Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/BD58FCA85EC211EF9B6E7B3BC4F9AE02.roa
File: BD58FCA85EC211EF9B6E7B3BC4F9AE02.roa (raw, json)
Hash identifier: 4bTWNiGoKt7d/b8SN+TVDeo5dP1iIUwJSua27RZsqVI=
Subject key identifier: F5:D7:EE:0F:5A:85:1B:24:7A:05:15:21:BA:AC:5A:84:BF:BE:91:8D
Certificate issuer: /CN=A9117394/serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Certificate serial: 34A6
Authority key identifier: AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/BD58FCA85EC211EF9B6E7B3BC4F9AE02.roa
Signing time: Tue 20 Aug 2024 08:27:25 +0000
ROA not before: Tue 20 Aug 2024 08:27:25 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 37997
IP address blocks: 103.224.196.0/22 maxlen: 22
103.224.196.0/24 maxlen: 24
103.224.197.0/24 maxlen: 24
103.224.198.0/24 maxlen: 24
103.224.199.0/24 maxlen: 24
124.195.128.0/20 maxlen: 20
124.195.128.0/22 maxlen: 22
124.195.128.0/24 maxlen: 24
124.195.129.0/24 maxlen: 24
124.195.130.0/24 maxlen: 24
124.195.131.0/24 maxlen: 24
124.195.132.0/22 maxlen: 22
124.195.132.0/24 maxlen: 24
124.195.133.0/24 maxlen: 24
124.195.134.0/24 maxlen: 24
124.195.135.0/24 maxlen: 24
124.195.136.0/22 maxlen: 22
124.195.136.0/24 maxlen: 24
124.195.137.0/24 maxlen: 24
124.195.138.0/24 maxlen: 24
124.195.139.0/24 maxlen: 24
124.195.140.0/22 maxlen: 22
124.195.140.0/24 maxlen: 24
124.195.141.0/24 maxlen: 24
124.195.142.0/24 maxlen: 24
124.195.143.0/24 maxlen: 24
203.158.24.0/21 maxlen: 21
203.158.24.0/24 maxlen: 24
203.158.25.0/24 maxlen: 24
203.158.28.0/24 maxlen: 24
203.158.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13478 (0x34a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117394, serialNumber=AAFAAE3C5703B39337FD3D7A9666C58CB8C3B509
Validity
Not Before: Aug 20 08:27:25 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66c4536d-4027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:90:52:52:14:cb:ba:a1:24:1b:2e:6f:8b:f8:
5e:fb:b5:94:3d:a2:27:ed:ae:26:71:30:7e:03:fb:
48:5a:f9:8b:2a:ec:07:87:9b:92:ff:25:0d:13:39:
40:be:81:14:f7:b7:fa:f8:05:9f:a5:bb:ed:38:f4:
9d:49:c6:b6:b5:f6:ac:10:9a:68:9c:ac:44:b3:5a:
2f:ae:70:18:39:de:f9:b2:dd:8a:60:ce:5e:5b:a7:
6e:7f:08:41:34:c5:9e:6c:32:1c:75:5d:f4:14:cb:
0c:d9:c8:1d:c8:ea:8f:40:53:4c:47:84:54:bc:61:
a9:3a:9a:e6:ec:f0:2f:10:ba:eb:2e:fa:23:64:7f:
19:1a:cf:a9:30:63:4c:e9:e1:55:e0:0b:d0:ef:93:
99:31:91:1a:f7:20:d0:5b:af:19:68:da:1a:b5:71:
9b:5f:b6:cc:11:af:e7:26:a5:9f:70:c6:31:1a:73:
4b:7b:de:9e:fd:c3:ac:d4:44:62:44:1b:79:d5:fd:
8a:4a:52:83:83:a1:6c:38:cc:6b:7a:2b:68:a7:10:
5c:63:bb:a4:67:bd:e7:ad:30:18:0e:5c:c5:89:21:
8b:b9:4b:57:4e:33:1c:3a:1c:5c:02:3c:6f:f7:4e:
4b:5f:c9:66:97:a4:0f:17:b2:a9:d9:5b:a3:89:ae:
f8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D7:EE:0F:5A:85:1B:24:7A:05:15:21:BA:AC:5A:84:BF:BE:91:8D
X509v3 Authority Key Identifier:
