Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DE3621FC03B511EF85A45D64C4F9AE02.roa
File: DE3621FC03B511EF85A45D64C4F9AE02.roa (raw, json)
Hash identifier: N5IwJrK0W9abf5NHHvvRJTDCwjczqOawaDMMQCa1L9I=
Subject key identifier: 04:3E:72:D4:E7:9C:79:4C:2C:52:AA:9F:84:6E:C0:9C:A2:67:3F:6B
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1104
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DE3621FC03B511EF85A45D64C4F9AE02.roa
Signing time: Fri 26 Apr 2024 10:15:12 +0000
ROA not before: Fri 26 Apr 2024 10:15:12 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138241
IP address blocks: 103.151.27.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.250.0/24 maxlen: 24
115.167.49.0/24 maxlen: 24
115.167.67.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
175.110.68.0/22 maxlen: 24
175.110.80.0/22 maxlen: 24
175.110.88.0/22 maxlen: 24
175.110.97.0/24 maxlen: 24
175.110.104.0/24 maxlen: 24
175.110.105.0/24 maxlen: 24
175.110.106.0/24 maxlen: 24
175.110.107.0/24 maxlen: 24
175.110.109.0/24 maxlen: 24
175.110.110.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.152.0/21 maxlen: 21
202.92.18.0/24 maxlen: 24
202.92.20.0/24 maxlen: 24
223.29.227.0/24 maxlen: 24
223.29.235.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4356 (0x1104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Apr 26 10:15:12 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=662b7eb0-a78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9f:b4:5c:79:53:e3:d2:c5:1d:7b:40:ea:83:
88:58:3e:db:e3:94:c9:64:2b:7a:0c:25:a4:c0:66:
08:3e:85:7a:0e:26:01:92:37:b7:7e:ba:2f:2e:8c:
97:0e:41:e4:97:26:cd:cf:d1:14:0f:93:0c:f3:4a:
57:f3:8d:e3:db:a8:c7:de:b2:82:d8:1d:9d:0e:03:
af:06:5d:78:45:af:9a:1e:2a:fc:60:a1:62:b6:ae:
53:6c:4c:8e:44:28:1a:62:63:a2:91:d9:f7:96:81:
73:94:0b:62:61:6f:76:14:5c:5d:64:04:d2:9e:95:
ef:f3:89:4a:b4:44:56:0d:97:41:0f:10:f1:02:94:
6d:0f:b5:56:74:37:44:ec:1d:87:5a:25:44:49:dc:
d5:13:02:83:5a:df:66:2e:9f:42:7f:2d:d4:18:09:
78:38:59:6c:4e:84:0c:b6:cf:c0:59:ad:86:42:3e:
c2:6c:51:0a:03:3e:b4:39:a3:ce:6d:22:7e:a3:7c:
87:08:db:ea:5c:22:b6:b5:24:1a:34:4c:ba:ca:aa:
ce:35:98:13:75:5d:8b:0f:8f:73:b5:6a:38:6e:dd:
31:6f:13:5e:dd:95:79:dc:67:69:6c:9b:0c:e9:07:
e3:ff:38:7b:f2:ac:47:20:6b:5d:1a:74:a4:8c:bc:
fa:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3E:72:D4:E7:9C:79:4C:2C:52:AA:9F:84:6E:C0:9C:A2:67:3F:6B
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/DE3621FC03B511EF85A45D64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.27.0/24
113.203.208.0/24
113.203.216.0/23
113.203.231.0/24
113.203.250.0/24
115.167.49.0/24
115.167.67.0/24
