Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/64DE5ED21A3B11EE8A846877C4F9AE02.roa
File: 64DE5ED21A3B11EE8A846877C4F9AE02.roa (raw, json)
Hash identifier: K4uzvykuzeo2t6zE9E5E+1sYAaX+/Mf6T3CAGMrXPZU=
Subject key identifier: 13:76:3B:1F:E8:DF:CA:85:6E:92:84:4E:CF:36:B9:D5:F6:83:4B:F1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 74EE
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/64DE5ED21A3B11EE8A846877C4F9AE02.roa
Signing time: Tue 04 Jul 2023 07:21:30 +0000
ROA not before: Tue 04 Jul 2023 07:21:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137000
IP address blocks: 103.168.212.0/24 maxlen: 24
103.173.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29934 (0x74ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 4 07:21:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a3c879-88b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b6:f0:a4:05:05:fa:88:ae:b5:32:16:88:6d:
53:36:84:bf:2c:87:8e:51:fc:7b:31:81:1c:83:d7:
a7:fd:9e:71:d5:2e:82:61:07:e8:6f:6e:e8:0b:09:
fa:9f:00:ab:ea:f5:6e:a2:ad:f7:ad:d3:33:8e:94:
04:20:fe:ae:74:4d:f3:c2:5e:e6:61:14:6d:92:b4:
99:5b:b9:c1:44:3b:82:6a:c3:5a:5b:83:c6:83:75:
ef:99:04:f0:3e:79:f2:fb:b0:1f:e5:a7:34:95:31:
64:de:a2:80:77:64:db:af:bb:80:6a:9d:d9:a5:9e:
8c:93:bc:16:96:f6:4f:92:1b:00:d7:38:ea:6b:75:
c1:12:f9:32:03:21:a0:56:08:05:6c:04:ea:2c:5d:
c0:85:85:7c:30:16:a2:c3:68:fe:24:b2:ac:c5:26:
d6:d3:38:c6:1f:04:ff:fb:8a:21:2f:c6:fe:8d:06:
0a:c2:26:83:7e:56:1a:fc:66:c5:1f:bb:e3:6b:0c:
de:20:aa:fa:16:66:78:3f:30:a0:5e:f5:13:95:09:
a5:cf:ff:5e:58:e8:82:1c:77:c6:1f:13:fa:80:73:
e8:e5:47:af:3f:70:59:22:40:03:3b:1a:6b:24:53:
55:67:b3:9f:0b:e0:26:47:9c:86:ae:31:c2:31:46:
dd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:76:3B:1F:E8:DF:CA:85:6E:92:84:4E:CF:36:B9:D5:F6:83:4B:F1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/64DE5ED21A3B11EE8A846877C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.212.0/24
103.173.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:97:9e:48:4f:c2:15:90:ea:81:c0:b7:d7:0f:69:95:f1:d4:
45:56:7a:cb:07:7c:8f:fc:3d:f0:57:16:d9:72:bd:96:d0:dc:
c2:94:59:28:90:c9:9f:3a:eb:3b:64:dc:8d:7e:66:d6:20:de:
a7:a4:78:d9:5c:88:bb:76:ba:b5:63:cd:f3:95:b7:9f:d3:1a:
1d:ed:aa:de:f9:ad:2d:93:2a:66:88:22:af:c7:23:af:4a:c3:
c0:58:41:f5:22:6e:ff:2a:bc:6a:22:52:4b:8f:f1:57:c0:be:
7a:e4:71:ae:9e:25:7d:5e:fb:71:a1:7a:62:f2:37:b4:46:8e:
a2:f5:a6:03:d8:ae:b3:85:bf:e6:e2:87:24:b5:e7:52:b2:7f:
8d:ae:94:78:6d:81:85:9b:20:97:a3:c0:6c:cc:2c:88:ce:3e:
41:e6:18:34:bb:4b:52:2a:98:be:d7:41:70:63:ff:6e:cd:dd:
d2:c0:f8:19:54:3b:42:66:77:6c:62:75:f8:3a:68:18:83:2d:
63:50:af:da:da:4a:a6:e2:09:c6:a7:28:15:40:b6:0d:74:f2:
0a:07:d5:d1:ce:97:25:d0:19:7d:b4:1a:73:c4:2d:68:8e:a0:
a1:06:75:ef:65:c1:81:d3:bb:71:77:ec:f6:c7:b3:8b:ac:ad:
c5:6d:48:0c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICdO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNzA0MDcyMTI5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEzYzg3OS04OGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv7bwpAUF+oiutTIWiG1TNoS/LIeOUfx7MYEcg9en/Z5x1S6CYQfob27oCwn6
nwCr6vVuoq33rdMzjpQEIP6udE3zwl7mYRRtkrSZW7nBRDuCasNaW4PGg3XvmQTw
Pnny+7Af5ac0lTFk3qKAd2Tbr7uAap3ZpZ6Mk7wWlvZPkhsA1zjqa3XBEvkyAyGg
VggFbATqLF3AhYV8MBaiw2j+JLKsxSbW0zjGHwT/+4ohL8b+jQYKwiaDflYa/GbF
H7vjawzeIKr6FmZ4PzCgXvUTlQmlz/9eWOiCHHfGHxP6gHPo5UevP3BZIkADOxpr
JFNVZ7OfC+AmR5yGrjHCMUbddQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBN2Ox/o
38qFbpKETs82udX2g0vxMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjRERTVFRDIx
QTNCMTFFRThBODQ2ODc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnqNQDBABnrdYwDQYJKoZIhvcNAQELBQADggEBAC+XnkhP
whWQ6oHAt9cPaZXx1EVWessHfI/8PfBXFtlyvZbQ3MKUWSiQyZ866ztk3I1+ZtYg
3qekeNlciLt2urVjzfOVt5/TGh3tqt75rS2TKmaIIq/HI69Kw8BYQfUibv8qvGoi
UkuP8VfAvnrkca6eJX1e+3GhemLyN7RGjqL1pgPYrrOFv+bihyS151Kyf42ulHht
gYWbIJejwGzMLIjOPkHmGDS7S1IqmL7XQXBj/27N3dLA+BlUO0Jmd2xidfg6aBiD
LWNQr9raSqbiCcanKBVAtg108goH1dHOlyXQGX20GnPELWiOoKEGde9lwYHTu3F3
7PbHs4usrcVtSAw=
-----END CERTIFICATE-----
Generated at Fri May 16 09:24:36 2025 by rpki-client