keyid:AA:FA:AE:3C:57:03:B3:93:37:FD:3D:7A:96:66:C5:8C:B8:C3:B5:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/qvquPFcDs5M3_T16lmbFjLjDtQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qvquPFcDs5M3_T16lmbFjLjDtQk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117394/4F59186A1D6F11E29B5446B108B02CD2/BD58FCA85EC211EF9B6E7B3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.196.0/22
124.195.128.0/20
203.158.24.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:c7:f4:b1:ef:68:5b:c6:92:8b:82:76:a0:d1:2f:da:92:db:
41:62:7b:d0:61:30:5f:d5:be:a0:a6:e3:9b:68:16:96:37:9d:
b1:12:4d:10:60:51:7c:cd:ed:27:f9:24:c8:1c:75:92:f6:69:
54:26:75:b0:fb:36:d2:de:a4:eb:a7:f0:c9:26:03:7c:6f:09:
d1:db:50:9a:12:65:cd:aa:76:c9:0a:37:4a:88:8e:8d:25:68:
5d:c6:97:a5:ea:0c:d5:cd:3b:fb:3e:95:cb:79:fe:2c:eb:ad:
86:29:d6:6b:59:17:07:ce:f5:ff:70:4f:38:f7:32:39:c1:95:
8c:30:3e:6c:44:6a:d7:e8:81:14:58:fe:06:ff:ab:22:30:af:
6a:89:cb:4b:4a:8e:64:ff:4d:1b:a1:3d:0f:ec:b1:28:b5:4a:
b5:09:ec:b3:3e:6b:0c:bb:7d:8b:5e:bd:b6:88:ae:18:47:2f:
12:28:1f:b2:7e:c1:de:a9:5e:cd:19:03:34:f8:7e:87:7c:de:
84:df:c8:b5:31:d4:ca:44:d0:aa:dc:20:bd:4a:b4:21:f6:1a:
1b:b8:c0:25:75:88:2d:88:db:fe:11:84:84:0b:54:bc:70:08:
cc:27:16:41:f4:80:1c:f1:f1:5b:ec:47:9b:e9:bd:75:1f:87:
4c:cd:ef:60
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICNKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczOTQxMTAvBgNVBAUTKEFBRkFBRTNDNTcwM0IzOTMzN0ZEM0Q3QTk2NjZDNThD
QjhDM0I1MDkwHhcNMjQwODIwMDgyNzI1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM0NTM2ZC00MDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApZBSUhTLuqEkGy5vi/he+7WUPaIn7a4mcTB+A/tIWvmLKuwHh5uS/yUNEzlA
voEU97f6+AWfpbvtOPSdSca2tfasEJponKxEs1ovrnAYOd75st2KYM5eW6dufwhB
NMWebDIcdV30FMsM2cgdyOqPQFNMR4RUvGGpOprm7PAvELrrLvojZH8ZGs+pMGNM
6eFV4AvQ75OZMZEa9yDQW68ZaNoatXGbX7bMEa/nJqWfcMYxGnNLe96e/cOs1ERi
RBt51f2KSlKDg6FsOMxreitopxBcY7ukZ73nrTAYDlzFiSGLuUtXTjMcOhxcAjxv
905LX8lml6QPF7Kp2Vujia74CwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPXX7g9a
hRskegUVIbqsWoS/vpGNMB8GA1UdIwQYMBaAFKr6rjxXA7OTN/09epZmxYy4w7UJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM5NC80RjU5MTg2QTFE
NkYxMUUyOUI1NDQ2QjEwOEIwMkNEMi9xdnF1UEZjRHM1TTNfVDE2bG1iRmpMakR0
UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3F2cXVQRmNEczVNM19UMTZsbWJGakxqRHRRay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczOTQvNEY1OTE4NkExRDZGMTFFMjlCNTQ0NkIxMDhCMDJDRDIvQkQ1OEZDQTg1
RUMyMTFFRjlCNkU3QjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJn4MQDBAR8w4ADBAPLnhgwDQYJKoZIhvcNAQELBQADggEB
ACvH9LHvaFvGkouCdqDRL9qS20Fie9BhMF/VvqCm45toFpY3nbESTRBgUXzN7Sf5
JMgcdZL2aVQmdbD7NtLepOun8MkmA3xvCdHbUJoSZc2qdskKN0qIjo0laF3Gl6Xq
DNXNO/s+lct5/izrrYYp1mtZFwfO9f9wTzj3MjnBlYwwPmxEatfogRRY/gb/qyIw
r2qJy0tKjmT/TRuhPQ/ssSi1SrUJ7LM+awy7fYtevbaIrhhHLxIoH7J+wd6pXs0Z
AzT4fod83oTfyLUx1MpE0KrcIL1KtCH2Ghu4wCV1iC2I2/4RhIQLVLxwCMwnFkH0
gBzx8VvsR5vpvXUfh0zN72A=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:24:40 2025 by rpki-client