Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/DE2E958A3FA211EFA621A822C4F9AE02.roa
File: DE2E958A3FA211EFA621A822C4F9AE02.roa (raw, json)
Hash identifier: r2cLdJSuCijGlQtRG40YgdooKmp6ENZmKkMdYQcyg5Y=
Subject key identifier: 4D:A8:1B:8B:AA:73:54:F3:63:9F:D7:B4:3C:2F:8B:53:83:89:47:66
Certificate issuer: /CN=A911ACAC/serialNumber=91E679721ED1E0927EBB7E461C80580D2393592A
Certificate serial: 0409
Authority key identifier: 91:E6:79:72:1E:D1:E0:92:7E:BB:7E:46:1C:80:58:0D:23:93:59:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/keZ5ch7R4JJ-u35GHIBYDSOTWSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/DE2E958A3FA211EFA621A822C4F9AE02.roa
Signing time: Thu 11 Jul 2024 16:30:23 +0000
ROA not before: Thu 11 Jul 2024 16:30:23 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 147307
IP address blocks: 103.174.188.0/23 maxlen: 23
103.174.188.0/24 maxlen: 24
2001:df7:d180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1033 (0x409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ACAC, serialNumber=91E679721ED1E0927EBB7E461C80580D2393592A
Validity
Not Before: Jul 11 16:30:23 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=6690089e-92b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0f:f3:b5:71:cb:d3:5f:be:db:93:0f:65:53:
64:02:76:07:31:60:d6:4e:86:c9:75:29:f7:64:37:
99:97:37:10:39:8f:25:d6:d2:9f:bd:51:f0:db:ec:
88:70:0c:09:17:21:f7:7c:bd:b0:16:93:22:78:73:
0c:5a:08:d6:61:eb:d3:16:c3:9a:26:ee:6f:cf:b8:
92:93:a6:36:5d:3f:42:74:4d:65:50:88:fc:d6:f4:
11:f8:4e:ec:ae:72:6a:ae:0f:ee:e1:96:a4:72:fe:
6a:22:fe:71:bf:47:c6:d1:09:45:ec:0a:77:3a:e3:
34:06:16:f3:09:1e:d3:15:b8:79:6a:07:e4:20:1d:
2b:70:a6:ee:c0:98:87:13:49:6e:e8:5f:5a:bf:d6:
36:5f:83:6b:f1:d4:91:69:42:b6:52:54:19:04:c3:
13:89:3d:8f:33:35:4e:ff:7d:8b:2c:1c:f2:f0:24:
26:a5:49:9b:31:43:15:3e:ac:68:6e:03:16:8d:5c:
9d:a7:e1:01:8f:cc:07:e3:e4:32:79:27:f1:1d:fc:
85:51:e3:d2:6d:d4:de:af:da:c2:ac:9c:ee:e2:fc:
4d:07:50:f5:63:1f:88:88:18:9c:00:37:9b:bc:bb:
b3:1f:18:7b:6d:df:dd:65:41:c5:f4:09:79:57:fd:
c3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A8:1B:8B:AA:73:54:F3:63:9F:D7:B4:3C:2F:8B:53:83:89:47:66
X509v3 Authority Key Identifier:
keyid:91:E6:79:72:1E:D1:E0:92:7E:BB:7E:46:1C:80:58:0D:23:93:59:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/keZ5ch7R4JJ-u35GHIBYDSOTWSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/DE2E958A3FA211EFA621A822C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.188.0/23
IPv6:
2001:df7:d180::/48
