Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/DCA9DAF8A24511EEAAF2F985C4F9AE02.roa
File: DCA9DAF8A24511EEAAF2F985C4F9AE02.roa (raw, json)
Hash identifier: uJEv0lyUkbg4jOBdxYOEsPHho9MvE/SVcJ1Mivf9y04=
Subject key identifier: AB:14:D5:F5:96:F2:10:81:08:31:4B:E0:73:1B:82:52:39:86:01:FF
Certificate issuer: /CN=A91FB095/serialNumber=B291102154472183CF50D2AE6FA30E1BDE342BF4
Certificate serial: 61
Authority key identifier: B2:91:10:21:54:47:21:83:CF:50:D2:AE:6F:A3:0E:1B:DE:34:2B:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spEQIVRHIYPPUNKub6MOG940K_Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/DCA9DAF8A24511EEAAF2F985C4F9AE02.roa
Signing time: Sun 24 Dec 2023 10:19:04 +0000
ROA not before: Sun 24 Dec 2023 10:19:03 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 24499
IP address blocks: 103.66.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97 (0x61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FB095, serialNumber=B291102154472183CF50D2AE6FA30E1BDE342BF4
Validity
Not Before: Dec 24 10:19:03 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=65880597-fb1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9a:96:de:dd:54:5c:78:24:2b:9d:67:29:89:
6b:50:6f:87:0b:c7:dd:d9:bf:b8:f3:a6:98:12:ae:
1b:5a:9a:b2:23:89:c0:e5:a0:54:f8:3c:be:0d:e3:
d0:67:39:fd:0f:d1:da:e5:90:9b:d8:76:ac:c1:34:
dd:56:da:a4:a2:0f:10:c3:6c:24:07:bf:b0:4d:a0:
9b:98:23:58:67:06:eb:cc:d8:c6:a0:49:d6:8a:e2:
4f:47:f3:b1:60:5e:70:be:9e:a4:ac:4a:32:53:8c:
dd:5d:7c:07:39:c8:4f:12:7d:cf:84:77:3b:74:7d:
98:ed:62:06:41:f3:98:06:cc:f7:f3:f2:e3:6d:0d:
dc:5f:5f:8c:d4:08:fe:9a:ef:9e:23:91:16:c9:73:
84:bf:bb:0a:f1:08:36:0b:13:74:61:8d:e6:6c:fe:
06:c3:db:46:f6:52:0e:98:0f:d0:a8:63:38:65:64:
16:d9:e9:33:00:d3:5a:05:79:31:5f:cf:6e:6a:b6:
2b:7c:68:dc:77:34:c3:15:36:83:d9:bb:0a:2a:a9:
a6:9e:17:84:76:32:16:b6:49:45:b5:2d:62:c7:24:
8b:ba:7f:c2:ae:52:32:fc:e9:f5:3f:69:58:be:f3:
22:96:9a:1e:79:68:73:95:c9:52:27:93:a6:dd:7b:
25:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:14:D5:F5:96:F2:10:81:08:31:4B:E0:73:1B:82:52:39:86:01:FF
X509v3 Authority Key Identifier:
keyid:B2:91:10:21:54:47:21:83:CF:50:D2:AE:6F:A3:0E:1B:DE:34:2B:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/spEQIVRHIYPPUNKub6MOG940K_Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spEQIVRHIYPPUNKub6MOG940K_Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/DCA9DAF8A24511EEAAF2F985C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.149.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:93:bc:37:87:96:5e:95:4f:36:9d:4e:5a:65:4d:1e:e2:e9:
5a:5a:f2:64:18:19:f8:f6:c7:51:64:03:08:82:4f:53:64:e2:
a1:e0:cd:b9:a9:d2:56:5f:9d:91:2f:4f:fa:e7:54:5b:f4:47:
d4:ec:7d:95:71:23:06:84:4f:f1:33:c0:47:3b:fa:b0:bf:f5:
25:42:38:a7:13:7c:8e:7a:ea:69:c4:17:c8:41:0b:b2:37:22:
4d:6c:23:d0:69:ec:62:27:a4:08:36:07:97:5f:de:f0:48:86:
e0:56:e4:0d:90:ee:3c:47:55:31:7f:20:5d:52:bd:bc:a7:11:
53:e4:bb:58:17:6a:67:c3:fc:0c:5b:c6:51:4d:55:c4:76:60:
12:0c:30:cd:a1:c9:41:66:57:33:2a:dd:11:da:f1:af:a5:33:
0b:50:36:6d:32:b8:59:85:62:95:08:5a:63:1f:aa:ec:0c:e9:
23:b2:38:02:ff:66:d1:b4:dd:7d:09:7f:b4:fa:07:3b:78:3f:
40:eb:04:d7:81:7b:1d:cc:8d:91:93:1e:23:5f:ae:a7:14:6c:
61:50:3a:e3:dd:a9:39:d9:6d:e7:07:5d:ac:aa:ac:3b:1f:fe:
b7:ff:8b:e5:81:68:fe:18:36:6f:a6:26:b8:75:9b:67:33:66:
b4:12:75:40
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBYTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QjA5NTExMC8GA1UEBRMoQjI5MTEwMjE1NDQ3MjE4M0NGNTBEMkFFNkZBMzBFMUJE
RTM0MkJGNDAeFw0yMzEyMjQxMDE5MDNaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ODgwNTk3LWZiMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGmpbe3VRceCQrnWcpiWtQb4cLx93Zv7jzppgSrhtamrIjicDloFT4PL4N49Bn
Of0P0drlkJvYdqzBNN1W2qSiDxDDbCQHv7BNoJuYI1hnBuvM2MagSdaK4k9H87Fg
XnC+nqSsSjJTjN1dfAc5yE8Sfc+Edzt0fZjtYgZB85gGzPfz8uNtDdxfX4zUCP6a
754jkRbJc4S/uwrxCDYLE3RhjeZs/gbD20b2Ug6YD9CoYzhlZBbZ6TMA01oFeTFf
z25qtit8aNx3NMMVNoPZuwoqqaaeF4R2Mha2SUW1LWLHJIu6f8KuUjL86fU/aVi+
8yKWmh55aHOVyVInk6bdeyWFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqxTV9Zby
EIEIMUvgcxuCUjmGAf8wHwYDVR0jBBgwFoAUspEQIVRHIYPPUNKub6MOG940K/Qw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCMDk1L0FBQkVCNTZBMUE1
MzExRUVBNDYwODgxNEM0RjlBRTAyL3NwRVFJVlJISVlQUFVOS3ViNk1PRzk0MEtf
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvc3BFUUlWUkhJWVBQVU5LdWI2TU9HOTQwS19RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QjA5NS9BQUJFQjU2QTFBNTMxMUVFQTQ2MDg4MTRDNEY5QUUwMi9EQ0E5REFGOEEy
NDUxMUVFQUFGMkY5ODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdClTANBgkqhkiG9w0BAQsFAAOCAQEAP5O8N4eWXpVPNp1O
WmVNHuLpWlryZBgZ+PbHUWQDCIJPU2TioeDNuanSVl+dkS9P+udUW/RH1Ox9lXEj
BoRP8TPARzv6sL/1JUI4pxN8jnrqacQXyEELsjciTWwj0GnsYiekCDYHl1/e8EiG
4FbkDZDuPEdVMX8gXVK9vKcRU+S7WBdqZ8P8DFvGUU1VxHZgEgwwzaHJQWZXMyrd
Edrxr6UzC1A2bTK4WYVilQhaYx+q7AzpI7I4Av9m0bTdfQl/tPoHO3g/QOsE14F7
HcyNkZMeI1+upxRsYVA6492pOdlt5wddrKqsOx/+t/+L5YFo/hg2b6YmuHWbZzNm
tBJ1QA==
-----END CERTIFICATE-----
Generated at Tue May 13 08:23:50 2025 by rpki-client