Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/40FAC654C77B11ECB1362373C4F9AE02.roa
File: 40FAC654C77B11ECB1362373C4F9AE02.roa (raw, json)
Hash identifier: feukT0NR425drokvcFA8C6wG19LfMl2LX0RcF72U5Cw=
Subject key identifier: BF:F3:80:A1:AB:EF:EB:68:B3:FE:06:9A:97:2F:16:30:A7:A9:3C:BC
Certificate issuer: /CN=A9137AD6/serialNumber=2578CBCAFCA26B172057E37AB77A61C81032222D
Certificate serial: 03
Authority key identifier: 25:78:CB:CA:FC:A2:6B:17:20:57:E3:7A:B7:7A:61:C8:10:32:22:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXjLyvyiaxcgV-N6t3phyBAyIi0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/40FAC654C77B11ECB1362373C4F9AE02.roa
Signing time: Fri 29 Apr 2022 05:14:33 +0000
ROA not before: Fri 29 Apr 2022 05:14:33 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 132309
IP address blocks: 103.9.240.0/22 maxlen: 22
103.9.240.0/24 maxlen: 24
103.9.241.0/24 maxlen: 24
103.9.242.0/24 maxlen: 24
103.9.243.0/24 maxlen: 24
123.253.40.0/24 maxlen: 24
123.253.41.0/24 maxlen: 24
123.253.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137AD6, serialNumber=2578CBCAFCA26B172057E37AB77A61C81032222D
Validity
Not Before: Apr 29 05:14:33 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=626b7439-a6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:e2:7b:ed:c2:09:bb:4a:15:15:25:fb:0d:
44:f8:da:d5:7d:c1:65:97:43:6d:ba:e6:c7:f2:44:
a4:fd:9d:69:9c:80:ed:d9:f5:b0:56:68:8d:e4:f6:
bc:3e:ef:e1:fa:a1:a4:cc:21:9d:9c:86:f0:6e:8d:
33:5c:10:c0:cf:d3:0e:3e:8a:6c:6c:f6:36:d4:bf:
18:f9:dd:29:9b:b4:25:57:d5:ef:17:9f:31:bd:ba:
4b:43:a7:97:db:31:32:cf:36:f8:7b:c1:7c:4c:35:
a3:4f:46:b3:56:9f:dc:60:4a:2c:7b:81:03:cb:b9:
1a:90:92:7a:c5:97:40:71:c6:6c:86:12:3f:31:2a:
f1:a9:cc:32:3e:f2:59:bc:e9:cc:33:07:29:88:26:
6e:ad:ca:e7:af:d0:c4:67:c7:8b:9f:47:a7:08:dc:
b5:d6:f9:8a:4b:0b:2e:12:3d:d3:4f:23:6e:19:ab:
68:f4:73:a6:56:3b:ec:05:38:71:39:45:a2:df:c7:
98:0f:9e:e5:3d:a6:10:36:ff:43:9b:62:f8:d6:41:
40:6e:bc:ff:c2:f5:cc:bf:51:51:2d:d5:e8:49:c0:
83:b6:ee:2f:d5:cd:12:57:59:7f:89:b5:75:b7:86:
c6:4b:69:3c:02:84:ce:fd:64:d9:70:59:01:dd:51:
7d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F3:80:A1:AB:EF:EB:68:B3:FE:06:9A:97:2F:16:30:A7:A9:3C:BC
X509v3 Authority Key Identifier:
keyid:25:78:CB:CA:FC:A2:6B:17:20:57:E3:7A:B7:7A:61:C8:10:32:22:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/JXjLyvyiaxcgV-N6t3phyBAyIi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXjLyvyiaxcgV-N6t3phyBAyIi0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137AD6/A2CE6BD8C77611ECB73AD566C4F9AE02/40FAC654C77B11ECB1362373C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.240.0/22
