Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/91A061DC836711EE95D90362C4F9AE02.roa
File: 91A061DC836711EE95D90362C4F9AE02.roa (raw, json)
Hash identifier: 3QA3nFjuXDZ8YclhQMkQfsKR5ErFJM+KmXxB9Vjysc4=
Subject key identifier: 9F:5C:FB:5C:2D:27:E5:DA:53:BB:65:C3:BA:8A:44:D7:11:FA:8B:B5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7D8F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/91A061DC836711EE95D90362C4F9AE02.roa
Signing time: Wed 15 Nov 2023 03:32:14 +0000
ROA not before: Wed 15 Nov 2023 03:32:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150102
IP address blocks: 103.212.133.0/24 maxlen: 24
103.252.42.0/24 maxlen: 24
103.252.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32143 (0x7d8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 15 03:32:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65543bbe-373c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:99:9b:fe:a0:2d:22:08:e2:74:d4:55:ee:1f:
73:1b:ad:a1:91:07:04:15:56:19:f4:60:5b:3f:2b:
43:39:be:d7:8d:e3:c5:8a:d6:d3:f3:80:32:d1:4e:
7f:09:00:fd:24:62:5e:b7:5a:8b:cb:70:fb:b9:47:
c9:62:d6:a7:95:99:5f:b8:af:ce:73:02:a1:53:d3:
b3:73:7d:14:8b:0e:c1:27:6d:91:af:cc:3e:03:b3:
1b:f9:02:a4:65:97:66:52:15:a4:f5:cf:34:2e:dd:
f9:c3:22:7d:13:31:ff:b1:42:d6:c5:d8:85:eb:09:
95:7d:a8:63:75:d1:bd:a1:59:ac:fb:d1:7f:f4:72:
6d:c5:71:77:10:f7:a6:47:aa:a8:28:04:3d:99:5b:
ff:44:56:f9:98:b7:c5:9b:01:20:6c:9b:08:93:b0:
4d:47:fd:5d:31:c6:2d:69:93:05:2c:e0:e0:ba:52:
63:ef:59:ee:4c:d9:e3:5b:9e:d5:3e:99:c7:43:2b:
6d:7d:8f:00:f1:47:98:47:bd:62:0b:3d:6a:e2:b7:
4a:42:42:7b:b2:c1:2f:92:99:ea:2f:dd:cc:6b:8b:
03:12:e9:08:86:2b:e6:44:d1:4b:56:1b:79:5c:70:
01:89:6d:db:1e:db:ec:f9:ba:f1:48:59:c9:94:fc:
73:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:5C:FB:5C:2D:27:E5:DA:53:BB:65:C3:BA:8A:44:D7:11:FA:8B:B5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/91A061DC836711EE95D90362C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.212.133.0/24
103.252.42.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:29:87:3e:51:50:e3:4c:62:26:d8:76:e4:48:43:67:e5:07:
7c:32:e9:25:3a:6e:15:40:02:b5:c1:22:4e:77:b1:d8:37:64:
bd:dd:94:4e:c7:67:b9:26:f9:8e:09:9e:8d:8e:85:f4:9a:9e:
fa:1d:48:7a:16:cd:ed:ec:1f:6e:11:a3:81:cb:0c:6c:d8:3c:
8a:91:40:87:cc:31:8e:5f:9d:8d:a5:69:1e:a7:93:a4:0a:75:
c4:34:ac:02:88:04:c3:18:bb:c3:f5:40:4e:54:86:57:93:fc:
50:f2:f7:e6:5e:6f:8c:18:8c:08:2e:9a:60:5e:96:42:fb:77:
a9:c8:5c:0f:cd:b9:8c:73:ac:e0:7c:72:fe:76:f4:76:b0:47:
90:18:cc:d9:b5:55:2e:c1:b1:c7:d4:47:73:d5:3a:c4:32:8f:
cd:1b:27:66:09:db:7b:92:14:3f:34:77:5a:0d:63:20:b6:ea:
65:88:71:b1:c0:95:38:b6:65:71:a6:71:2d:48:57:6a:d1:53:
86:27:b7:6a:ad:d2:3e:7f:04:a4:27:5b:7d:1e:95:51:e7:7b:
9c:fe:d7:03:ef:94:ab:98:c5:c3:44:74:3f:e7:b1:75:6d:af:
d2:14:8a:3e:36:f0:f2:e3:65:fb:cc:81:38:d5:d1:9a:5e:00:
12:f7:9c:ee
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICfY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTE1MDMzMjE0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU0M2JiZS0zNzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtpmb/qAtIgjidNRV7h9zG62hkQcEFVYZ9GBbPytDOb7XjePFitbT84Ay0U5/
CQD9JGJet1qLy3D7uUfJYtanlZlfuK/OcwKhU9Ozc30Uiw7BJ22Rr8w+A7Mb+QKk
ZZdmUhWk9c80Lt35wyJ9EzH/sULWxdiF6wmVfahjddG9oVms+9F/9HJtxXF3EPem
R6qoKAQ9mVv/RFb5mLfFmwEgbJsIk7BNR/1dMcYtaZMFLODgulJj71nuTNnjW57V
PpnHQyttfY8A8UeYR71iCz1q4rdKQkJ7ssEvkpnqL93Ma4sDEukIhivmRNFLVht5
XHABiW3bHtvs+brxSFnJlPxzxQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJ9c+1wt
J+XaU7tlw7qKRNcR+ou1MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOTFBMDYxREM4
MzY3MTFFRTk1RDkwMzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn1IUDBAFn/CowDQYJKoZIhvcNAQELBQADggEBAA4phz5R
UONMYibYduRIQ2flB3wy6SU6bhVAArXBIk53sdg3ZL3dlE7HZ7km+Y4Jno2OhfSa
nvodSHoWze3sH24Ro4HLDGzYPIqRQIfMMY5fnY2laR6nk6QKdcQ0rAKIBMMYu8P1
QE5UhleT/FDy9+Zeb4wYjAgummBelkL7d6nIXA/NuYxzrOB8cv529HawR5AYzNm1
VS7BscfUR3PVOsQyj80bJ2YJ23uSFD80d1oNYyC26mWIcbHAlTi2ZXGmcS1IV2rR
U4Ynt2qt0j5/BKQnW30elVHne5z+1wPvlKuYxcNEdD/nsXVtr9IUij428PLjZfvM
gTjV0ZpeABL3nO4=
-----END CERTIFICATE-----
Generated at Wed May 14 14:45:10 2025 by rpki-client