Signature Algorithm: sha256WithRSAEncryption
2b:09:63:68:a8:d0:45:58:9a:6a:91:e1:4d:7c:0d:a1:69:2d:
48:e2:22:ad:76:09:4a:45:e7:2a:41:a6:82:a4:d6:66:d0:55:
13:cc:3f:75:68:c7:63:ae:bb:e7:72:9f:f1:ce:b5:03:ec:d9:
d3:e4:e2:4c:63:c5:fb:c1:7d:b1:17:af:2b:12:26:ed:4f:1c:
2c:be:d2:d6:0f:58:d2:8f:26:7b:4a:59:fb:06:e1:e2:a7:35:
c8:eb:df:a4:df:c5:1d:82:cc:89:94:6c:0f:f8:4d:97:89:a4:
39:c6:0f:97:2e:68:cd:e0:cd:73:f4:e6:2c:f8:a3:b8:05:23:
a1:e2:b0:bd:bf:b1:c3:d1:77:52:91:91:88:ae:0f:2a:34:bb:
71:c2:1a:c7:53:1b:fa:ef:0b:b6:c4:e9:9e:a9:81:a3:0e:3d:
ff:81:c0:7b:b8:67:2a:ee:22:07:32:bd:7a:89:ce:8f:7b:07:
45:32:6e:5b:87:4f:e9:b3:4e:fb:6f:95:4e:b2:7d:d4:9b:d3:
c0:99:6d:b5:0e:40:e9:53:ce:aa:ca:66:bc:c5:3d:2a:47:ca:
62:9e:f7:bb:ce:3c:b3:20:d3:8a:7b:84:83:56:30:9a:36:ee:
dd:59:8a:ff:8c:2d:24:ee:c9:89:7a:8b:3d:b7:ef:6b:70:63:
c9:30:a0:e4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFDQUMxMTAvBgNVBAUTKDkxRTY3OTcyMUVEMUUwOTI3RUJCN0U0NjFDODA1ODBE
MjM5MzU5MkEwHhcNMjQwNzExMTYzMDIzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkwMDg5ZS05MmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3g/ztXHL01++25MPZVNkAnYHMWDWTobJdSn3ZDeZlzcQOY8l1tKfvVHw2+yI
cAwJFyH3fL2wFpMieHMMWgjWYevTFsOaJu5vz7iSk6Y2XT9CdE1lUIj81vQR+E7s
rnJqrg/u4Zakcv5qIv5xv0fG0QlF7Ap3OuM0BhbzCR7TFbh5agfkIB0rcKbuwJiH
E0lu6F9av9Y2X4Nr8dSRaUK2UlQZBMMTiT2PMzVO/32LLBzy8CQmpUmbMUMVPqxo
bgMWjVydp+EBj8wH4+QyeSfxHfyFUePSbdTer9rCrJzu4vxNB1D1Yx+IiBicADeb
vLuzHxh7bd/dZUHF9Al5V/3DIQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFE2oG4uq
c1TzY5/XtDwvi1ODiUdmMB8GA1UdIwQYMBaAFJHmeXIe0eCSfrt+RhyAWA0jk1kq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUNBQy9CM0JEQTU2NDMx
RDMxMUVDOEQzQkJGMzBDNEY5QUUwMi9rZVo1Y2g3UjRKSi11MzVHSElCWURTT1RX
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tlWjVjaDdSNEpKLXUzNUdISUJZRFNPVFdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFDQUMvQjNCREE1NjQzMUQzMTFFQzhEM0JCRjMwQzRGOUFFMDIvREUyRTk1OEEz
RkEyMTFFRkE2MjFBODIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnrrwwDwQCAAIwCQMHACABDffRgDANBgkqhkiG9w0BAQsF
AAOCAQEAKwljaKjQRViaapHhTXwNoWktSOIirXYJSkXnKkGmgqTWZtBVE8w/dWjH
Y66753Kf8c61A+zZ0+TiTGPF+8F9sRevKxIm7U8cLL7S1g9Y0o8me0pZ+wbh4qc1
yOvfpN/FHYLMiZRsD/hNl4mkOcYPly5ozeDNc/TmLPijuAUjoeKwvb+xw9F3UpGR
iK4PKjS7ccIax1Mb+u8LtsTpnqmBow49/4HAe7hnKu4iBzK9eonOj3sHRTJuW4dP
6bNO+2+VTrJ91JvTwJlttQ5A6VPOqspmvMU9KkfKYp73u848syDTinuEg1Ywmjbu
3VmK/4wtJO7JiXqLPbfva3BjyTCg5A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:11:51 2025 by rpki-client