123.253.40.0/23
123.253.43.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:a4:a8:b7:53:b0:79:ab:0d:62:d3:8a:7f:71:3c:af:6f:7d:
31:dc:11:6e:d0:4e:c7:3b:8d:a6:02:6b:8d:4d:85:c4:26:f1:
f6:3d:e7:fd:d6:4e:ab:cb:b4:f9:ba:a8:6e:3b:a9:8a:38:6e:
ec:79:db:dd:a3:74:2b:f7:64:09:b5:75:bf:71:b9:1c:c8:98:
c0:48:b3:4b:f0:7a:c9:06:33:cd:44:5d:75:79:ce:b9:39:6d:
a7:97:03:9b:13:0d:39:ea:5e:4d:7e:c4:24:9d:5a:44:a7:19:
f6:6e:02:4f:70:df:b9:2f:47:a2:8e:e8:4e:8a:5f:a0:f8:b2:
f6:37:8f:2a:aa:6a:45:37:5d:4e:5f:db:f0:4c:20:40:1e:2b:
8d:5b:5f:c8:6b:a6:c2:59:49:cf:c2:29:54:e2:62:14:e2:bf:
8f:fb:bc:30:18:85:dd:c9:9d:49:b5:90:55:a9:b6:79:fd:f7:
5c:fa:71:b7:56:bb:42:0f:2c:2f:80:29:9d:3d:8b:0b:a6:ed:
dd:86:91:d8:1a:fd:54:d5:11:1d:9d:ba:3c:a1:c8:2c:8d:29:
4d:4d:d0:28:92:a5:19:e3:0e:12:29:51:53:49:e6:b9:11:33:
1c:31:1f:8d:06:19:6d:65:2f:98:14:24:c6:97:94:c8:8c:26:
53:51:11:ed
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
N0FENjExMC8GA1UEBRMoMjU3OENCQ0FGQ0EyNkIxNzIwNTdFMzdBQjc3QTYxQzgx
MDMyMjIyRDAeFw0yMjA0MjkwNTE0MzNaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNmI3NDM5LWE2YTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFjuJ77cIJu0oVFSX7DUT42tV9wWWXQ2265sfyRKT9nWmcgO3Z9bBWaI3k9rw+
7+H6oaTMIZ2chvBujTNcEMDP0w4+imxs9jbUvxj53SmbtCVX1e8XnzG9uktDp5fb
MTLPNvh7wXxMNaNPRrNWn9xgSix7gQPLuRqQknrFl0BxxmyGEj8xKvGpzDI+8lm8
6cwzBymIJm6tyuev0MRnx4ufR6cI3LXW+YpLCy4SPdNPI24Zq2j0c6ZWO+wFOHE5
RaLfx5gPnuU9phA2/0ObYvjWQUBuvP/C9cy/UVEt1ehJwIO27i/VzRJXWX+JtXW3
hsZLaTwChM79ZNlwWQHdUX2hAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUv/OAoavv
62iz/gaaly8WMKepPLwwHwYDVR0jBBgwFoAUJXjLyvyiaxcgV+N6t3phyBAyIi0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM3QUQ2L0EyQ0U2QkQ4Qzc3
NjExRUNCNzNBRDU2NkM0RjlBRTAyL0pYakx5dnlpYXhjZ1YtTjZ0M3BoeUJBeUlp
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSlhqTHl2eWlheGNnVi1ONnQzcGh5QkF5SWkwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
N0FENi9BMkNFNkJEOEM3NzYxMUVDQjczQUQ1NjZDNEY5QUUwMi80MEZBQzY1NEM3
N0IxMUVDQjEzNjIzNzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAmcJ8AMEAXv9KAMEAHv9KzANBgkqhkiG9w0BAQsFAAOCAQEA
P6Sot1OweasNYtOKf3E8r299MdwRbtBOxzuNpgJrjU2FxCbx9j3n/dZOq8u0+bqo
bjupijhu7Hnb3aN0K/dkCbV1v3G5HMiYwEizS/B6yQYzzURddXnOuTltp5cDmxMN
OepeTX7EJJ1aRKcZ9m4CT3DfuS9Hoo7oTopfoPiy9jePKqpqRTddTl/b8EwgQB4r
jVtfyGumwllJz8IpVOJiFOK/j/u8MBiF3cmdSbWQVam2ef33XPpxt1a7Qg8sL4Ap
nT2LC6bt3YaR2Br9VNURHZ26PKHILI0pTU3QKJKlGeMOEilRU0nmuREzHDEfjQYZ
bWUvmBQkxpeUyIwmU1ER7Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:00:22 2025 by rpki-client