Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912D9BE/B09C3CE2117B11EC80E42143C4F9AE02/8E806136117D11ECB7B68E43C4F9AE02.roa
File: 8E806136117D11ECB7B68E43C4F9AE02.roa (raw, json)
Hash identifier: 34lq4xBdBZRkq3ZuijCrtVUUAmjz9QzcPaXtKs8bcm0=
Subject key identifier: 22:B1:45:83:C7:01:2B:DB:13:88:90:96:A3:9F:6D:F3:DD:C1:F8:05
Certificate issuer: /CN=A912D9BE/serialNumber=8A80EA85622AA07021BDF4AC8418B0D9A539ACE1
Certificate serial: 0470
Authority key identifier: 8A:80:EA:85:62:2A:A0:70:21:BD:F4:AC:84:18:B0:D9:A5:39:AC:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ioDqhWIqoHAhvfSshBiw2aU5rOE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912D9BE/B09C3CE2117B11EC80E42143C4F9AE02/8E806136117D11ECB7B68E43C4F9AE02.roa
Signing time: Sat 31 Aug 2024 02:04:27 +0000
ROA not before: Sat 31 Aug 2024 02:04:26 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 55707
IP address blocks: 103.168.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1136 (0x470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912D9BE, serialNumber=8A80EA85622AA07021BDF4AC8418B0D9A539ACE1
Validity
Not Before: Aug 31 02:04:26 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66d27a2a-92c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:25:d3:74:71:3b:52:42:2d:ea:27:60:16:3a:
58:9a:75:5b:ce:d4:11:c5:da:fd:17:30:83:74:75:
a7:40:c2:6a:14:d1:09:54:57:c7:c4:af:24:6f:23:
74:c2:0c:01:59:39:7e:62:21:0a:29:88:e1:12:73:
84:ac:eb:c6:74:23:7b:9c:00:ae:7e:ca:c5:99:eb:
b0:f5:fd:6b:a2:1e:34:aa:15:6f:87:c7:b3:8a:f5:
e9:a3:55:35:ad:f8:80:49:e7:0f:ad:84:44:3b:66:
f1:7f:c9:91:89:2c:d2:c6:02:6e:ed:14:97:2c:d7:
11:84:e6:6f:36:e2:2a:84:1d:0b:a1:31:2d:3d:87:
85:92:4e:2a:4b:f2:22:ba:48:4d:92:0a:08:91:4a:
ea:47:61:2c:08:00:3d:52:18:7e:52:94:a3:45:ba:
ea:5e:67:75:28:16:ef:9c:98:59:a4:13:3c:84:28:
84:47:f9:71:68:49:c7:a5:59:b3:89:79:6a:0e:f7:
6d:bb:4c:9d:ba:13:cc:3c:e3:7b:44:b3:87:cb:ed:
73:cb:20:c8:b1:da:94:b4:ed:ab:a6:30:33:e4:47:
0a:b3:91:ee:e4:99:3b:24:c0:e4:a2:b9:50:77:84:
f0:04:fc:d4:27:26:8a:d9:87:12:81:0d:9d:4c:03:
e0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B1:45:83:C7:01:2B:DB:13:88:90:96:A3:9F:6D:F3:DD:C1:F8:05
X509v3 Authority Key Identifier:
keyid:8A:80:EA:85:62:2A:A0:70:21:BD:F4:AC:84:18:B0:D9:A5:39:AC:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912D9BE/B09C3CE2117B11EC80E42143C4F9AE02/ioDqhWIqoHAhvfSshBiw2aU5rOE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ioDqhWIqoHAhvfSshBiw2aU5rOE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D9BE/B09C3CE2117B11EC80E42143C4F9AE02/8E806136117D11ECB7B68E43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.104.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:92:04:30:07:a4:ff:f6:00:78:77:12:14:99:30:b7:ba:08:
e7:74:4d:66:bc:cf:9f:46:76:40:8f:36:b2:8b:4b:31:79:71:
37:d6:ad:ec:ab:e3:0d:c9:34:2e:e2:11:aa:fd:82:ce:12:c9:
d6:36:21:70:82:aa:b4:8b:d9:a2:02:2a:95:17:d5:20:e1:99:
34:2e:46:93:57:54:6b:74:74:9c:24:b6:84:e1:1e:39:8b:37:
d4:b2:80:07:f3:5b:4c:98:56:28:1a:0b:97:81:dc:8c:65:33:
7e:0e:14:1d:84:72:ae:2a:88:d7:93:ea:86:e9:49:28:14:6c:
ad:46:48:96:39:ce:82:63:1e:da:0a:a9:bd:57:92:e1:01:ce:
87:95:46:81:52:a4:27:65:23:16:f7:03:72:6f:70:18:05:c4:
f6:26:88:5f:a6:b4:c0:d8:a7:ee:94:e8:58:c9:8c:53:49:63:
b2:e4:0f:ac:92:54:cc:9d:a5:b2:08:7b:b7:62:32:72:09:a4:
c1:21:e0:2f:67:b3:2a:a9:5d:1b:64:23:86:32:2e:ae:08:c6:
e0:3d:65:4a:02:09:d6:00:09:34:e5:bf:56:59:cf:2a:64:34:
5a:20:78:26:1d:f0:47:32:3b:2e:00:ab:d8:32:68:74:45:c1:
b7:ee:c7:9f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQ5QkUxMTAvBgNVBAUTKDhBODBFQTg1NjIyQUEwNzAyMUJERjRBQzg0MThCMEQ5
QTUzOUFDRTEwHhcNMjQwODMxMDIwNDI2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQyN2EyYS05MmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2iXTdHE7UkIt6idgFjpYmnVbztQRxdr9FzCDdHWnQMJqFNEJVFfHxK8kbyN0
wgwBWTl+YiEKKYjhEnOErOvGdCN7nACufsrFmeuw9f1roh40qhVvh8ezivXpo1U1
rfiASecPrYREO2bxf8mRiSzSxgJu7RSXLNcRhOZvNuIqhB0LoTEtPYeFkk4qS/Ii
ukhNkgoIkUrqR2EsCAA9Uhh+UpSjRbrqXmd1KBbvnJhZpBM8hCiER/lxaEnHpVmz
iXlqDvdtu0yduhPMPON7RLOHy+1zyyDIsdqUtO2rpjAz5EcKs5Hu5Jk7JMDkorlQ
d4TwBPzUJyaK2YcSgQ2dTAPg1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFCKxRYPH
ASvbE4iQlqOfbfPdwfgFMB8GA1UdIwQYMBaAFIqA6oViKqBwIb30rIQYsNmlOazh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDlCRS9CMDlDM0NFMjEx
N0IxMUVDODBFNDIxNDNDNEY5QUUwMi9pb0RxaFdJcW9IQWh2ZlNzaEJpdzJhVTVy
T0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lvRHFoV0lxb0hBaHZmU3NoQml3MmFVNXJPRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQ5QkUvQjA5QzNDRTIxMTdCMTFFQzgwRTQyMTQzQzRGOUFFMDIvOEU4MDYxMzYx
MTdEMTFFQ0I3QjY4RTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnqGgwDQYJKoZIhvcNAQELBQADggEBALOSBDAHpP/2AHh3
EhSZMLe6COd0TWa8z59GdkCPNrKLSzF5cTfWreyr4w3JNC7iEar9gs4SydY2IXCC
qrSL2aICKpUX1SDhmTQuRpNXVGt0dJwktoThHjmLN9SygAfzW0yYVigaC5eB3Ixl
M34OFB2Ecq4qiNeT6obpSSgUbK1GSJY5zoJjHtoKqb1XkuEBzoeVRoFSpCdlIxb3
A3JvcBgFxPYmiF+mtMDYp+6U6FjJjFNJY7LkD6ySVMydpbIIe7diMnIJpMEh4C9n
syqpXRtkI4YyLq4IxuA9ZUoCCdYACTTlv1ZZzypkNFogeCYd8EcyOy4Aq9gyaHRF
wbfux58=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:15:31 2025 by rpki-client