Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BA61B68C213A11EE8B89D547C4F9AE02.roa
File: BA61B68C213A11EE8B89D547C4F9AE02.roa (raw, json)
Hash identifier: 2LK9BSZKtaeSU1PlrLpYQM9pkmp+KQDbyle2m5yBM6Q=
Subject key identifier: F2:34:91:97:CA:F1:3F:97:F2:04:79:72:31:D1:C6:B8:20:00:79:97
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7570
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BA61B68C213A11EE8B89D547C4F9AE02.roa
Signing time: Thu 13 Jul 2023 05:04:21 +0000
ROA not before: Thu 13 Jul 2023 05:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150102
IP address blocks: 103.194.118.0/24 maxlen: 24
103.194.119.0/24 maxlen: 24
103.212.132.0/24 maxlen: 24
103.212.133.0/24 maxlen: 24
103.212.134.0/24 maxlen: 24
103.212.135.0/24 maxlen: 24
103.217.81.0/24 maxlen: 24
103.225.180.0/24 maxlen: 24
103.225.181.0/24 maxlen: 24
103.229.210.0/24 maxlen: 24
103.229.211.0/24 maxlen: 24
103.252.42.0/24 maxlen: 24
103.252.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30064 (0x7570)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 13 05:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64af85d5-8c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:34:cd:1f:cd:ea:01:0b:3d:f2:1e:ea:e7:e6:
bb:46:f4:27:08:88:41:8c:a2:ef:58:73:fa:fa:6d:
e2:15:bb:49:24:39:dd:46:38:99:fd:53:ab:f6:99:
47:fd:ed:d8:9f:2b:63:2f:29:93:27:16:02:8d:9d:
bd:a5:be:65:7b:62:99:94:d6:55:8b:18:34:ff:ca:
11:30:3d:57:a8:c6:88:7c:48:8b:d1:78:5e:79:c6:
dc:35:9a:73:26:1c:9e:a4:e1:b8:90:1b:a8:af:cf:
9d:b0:eb:c1:73:7f:44:79:da:b8:e7:32:7b:26:ee:
f0:bb:dd:33:58:7d:4f:34:d9:f8:4b:4c:37:c0:a1:
b2:a6:4e:f1:34:78:d7:bb:64:39:41:ce:0b:15:8e:
b6:13:2a:d8:ca:ca:8f:a3:03:22:3f:15:55:b3:42:
3b:b6:66:69:24:d0:38:8f:2d:c9:38:73:b2:0d:8b:
10:37:72:04:1c:3b:f9:c0:96:a2:1b:43:63:49:c5:
5e:2c:c8:b0:55:ee:07:f8:1e:e6:3b:fa:62:b8:31:
38:b7:3f:97:2d:54:92:bd:65:7f:69:9b:3e:82:73:
6d:67:69:8b:e1:24:4b:ee:99:0f:fa:95:63:d6:20:
fa:f2:d7:18:d8:fc:ab:2c:f0:5e:bd:ba:d1:80:bf:
14:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:34:91:97:CA:F1:3F:97:F2:04:79:72:31:D1:C6:B8:20:00:79:97
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BA61B68C213A11EE8B89D547C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.194.118.0/23
103.212.132.0/22
103.217.81.0/24
103.225.180.0/23
103.229.210.0/23
103.252.42.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:b5:08:f7:76:c3:90:61:d4:11:9a:40:cc:4c:e6:68:f3:8f:
ff:0d:87:7e:00:69:74:94:36:14:d6:37:06:04:8e:1f:03:3b:
20:f6:ec:3a:e3:d0:ec:2d:6b:58:d4:35:bb:bf:b8:7f:cf:ee:
3f:5e:7d:b7:1c:8d:54:53:8a:52:24:49:85:84:57:3a:fa:b9:
3c:bc:a1:38:8f:36:5c:38:d3:40:66:4d:dc:17:78:aa:ab:eb:
c7:19:e8:37:a4:27:1e:a9:13:dc:7e:89:9f:83:b1:43:ba:79:
41:29:d1:86:79:40:ed:fc:37:c1:86:fb:c4:4a:1d:8f:cd:31:
4d:83:80:40:59:7f:d0:c6:93:4b:1b:4b:3a:a1:48:46:bf:fb:
92:67:46:ef:91:ee:e9:9a:e7:01:9e:d3:e4:9a:20:fa:2e:f7:
1d:ff:21:b4:64:d7:a2:ce:f5:d8:b4:6b:48:54:e3:0b:e1:b4:
0e:46:ac:fc:98:86:7b:a1:b7:57:39:60:ef:ad:2b:90:1e:b6:
d9:eb:67:d9:f3:90:fd:91:36:cd:65:8f:51:75:c0:78:7a:b1:
93:a1:88:28:0e:8b:21:cd:f7:8c:14:a5:d8:82:07:69:aa:c8:
94:eb:ad:a8:75:77:39:ad:23:0a:a0:fc:e1:a3:73:61:f2:8a:
fe:1e:0e:04
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICdXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNzEzMDUwNDIxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFmODVkNS04YzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1DTNH83qAQs98h7q5+a7RvQnCIhBjKLvWHP6+m3iFbtJJDndRjiZ/VOr9plH
/e3YnytjLymTJxYCjZ29pb5le2KZlNZVixg0/8oRMD1XqMaIfEiL0XheecbcNZpz
JhyepOG4kBuor8+dsOvBc39Eedq45zJ7Ju7wu90zWH1PNNn4S0w3wKGypk7xNHjX
u2Q5Qc4LFY62EyrYysqPowMiPxVVs0I7tmZpJNA4jy3JOHOyDYsQN3IEHDv5wJai
G0NjScVeLMiwVe4H+B7mO/piuDE4tz+XLVSSvWV/aZs+gnNtZ2mL4SRL7pkP+pVj
1iD68tcY2PyrLPBevbrRgL8UtwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFPI0kZfK
8T+X8gR5cjHRxrggAHmXMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQkE2MUI2OEMy
MTNBMTFFRThCODlENTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAFnwnYDBAJn1IQDBABn2VEDBAFn4bQDBAFn5dIDBAFn/Cow
DQYJKoZIhvcNAQELBQADggEBAG61CPd2w5Bh1BGaQMxM5mjzj/8Nh34AaXSUNhTW
NwYEjh8DOyD27Drj0Owta1jUNbu/uH/P7j9efbccjVRTilIkSYWEVzr6uTy8oTiP
Nlw400BmTdwXeKqr68cZ6DekJx6pE9x+iZ+DsUO6eUEp0YZ5QO38N8GG+8RKHY/N
MU2DgEBZf9DGk0sbSzqhSEa/+5JnRu+R7uma5wGe0+SaIPou9x3/IbRk16LO9di0
a0hU4wvhtA5GrPyYhnuht1c5YO+tK5AettnrZ9nzkP2RNs1lj1F1wHh6sZOhiCgO
iyHN94wUpdiCB2mqyJTrrah1dzmtIwqg/OGjc2Hyiv4eDgQ=
-----END CERTIFICATE-----
Generated at Tue May 13 19:51:17 2025 by rpki-client