Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/10BCECA07D4C11EE95EEA131C4F9AE02.roa
File: 10BCECA07D4C11EE95EEA131C4F9AE02.roa (raw, json)
Hash identifier: LHu3+Lzcl0wQsMR+o+2V9wmCWPl22kvAzJxo94Ngybo=
Subject key identifier: 95:63:C6:39:5D:ED:BF:7F:66:65:C9:EB:5D:DF:D0:2A:2D:32:13:06
Certificate issuer: /CN=A91A45E0/serialNumber=6B0CB59503DA895FF94269D7A9BC20261704DCE9
Certificate serial: 0AFD
Authority key identifier: 6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/10BCECA07D4C11EE95EEA131C4F9AE02.roa
Signing time: Tue 07 Nov 2023 09:00:15 +0000
ROA not before: Tue 07 Nov 2023 09:00:15 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 150748
IP address blocks: 103.100.234.0/24 maxlen: 24
103.100.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2813 (0xafd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A45E0, serialNumber=6B0CB59503DA895FF94269D7A9BC20261704DCE9
Validity
Not Before: Nov 7 09:00:15 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6549fc9e-88cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bf:25:b8:df:b4:8c:b8:55:db:79:13:4b:1a:
77:8d:7a:de:82:42:70:4a:64:59:71:3c:bf:c8:c5:
a5:ab:ed:94:83:85:a7:4e:87:f9:f6:cf:30:1c:7d:
3b:32:92:bf:1e:3c:af:33:3e:f0:60:d5:56:c2:cb:
d5:54:76:76:90:81:e3:cf:de:19:d5:f8:5f:19:85:
8e:ca:3f:26:85:1d:c4:c1:78:4c:2b:4f:07:75:8b:
a6:d1:6f:e6:a0:1e:f2:87:25:e5:71:5f:ce:5e:d7:
14:eb:65:42:d7:7b:d2:f1:08:5c:2c:66:89:24:e8:
55:c5:d6:35:31:19:9d:bd:ef:2c:85:ad:3b:5f:d6:
6b:2c:c3:97:00:07:32:17:f4:7b:81:46:b5:19:0e:
c2:60:30:6d:29:45:a2:e2:2f:d0:ab:d4:3d:d6:5e:
46:c4:00:fb:3d:2f:f7:64:6d:7b:76:bd:12:a7:05:
63:b8:0d:f5:7e:65:3a:94:da:99:92:49:c5:50:fa:
87:9f:be:e0:1d:80:a4:a9:64:46:f1:28:88:c8:6c:
4d:14:fc:52:9b:29:06:30:f0:12:11:e2:23:a6:94:
81:1b:15:a5:4c:23:8f:18:9f:97:b5:4e:e2:a9:1f:
a5:1c:ab:b9:35:f5:4e:e6:f4:8c:3b:a7:d3:c0:82:
ef:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:63:C6:39:5D:ED:BF:7F:66:65:C9:EB:5D:DF:D0:2A:2D:32:13:06
X509v3 Authority Key Identifier:
keyid:6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/awy1lQPaiV_5QmnXqbwgJhcE3Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/10BCECA07D4C11EE95EEA131C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.234.0/23
Signature Algorithm: sha256WithRSAEncryption
26:61:ac:8e:54:44:0d:54:a5:11:9b:4d:ff:4b:56:f8:1d:82:
76:57:41:9a:5b:4d:fe:b3:15:67:d7:62:b9:0f:67:f3:14:d6:
1c:12:7b:6a:36:ce:10:04:66:2c:8b:a8:45:eb:91:ff:54:ed:
aa:ae:a6:ed:d6:b4:08:d3:37:fa:67:e2:c5:14:a9:7e:38:75:
2f:23:14:0f:3a:39:09:f1:b1:1f:5f:53:65:0e:b8:6b:42:5a:
d8:24:ff:67:57:9b:92:41:52:ec:7f:be:94:67:bf:13:eb:2d:
c6:0a:c0:ee:34:8e:f6:4f:75:4f:19:51:1f:57:85:e6:53:93:
00:45:84:49:af:7b:68:8c:11:94:17:8d:e6:11:81:8d:7b:c9:
4e:3f:06:a8:df:01:86:a7:48:4c:00:3b:a7:f1:93:89:d5:28:
91:69:b8:d0:26:9b:52:7c:1b:e8:fa:12:61:c8:bf:a8:8b:d0:
9d:87:28:a1:8b:1d:46:63:2b:05:81:08:c3:51:35:5a:25:a2:
91:9d:c4:00:b0:35:92:51:16:0e:6c:40:c8:61:8a:d0:21:a9:
70:eb:d1:57:c9:8c:62:f4:f0:e0:ee:93:c5:53:ff:95:16:1a:
c4:7a:56:19:4e:d4:62:5f:63:1a:b9:03:be:b8:04:8b:70:2e:
47:ca:7d:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCv0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ1RTAxMTAvBgNVBAUTKDZCMENCNTk1MDNEQTg5NUZGOTQyNjlEN0E5QkMyMDI2
MTcwNERDRTkwHhcNMjMxMTA3MDkwMDE1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ5ZmM5ZS04OGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx78luN+0jLhV23kTSxp3jXregkJwSmRZcTy/yMWlq+2Ug4WnTof59s8wHH07
MpK/HjyvMz7wYNVWwsvVVHZ2kIHjz94Z1fhfGYWOyj8mhR3EwXhMK08HdYum0W/m
oB7yhyXlcV/OXtcU62VC13vS8QhcLGaJJOhVxdY1MRmdve8sha07X9ZrLMOXAAcy
F/R7gUa1GQ7CYDBtKUWi4i/Qq9Q91l5GxAD7PS/3ZG17dr0SpwVjuA31fmU6lNqZ
kknFUPqHn77gHYCkqWRG8SiIyGxNFPxSmykGMPASEeIjppSBGxWlTCOPGJ+XtU7i
qR+lHKu5NfVO5vSMO6fTwILvqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJVjxjld
7b9/ZmXJ613f0CotMhMGMB8GA1UdIwQYMBaAFGsMtZUD2olf+UJp16m8ICYXBNzp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDVFMC8yM0JGMkYyNjEx
M0UxMUVBODhFODc4NzZDNEY5QUUwMi9hd3kxbFFQYWlWXzVRbW5YcWJ3Z0poY0Uz
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F3eTFsUVBhaVZfNVFtblhxYndnSmhjRTNPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ1RTAvMjNCRjJGMjYxMTNFMTFFQTg4RTg3ODc2QzRGOUFFMDIvMTBCQ0VDQTA3
RDRDMTFFRTk1RUVBMTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnZOowDQYJKoZIhvcNAQELBQADggEBACZhrI5URA1UpRGb
Tf9LVvgdgnZXQZpbTf6zFWfXYrkPZ/MU1hwSe2o2zhAEZiyLqEXrkf9U7aqupu3W
tAjTN/pn4sUUqX44dS8jFA86OQnxsR9fU2UOuGtCWtgk/2dXm5JBUux/vpRnvxPr
LcYKwO40jvZPdU8ZUR9XheZTkwBFhEmve2iMEZQXjeYRgY17yU4/BqjfAYanSEwA
O6fxk4nVKJFpuNAmm1J8G+j6EmHIv6iL0J2HKKGLHUZjKwWBCMNRNVolopGdxACw
NZJRFg5sQMhhitAhqXDr0VfJjGL08ODuk8VT/5UWGsR6VhlO1GJfYxq5A764BItw
LkfKfQ0=
-----END CERTIFICATE-----
Generated at Sat May 17 05:41:10 2025 by rpki-client