6b:dd:57:0a:7d:2f:87:5f:e4:cf:f3:0f:de:90:
62:be:3d:c3:a5:37:22:b6:51:3c:47:06:20:b3:b1:
5a:58:b4:c1:6f:7c:f9:9c:7a:36:81:7c:20:7d:ba:
06:aa:43:69:32:f5:87:9a:d8:c0:10:ac:d8:e5:5e:
29:14:75:4a:bd:e9:d1:e0:45:85:de:a7:40:eb:06:
b2:2e:02:a3:6b:e8:02:f8:75:99:4b:b8:87:26:51:
55:30:d6:bc:ef:8f:4a:58:55:2b:92:e6:9f:14:3a:
bc:31:24:b0:55:fe:ea:98:2a:6f:45:87:53:5c:88:
fb:80:6d:f1:53:4a:6b:de:0a:de:c3:94:fa:1f:37:
68:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:91:E7:FA:95:CD:F2:CD:F5:E4:1D:9D:44:DE:54:C6:14:CC:15:EE
X509v3 Authority Key Identifier:
keyid:16:C0:1D:9C:A0:FF:BE:FA:E0:BB:01:0E:51:44:50:7A:EA:41:0D:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/FsAdnKD_vvrguwEOUURQeupBDQM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FsAdnKD_vvrguwEOUURQeupBDQM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DA55CAAC128D11EE9CBF6722C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.158.0/25
103.160.158.144-103.160.158.255
Signature Algorithm: sha256WithRSAEncryption
c5:a7:e1:92:bc:c3:ba:57:01:7a:bd:d8:e4:9c:99:d9:e0:8d:
c1:43:d2:ce:69:5f:5e:32:e8:5f:0f:fb:48:b9:cc:3b:ec:79:
46:ee:1c:eb:4c:da:2e:3e:07:b6:ee:94:91:a0:1a:bb:05:07:
d6:74:76:f1:8f:a5:79:a5:21:42:90:c9:21:83:4e:dd:3e:95:
98:00:e1:58:32:c0:38:24:fd:6c:3e:40:02:70:b7:e3:63:7e:
ea:e7:e5:8b:3b:4e:8d:a3:26:07:f3:6d:3d:08:f6:4d:4c:2b:
3a:ce:f9:73:6f:41:b7:77:56:50:1b:df:8e:1d:3f:1b:77:f0:
d2:2a:0a:92:b6:af:a1:0d:e7:a4:31:6b:97:28:e1:2f:cb:d1:
3b:fd:97:d1:4c:b3:ff:f0:7e:74:18:50:cd:0a:63:e4:54:65:
b5:fd:d9:16:99:a0:bd:b8:07:ed:67:7f:78:02:b5:3e:8b:de:
f0:9c:4a:eb:f3:6d:11:a2:de:f0:36:cc:f9:69:1b:9d:93:cc:
d9:a8:ad:bb:87:74:eb:78:d7:87:03:9e:a1:ac:8f:a6:b8:25:
2c:47:fd:76:ec:83:55:ae:9c:33:77:2b:bf:83:64:ba:2e:02:
f6:2a:28:b1:e3:d8:ab:98:ea:18:93:b6:ce:87:1c:6f:ad:5a:
02:ea:66:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICBvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDE1QUExMTAvBgNVBAUTKDE2QzAxRDlDQTBGRkJFRkFFMEJCMDEwRTUxNDQ1MDdB
RUE0MTBEMDMwHhcNMjMwNjI0MTI1MTM2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk2ZTZkOC0yNTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtyHcuHxG4P3RGo3ZSHLt2EPfHJu1N/NrKCXBOSGwSKi1dJOHluAG0N0/u5Ml
lxPRl7zkXl26tzZ4ZiBjRdyqcJ6sQzbnIAAPrEglez3vNl90ZYdBf8azRQK7GubR
VDD8zveBNhfqdwSnDmZ4QEXND4FLPbNv/okIa91XCn0vh1/kz/MP3pBivj3DpTci
tlE8RwYgs7FaWLTBb3z5nHo2gXwgfboGqkNpMvWHmtjAEKzY5V4pFHVKvenR4EWF
3qdA6wayLgKja+gC+HWZS7iHJlFVMNa8749KWFUrkuafFDq8MSSwVf7qmCpvRYdT
XIj7gG3xU0pr3grew5T6HzdonQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJuR5/qV
zfLN9eQdnUTeVMYUzBXuMB8GA1UdIwQYMBaAFBbAHZyg/7764LsBDlFEUHrqQQ0D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTVBQS8zRUZBMjQxNDYy
RTAxMUVBQTZENTlBMkNDNEY5QUUwMi9Gc0FkbktEX3Z2cmd1d0VPVVVSUWV1cEJE
UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZzQWRuS0RfdnZyZ3V3RU9VVVJRZXVwQkRRTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDE1QUEvM0VGQTI0MTQ2MkUwMTFFQUE2RDU5QTJDQzRGOUFFMDIvREE1NUNBQUMx
MjhEMTFFRTlDQkY2NzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMBwEAgABMBYDBQdnoJ4AMA0DBQRnoJ6QAwQAZ6CeMA0GCSqGSIb3DQEBCwUA
A4IBAQDFp+GSvMO6VwF6vdjknJnZ4I3BQ9LOaV9eMuhfD/tIucw77HlG7hzrTNou
Pge27pSRoBq7BQfWdHbxj6V5pSFCkMkhg07dPpWYAOFYMsA4JP1sPkACcLfjY37q
5+WLO06NoyYH8209CPZNTCs6zvlzb0G3d1ZQG9+OHT8bd/DSKgqStq+hDeekMWuX
KOEvy9E7/ZfRTLP/8H50GFDNCmPkVGW1/dkWmaC9uAftZ394ArU+i97wnErr820R
ot7wNsz5aRudk8zZqK27h3TreNeHA56hrI+muCUsR/127INVrpwzdyu/g2S6LgL2
Kiix49irmOoYk7bOhxxvrVoC6maw
-----END CERTIFICATE-----
Generated at Sun May 11 22:32:39 2025 by rpki-client