Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/C3D8F588ED2F11EEB79B2C13C4F9AE02.roa
File: C3D8F588ED2F11EEB79B2C13C4F9AE02.roa (raw, json)
Hash identifier: g1CofjuKDAg9sbWJJ4P7htfxzwkTXcaeCZzQ7TXxjME=
Subject key identifier: C4:38:71:62:17:3C:8C:78:C5:94:DF:E6:96:81:FD:1B:07:AC:34:FC
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1BD3
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/C3D8F588ED2F11EEB79B2C13C4F9AE02.roa
Signing time: Thu 28 Mar 2024 18:19:50 +0000
ROA not before: Thu 28 Mar 2024 18:19:50 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133933
IP address blocks: 118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7123 (0x1bd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Mar 28 18:19:50 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6605b4c6-f00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:90:94:3f:63:f6:00:29:b6:80:98:30:1f:5a:
17:93:29:ec:b9:54:e1:da:64:dc:fe:42:1c:8c:5d:
cc:2f:53:f2:0f:d1:b0:ed:17:db:fb:4b:63:1c:7d:
6b:77:1a:28:07:2c:e5:13:5d:fa:14:9b:de:02:c6:
76:e2:3c:42:64:fc:83:cd:c9:0d:fc:d7:14:e8:c9:
63:c3:af:17:ac:4c:17:35:52:1b:94:e2:2e:92:48:
34:0e:3a:a1:ae:2e:cc:e2:07:d1:20:c1:af:27:a7:
28:85:1d:87:97:88:8c:98:62:d7:03:ef:80:c6:6c:
dc:77:81:ea:1d:f2:a5:a1:b8:81:31:65:77:89:2b:
e1:ec:3e:5e:a2:b2:24:64:88:9b:bc:66:e9:ea:1a:
13:e3:da:a9:bf:c6:7d:d3:cd:07:e7:cd:53:e8:f6:
d0:23:ae:8d:ca:cc:4d:a9:5a:b5:cf:89:23:45:3c:
7d:50:83:d7:50:78:d0:72:eb:65:73:8b:9f:3c:ad:
a2:6c:af:be:3a:2b:e3:70:bb:f8:51:f7:a2:98:2d:
4b:9b:29:c0:99:dc:34:c9:b6:f4:3a:2b:8d:da:cb:
f9:fa:64:0b:bd:03:48:1f:ec:8f:82:5e:e7:d8:19:
f9:a9:82:2c:14:79:e1:bb:50:f8:05:1d:14:20:da:
02:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:38:71:62:17:3C:8C:78:C5:94:DF:E6:96:81:FD:1B:07:AC:34:FC
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/C3D8F588ED2F11EEB79B2C13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.103.226.0-118.103.232.255
Signature Algorithm: sha256WithRSAEncryption
bf:e8:bc:c7:ce:ed:d1:d3:cb:bf:4f:92:51:8a:d2:f1:a9:ee:
f3:12:7f:af:06:2e:9e:c2:57:63:09:ca:1d:fb:68:d4:a4:25:
60:69:76:db:2e:07:c8:fd:cf:e6:6e:9b:3a:14:bc:cf:ee:54:
97:ad:2e:94:b6:a7:a1:bb:06:b4:6f:df:39:bc:13:fd:f3:37:
38:75:0a:13:1e:28:b0:3c:a9:f5:7e:d7:89:4a:05:1e:6f:a3:
af:f9:51:eb:8d:9a:7c:3b:f1:d2:39:70:5e:8e:f0:e6:22:b1:
c7:84:8c:30:1a:b2:78:5a:15:75:00:ee:73:06:84:aa:43:be:
05:15:4c:65:e6:ef:94:39:1a:fa:16:cb:3e:db:48:ef:87:40:
a7:3f:fb:e4:ad:4a:30:c5:bf:a8:1f:15:c2:eb:fe:83:db:c3:
7f:50:69:4e:c2:e9:2c:5f:3e:f5:a3:55:7c:f0:9f:7b:12:b1:
76:a0:24:69:14:c4:6e:e7:ec:b8:6f:c9:eb:c7:18:df:5d:03:
c1:39:90:fa:1d:55:17:1d:92:9e:b4:ab:28:fe:cc:7d:e8:5e:
5a:be:c1:31:2c:cf:c8:08:62:3b:1d:91:af:f3:a3:28:7f:78:
69:ff:9f:d7:30:a9:89:69:79:d7:3f:2c:f5:b3:ca:f5:a4:3f:
0c:fb:cc:3b
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICG9MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwMzI4MTgxOTUwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA1YjRjNi1mMDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9pCUP2P2ACm2gJgwH1oXkynsuVTh2mTc/kIcjF3ML1PyD9Gw7Rfb+0tjHH1r
dxooByzlE136FJveAsZ24jxCZPyDzckN/NcU6Mljw68XrEwXNVIblOIukkg0Djqh
ri7M4gfRIMGvJ6cohR2Hl4iMmGLXA++Axmzcd4HqHfKlobiBMWV3iSvh7D5eorIk
ZIibvGbp6hoT49qpv8Z9080H581T6PbQI66NysxNqVq1z4kjRTx9UIPXUHjQcutl
c4ufPK2ibK++OivjcLv4UfeimC1LmynAmdw0ybb0OiuN2sv5+mQLvQNIH+yPgl7n
2Bn5qYIsFHnhu1D4BR0UINoCAQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFMQ4cWIX
PIx4xZTf5paB/RsHrDT8MB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvQzNEOEY1ODhF
RDJGMTFFRUI3OUIyQzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAXZn4gMEAHZn6DANBgkqhkiG9w0BAQsFAAOCAQEAv+i8
x87t0dPLv0+SUYrS8anu8xJ/rwYunsJXYwnKHfto1KQlYGl22y4HyP3P5m6bOhS8
z+5Ul60ulLanobsGtG/fObwT/fM3OHUKEx4osDyp9X7XiUoFHm+jr/lR642afDvx
0jlwXo7w5iKxx4SMMBqyeFoVdQDucwaEqkO+BRVMZebvlDka+hbLPttI74dApz/7
5K1KMMW/qB8Vwuv+g9vDf1BpTsLpLF8+9aNVfPCfexKxdqAkaRTEbufsuG/J68cY
310DwTmQ+h1VFx2SnrSrKP7MfeheWr7BMSzPyAhiOx2Rr/OjKH94af+f1zCpiWl5
1z8s9bPK9aQ/DPvMOw==
-----END CERTIFICATE-----
Generated at Tue May 13 19:41:26 2025 by rpki-client