Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/C67457E468F211EFB7A6A06EC4F9AE02.roa
File: C67457E468F211EFB7A6A06EC4F9AE02.roa (raw, json)
Hash identifier: hVVeGPtS8d46adSVCrpj8ck2g+Kvke6Iu5YEufUE0+8=
Subject key identifier: 12:09:A8:EA:EC:D3:14:0F:A5:12:72:0D:22:56:6E:FA:01:A4:64:7E
Certificate issuer: /CN=A911ED2C/serialNumber=9D3414283B227B8F512F305F2ACDB43CDE9E4D12
Certificate serial: AB
Authority key identifier: 9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/C67457E468F211EFB7A6A06EC4F9AE02.roa
Signing time: Mon 02 Sep 2024 06:16:19 +0000
ROA not before: Mon 02 Sep 2024 06:16:19 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 3258
IP address blocks: 36.50.84.0/23 maxlen: 23
103.47.186.0/24 maxlen: 24
103.91.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171 (0xab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ED2C, serialNumber=9D3414283B227B8F512F305F2ACDB43CDE9E4D12
Validity
Not Before: Sep 2 06:16:19 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66d55833-2036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:51:da:ec:98:fc:9c:ac:ac:25:52:4b:e2:fd:
15:16:80:bd:31:31:ff:9f:71:9e:ce:cf:6c:fa:33:
07:9c:df:d5:3b:ae:4d:a2:9f:d5:3c:1d:5a:01:dc:
a9:4a:31:be:52:16:a9:4c:49:0c:25:d7:c6:b9:49:
1d:9e:47:c8:6c:15:a7:17:6c:2d:cb:00:55:0f:17:
c7:3e:2e:db:c6:eb:19:05:a8:bd:90:66:17:00:a9:
bf:88:70:ef:38:23:45:1d:6f:b2:0e:fe:46:38:62:
b5:b2:72:ca:e4:0c:4a:35:24:5f:4b:3d:8e:a3:2e:
cb:19:be:4e:7f:57:ae:bd:1c:92:5b:4d:4b:3e:60:
94:d7:87:c6:94:ee:d6:4e:53:bf:67:0c:18:eb:dd:
d7:c8:3c:59:ad:c4:3b:e5:44:6a:32:99:b2:07:ca:
a7:2f:02:4c:78:1d:41:ef:21:89:94:ec:20:b0:66:
f6:1c:91:63:b8:55:2f:57:f3:b8:cc:de:5b:98:7d:
03:25:89:80:93:c9:91:ff:5d:d6:34:06:71:92:71:
00:b7:72:4b:e2:66:18:29:d2:4b:16:3e:0f:79:26:
36:1d:38:ef:51:7c:59:6a:63:fa:9c:0f:68:2d:27:
11:c5:ae:2f:7e:b9:38:2a:2d:46:2c:74:de:40:84:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:09:A8:EA:EC:D3:14:0F:A5:12:72:0D:22:56:6E:FA:01:A4:64:7E
X509v3 Authority Key Identifier:
keyid:9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/C67457E468F211EFB7A6A06EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.84.0/23
103.47.186.0/24
103.91.144.0/24
Signature Algorithm: sha256WithRSAEncryption
65:0f:6d:30:7d:b2:6a:f2:55:c4:92:e1:2a:de:71:29:d9:ee:
7c:78:8d:fd:44:b1:a1:13:a7:91:78:aa:7f:c7:c1:08:bd:f7:
ad:5a:bd:13:29:bb:5f:49:ac:e5:e1:c3:5f:6b:88:29:9a:d1:
a1:4f:c3:36:88:26:3b:3c:e4:e6:53:e6:9a:35:2f:2d:56:fb:
f3:c7:85:3a:03:b1:4b:5e:66:0e:ee:92:b9:e5:3d:15:f0:7d:
0d:45:2c:2d:3a:4a:56:6f:7a:e5:13:ad:4c:58:57:f6:19:d0:
f4:7c:a2:91:de:7f:12:cd:dd:66:54:96:c5:17:b9:3e:d1:8c:
1e:b4:ca:ff:26:ae:ba:22:54:5f:45:c4:3c:6e:d0:f7:93:6b:
d9:85:79:27:fd:0b:15:cd:3c:ff:9a:7b:40:ac:93:1b:0d:8b:
98:ba:b0:d0:05:8c:0e:64:d2:8d:d7:b7:02:fb:20:91:ef:17:
7d:61:69:9b:df:3f:55:2b:40:51:2e:40:6c:27:c5:87:e9:16:
98:60:e9:c3:d8:32:67:83:b5:7a:ba:c1:2d:ac:f7:ef:8a:ce:
3f:00:ca:90:f3:fb:fd:3c:3d:6e:27:85:15:aa:68:6c:18:ae:
cb:4a:54:53:04:91:ed:73:de:6a:05:d0:c3:21:cb:10:ea:a5:
b8:ab:2b:b0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUVEMkMxMTAvBgNVBAUTKDlEMzQxNDI4M0IyMjdCOEY1MTJGMzA1RjJBQ0RCNDND
REU5RTREMTIwHhcNMjQwOTAyMDYxNjE5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1NTgzMy0yMDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp1Ha7Jj8nKysJVJL4v0VFoC9MTH/n3Gezs9s+jMHnN/VO65Nop/VPB1aAdyp
SjG+UhapTEkMJdfGuUkdnkfIbBWnF2wtywBVDxfHPi7bxusZBai9kGYXAKm/iHDv
OCNFHW+yDv5GOGK1snLK5AxKNSRfSz2Ooy7LGb5Of1euvRySW01LPmCU14fGlO7W
TlO/ZwwY693XyDxZrcQ75URqMpmyB8qnLwJMeB1B7yGJlOwgsGb2HJFjuFUvV/O4
zN5bmH0DJYmAk8mR/13WNAZxknEAt3JL4mYYKdJLFj4PeSY2HTjvUXxZamP6nA9o
LScRxa4vfrk4Ki1GLHTeQIScfQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBIJqOrs
0xQPpRJyDSJWbvoBpGR+MB8GA1UdIwQYMBaAFJ00FCg7InuPUS8wXyrNtDzenk0S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRUQyQy8wMDM3M0M2QzlC
QkMxMUVFODUxQURENTBDNEY5QUUwMi9uVFFVS0RzaWU0OVJMekJmS3MyMFBONmVU
UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25UUVVLRHNpZTQ5Ukx6QmZLczIwUE42ZVRSSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUVEMkMvMDAzNzNDNkM5QkJDMTFFRTg1MUFERDUwQzRGOUFFMDIvQzY3NDU3RTQ2
OEYyMTFFRkI3QTZBMDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEkMlQDBABnL7oDBABnW5AwDQYJKoZIhvcNAQELBQADggEB
AGUPbTB9smryVcSS4SrecSnZ7nx4jf1EsaETp5F4qn/HwQi9961avRMpu19JrOXh
w19riCma0aFPwzaIJjs85OZT5po1Ly1W+/PHhToDsUteZg7ukrnlPRXwfQ1FLC06
SlZveuUTrUxYV/YZ0PR8opHefxLN3WZUlsUXuT7RjB60yv8mrroiVF9FxDxu0PeT
a9mFeSf9CxXNPP+ae0CskxsNi5i6sNAFjA5k0o3XtwL7IJHvF31haZvfP1UrQFEu
QGwnxYfpFphg6cPYMmeDtXq6wS2s9++Kzj8AypDz+/08PW4nhRWqaGwYrstKVFME
ke1z3moF0MMhyxDqpbirK7A=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:30:01 2025 by rpki-client