115.167.78.0/24
115.167.125.0/24
175.110.68.0/22
175.110.80.0/22
175.110.88.0/22
175.110.97.0/24
175.110.104.0/22
175.110.109.0-175.110.111.255
180.178.142.0/24
180.178.152.0/21
202.92.18.0/24
202.92.20.0/24
223.29.227.0/24
223.29.235.0-223.29.236.255
223.29.238.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:c1:a7:5c:95:e7:47:d1:81:fe:a3:d2:d4:4c:6b:d3:c1:d8:
87:d9:3e:1c:ff:68:72:25:65:53:d5:59:56:91:ce:43:48:2f:
94:0d:50:12:1f:34:7d:62:2f:2f:c3:86:17:a8:b4:ef:75:5a:
59:8d:62:22:c8:26:30:86:04:bf:bd:45:5b:a1:a4:66:5a:42:
5b:3f:f2:b2:42:92:c9:f4:14:af:3a:dd:e6:df:3d:66:20:a3:
a5:4f:89:76:f5:85:0b:a1:44:65:d8:e8:8c:bd:b8:75:42:f1:
27:83:5c:c1:dc:b4:26:61:0e:98:6d:39:21:26:58:f1:cd:9f:
c4:d1:f2:97:13:f8:dd:fb:89:21:64:bd:d6:ea:b5:11:dc:44:
53:fe:74:3f:04:7d:09:88:cb:3b:95:e7:19:3f:27:3d:d9:41:
e1:a8:64:41:39:70:d2:36:c8:93:b2:8a:58:e6:9f:54:f0:1f:
f7:e6:e7:81:99:18:4f:e9:d1:41:9b:13:26:59:e7:c0:ab:3a:
2f:6f:ef:a0:0b:7d:9e:3a:4c:72:43:ee:f4:91:70:b2:66:2b:
0d:a0:fc:f9:a6:06:48:5b:bf:5c:0c:ce:d5:17:85:92:f3:18:
09:67:75:20:93:2b:72:35:20:ae:60:ea:c1:14:5c:7f:c7:44:
27:fb:35:f4
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICEQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQwNDI2MTAxNTEyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJiN2ViMC1hNzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxp+0XHlT49LFHXtA6oOIWD7b45TJZCt6DCWkwGYIPoV6DiYBkje3frovLoyX
DkHklybNz9EUD5MM80pX843j26jH3rKC2B2dDgOvBl14Ra+aHir8YKFitq5TbEyO
RCgaYmOikdn3loFzlAtiYW92FFxdZATSnpXv84lKtERWDZdBDxDxApRtD7VWdDdE
7B2HWiVESdzVEwKDWt9mLp9Cfy3UGAl4OFlsToQMts/AWa2GQj7CbFEKAz60OaPO
bSJ+o3yHCNvqXCK2tSQaNEy6yqrONZgTdV2LD49ztWo4bt0xbxNe3ZV53GdpbJsM
6Qfj/zh78qxHIGtdGnSkjLz60QIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFAQ+ctTn
nHlMLFKqn4RuwJyiZz9rMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvREUzNjIxRkMw
M0I1MTFFRjg1QTQ1RDY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGbBAIAATCBlAMEAGeXGwMEAHHL0AMEAXHL2AMEAHHL5wMEAHHL+gME
AHOnMQMEAHOnQwMEAHOnTgMEAHOnfQMEAq9uRAMEAq9uUAMEAq9uWAMEAK9uYQME
Aq9uaDAMAwQAr25tAwQEr25gAwQAtLKOAwQDtLKYAwQAylwSAwQAylwUAwQA3x3j
MAwDBADfHesDBADfHewDBAHfHe4wDQYJKoZIhvcNAQELBQADggEBALjBp1yV50fR
gf6j0tRMa9PB2IfZPhz/aHIlZVPVWVaRzkNIL5QNUBIfNH1iLy/DhheotO91WlmN
YiLIJjCGBL+9RVuhpGZaQls/8rJCksn0FK863ebfPWYgo6VPiXb1hQuhRGXY6Iy9
uHVC8SeDXMHctCZhDphtOSEmWPHNn8TR8pcT+N37iSFkvdbqtRHcRFP+dD8EfQmI
yzuV5xk/Jz3ZQeGoZEE5cNI2yJOyiljmn1TwH/fm54GZGE/p0UGbEyZZ58CrOi9v
76ALfZ46THJD7vSRcLJmKw2g/PmmBkhbv1wMztUXhZLzGAlndSCTK3I1IK5g6sEU
XH/HRCf7NfQ=
-----END CERTIFICATE-----
Generated at Mon May 12 22:58:05 2025 by rpki-client