Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/6DB0BD4C5F1E11EFB73FCC1FC4F9AE02.roa
File: 6DB0BD4C5F1E11EFB73FCC1FC4F9AE02.roa (raw, json)
Hash identifier: TQcplK45X4ILMLiv0Ge+CGA32SFhTEtosnC8a18OgGY=
Subject key identifier: 68:89:BD:EE:EF:16:53:32:BC:86:76:2F:76:0C:36:90:96:E7:8B:C4
Certificate issuer: /CN=A9117394/serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Certificate serial: 34B2
Authority key identifier: AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/6DB0BD4C5F1E11EFB73FCC1FC4F9AE02.roa
Signing time: Tue 20 Aug 2024 18:02:57 +0000
ROA not before: Tue 20 Aug 2024 18:02:57 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 37997
IP address blocks: 103.224.196.0/22 maxlen: 22
103.224.196.0/24 maxlen: 24
103.224.197.0/24 maxlen: 24
103.224.198.0/24 maxlen: 24
103.224.199.0/24 maxlen: 24
124.195.128.0/20 maxlen: 20
124.195.128.0/22 maxlen: 22
124.195.128.0/24 maxlen: 24
124.195.129.0/24 maxlen: 24
124.195.130.0/24 maxlen: 24
124.195.131.0/24 maxlen: 24
124.195.132.0/22 maxlen: 22
124.195.132.0/24 maxlen: 24
124.195.133.0/24 maxlen: 24
124.195.134.0/24 maxlen: 24
124.195.135.0/24 maxlen: 24
124.195.136.0/22 maxlen: 22
124.195.136.0/24 maxlen: 24
124.195.137.0/24 maxlen: 24
124.195.138.0/24 maxlen: 24
124.195.139.0/24 maxlen: 24
124.195.140.0/22 maxlen: 22
124.195.140.0/24 maxlen: 24
124.195.141.0/24 maxlen: 24
124.195.142.0/24 maxlen: 24
124.195.143.0/24 maxlen: 24
203.158.24.0/21 maxlen: 21
203.158.24.0/24 maxlen: 24
203.158.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13490 (0x34b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117394, serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Validity
Not Before: Aug 20 18:02:57 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66c4da50-64aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8e:ab:bb:ee:41:bb:b3:66:41:8f:a0:83:4d:
21:31:df:c9:d4:f1:71:8c:f5:d5:78:72:37:74:0e:
62:7b:3c:c0:46:8e:e7:7f:68:c2:f4:a8:d9:dd:6e:
dc:44:ce:96:7a:0c:c7:57:e0:d4:42:67:41:64:22:
28:9d:b1:f2:29:ad:e2:14:b3:3e:9a:7e:e0:88:8f:
0a:6b:79:89:62:30:cd:f5:31:8a:1f:02:4d:87:5c:
6d:d0:a7:d3:88:4b:ac:53:5a:14:bd:60:c7:48:0a:
40:9a:1d:34:32:41:50:89:79:8f:6a:a7:3b:d7:0f:
d9:58:32:d4:f6:75:83:e6:91:95:58:55:f5:f0:3a:
9a:42:bc:62:9a:f7:85:01:02:c9:f0:9a:4b:5c:61:
22:c4:4a:fd:ca:12:ee:41:f6:72:70:6e:2f:cb:c4:
00:b2:6b:d7:27:89:95:be:d1:25:26:6b:bf:75:5e:
6b:b4:51:31:9f:53:ae:df:a8:ab:f9:7d:50:aa:c6:
fe:05:42:4d:3d:7d:3d:38:6b:91:06:68:84:a3:81:
b4:9a:cb:c4:1c:33:33:66:5c:42:15:4d:ac:1c:14:
15:cd:dd:c7:f6:72:bb:11:35:81:df:e6:9d:ce:c9:
73:b1:76:f5:6c:32:df:df:bf:ad:3b:ac:d1:78:5b:
01:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:89:BD:EE:EF:16:53:32:BC:86:76:2F:76:0C:36:90:96:E7:8B:C4
X509v3 Authority Key Identifier:
keyid:AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/qvquPFcDs5M3_T16lmbFjLjDtQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/6DB0BD4C5F1E11EFB73FCC1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.196.0/22
124.195.128.0/20
203.158.24.0/21
Signature Algorithm: sha256WithRSAEncryption
84:d6:6b:3b:62:fc:3d:c1:25:85:4a:1d:3a:fa:cd:04:35:26:
98:61:e5:a4:52:2c:c2:65:e0:32:26:d3:b4:a8:c1:5a:6d:ca:
c0:d8:db:bd:7f:3d:d3:3f:03:b0:af:1e:09:a0:2a:26:54:09:
42:96:47:85:7f:d9:dd:f8:73:4a:5c:f9:2c:bc:a7:00:51:0a:
f6:ed:dd:86:8d:5c:39:fa:55:0f:27:47:15:b0:33:ad:49:a3:
e1:48:de:70:0c:8c:57:07:0f:f8:3b:ae:6f:6c:8d:eb:31:29:
16:81:4f:e8:15:c7:20:6e:14:15:cc:08:55:d0:c2:02:f4:5c:
02:44:36:f3:f8:9c:06:5f:73:b5:05:6d:97:54:7b:b1:66:7d:
a6:c6:c5:d9:25:93:fa:32:7e:0a:7b:58:5c:0d:c7:35:45:48:
1a:ae:56:b2:a9:a6:75:8e:00:09:b6:ea:1d:b9:24:d5:ec:cf:
9d:f8:12:b8:fd:42:93:68:5c:79:79:b9:19:c5:cd:d4:12:68:
2d:fc:c5:de:12:7d:5a:1f:ae:48:bf:6e:df:68:ad:00:1a:8b:
c8:23:72:74:11:c6:b4:8b:1e:4b:a1:0d:f6:e0:5d:f3:0f:8d:
71:2d:96:a2:87:2b:eb:82:21:c9:45:11:bc:50:d5:d6:39:7d:
65:2c:cb:a6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICNLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczOTQxMTAvBgNVBAUTKEFBRkFBRTNDNTcwM0IzOTMzN0ZEM0Q3QTk2NjZDNThD
QjhDM0I1MDkwHhcNMjQwODIwMTgwMjU3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0ZGE1MC02NGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0I6ru+5Bu7NmQY+gg00hMd/J1PFxjPXVeHI3dA5iezzARo7nf2jC9KjZ3W7c
RM6WegzHV+DUQmdBZCIonbHyKa3iFLM+mn7giI8Ka3mJYjDN9TGKHwJNh1xt0KfT
iEusU1oUvWDHSApAmh00MkFQiXmPaqc71w/ZWDLU9nWD5pGVWFX18DqaQrximveF
AQLJ8JpLXGEixEr9yhLuQfZycG4vy8QAsmvXJ4mVvtElJmu/dV5rtFExn1Ou36ir
+X1Qqsb+BUJNPX09OGuRBmiEo4G0msvEHDMzZlxCFU2sHBQVzd3H9nK7ETWB3+ad
zslzsXb1bDLf37+tO6zReFsBvQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGiJve7v
FlMyvIZ2L3YMNpCW54vEMB8GA1UdIwQYMBaAFKr6rjxXA7OTN/09epZmxYy4w7UJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM5NC80RjU5MTg2QTFE
NkYxMUUyOUI1NDQ2QjEwOEIwMkNEMi9xdnF1UEZjRHM1TTNfVDE2bG1iRmpMakR0
UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3F2cXVQRmNEczVNM19UMTZsbWJGakxqRHRRay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczOTQvNEY1OTE4NkExRDZGMTFFMjlCNTQ0NkIxMDhCMDJDRDIvNkRCMEJENEM1
RjFFMTFFRkI3M0ZDQzFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJn4MQDBAR8w4ADBAPLnhgwDQYJKoZIhvcNAQELBQADggEB
AITWazti/D3BJYVKHTr6zQQ1Jphh5aRSLMJl4DIm07SowVptysDY271/PdM/A7Cv
HgmgKiZUCUKWR4V/2d34c0pc+Sy8pwBRCvbt3YaNXDn6VQ8nRxWwM61Jo+FI3nAM
jFcHD/g7rm9sjesxKRaBT+gVxyBuFBXMCFXQwgL0XAJENvP4nAZfc7UFbZdUe7Fm
fabGxdklk/oyfgp7WFwNxzVFSBquVrKppnWOAAm26h25JNXsz534Erj9QpNoXHl5
uRnFzdQSaC38xd4SfVofrki/bt9orQAai8gjcnQRxrSLHkuhDfbgXfMPjXEtlqKH
K+uCIclFEbxQ1dY5fWUsy6Y=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:25:22 2025 by rpki-client