Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/E1204FC4B08411EFAB2B3E23C4F9AE02.roa
File: E1204FC4B08411EFAB2B3E23C4F9AE02.roa (raw, json)
Hash identifier: ykQKViNxk5zASsr8quw9f2EYyud/AjjPgSyVl/lSosc=
Subject key identifier: 6A:5D:0A:17:70:29:DC:34:86:56:D8:EB:AD:13:CE:A5:81:C9:1E:E8
Certificate issuer: /CN=A9143B09/serialNumber=5329700B4DDDAD9E3FCDC3273F4D18D3E3045DC0
Certificate serial: 0863
Authority key identifier: 53:29:70:0B:4D:DD:AD:9E:3F:CD:C3:27:3F:4D:18:D3:E3:04:5D:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/E1204FC4B08411EFAB2B3E23C4F9AE02.roa
Signing time: Mon 02 Dec 2024 08:10:23 +0000
ROA not before: Mon 02 Dec 2024 08:10:23 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 133957
IP address blocks: 45.118.68.0/24 maxlen: 24
45.118.69.0/24 maxlen: 24
45.118.71.0/24 maxlen: 24
103.49.200.0/24 maxlen: 24
103.49.202.0/24 maxlen: 24
103.49.203.0/24 maxlen: 24
2402:1c80::/32 maxlen: 33
2402:1c80::/34 maxlen: 34
2402:1c80:a000::/36 maxlen: 36
2402:1c80:b000::/36 maxlen: 36
2402:1c80:c000::/34 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2147 (0x863)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143B09, serialNumber=5329700B4DDDAD9E3FCDC3273F4D18D3E3045DC0
Validity
Not Before: Dec 2 08:10:23 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=674d6b6f-001a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:43:75:9f:9e:18:2c:73:91:1c:0c:d9:96:
df:22:c9:d4:ac:04:b4:4c:63:6f:1a:01:4e:62:8a:
ad:79:d9:6d:9e:d5:ab:af:ce:4d:29:36:dd:98:c5:
c1:61:33:e4:a4:3d:a8:d1:db:73:97:34:77:0f:08:
ef:68:89:81:fd:a6:08:d4:8a:04:8d:d9:81:7b:b4:
4b:cd:80:c6:c0:bc:0d:2e:1d:1f:67:0f:05:3d:2b:
6a:65:c8:74:52:1a:fe:23:02:3d:e6:8d:5c:80:54:
ab:87:3a:69:d0:cd:34:06:a2:5f:b1:ab:bc:be:e2:
e8:d1:f2:8e:2a:9d:b5:36:41:ce:09:11:16:a3:76:
15:06:a2:66:95:7a:7a:ae:af:55:29:e8:27:69:93:
15:07:28:f8:da:6c:67:53:f0:d4:4d:ec:39:34:a5:
47:e2:e2:92:14:de:66:c6:d5:31:42:9e:5f:f1:df:
f8:40:75:f7:06:89:99:a5:1f:eb:de:04:e1:7b:f4:
7e:b9:65:52:1e:1f:4f:f7:11:e5:7e:5b:6f:42:f2:
da:ab:f8:97:13:ec:80:65:9e:24:33:20:a9:59:03:
f6:5b:b5:aa:17:13:80:0e:d1:bf:77:6f:d4:b5:65:
4c:c2:03:e9:b0:86:ab:ab:66:3f:0f:2d:e3:c5:3e:
10:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5D:0A:17:70:29:DC:34:86:56:D8:EB:AD:13:CE:A5:81:C9:1E:E8
X509v3 Authority Key Identifier:
keyid:53:29:70:0B:4D:DD:AD:9E:3F:CD:C3:27:3F:4D:18:D3:E3:04:5D:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/UylwC03drZ4_zcMnP00Y0-MEXcA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/E1204FC4B08411EFAB2B3E23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.68.0/23
45.118.71.0/24
103.49.200.0/24
103.49.202.0/23
IPv6:
2402:1c80::/32
Signature Algorithm: sha256WithRSAEncryption
94:0d:9a:17:8b:95:6f:e0:3e:58:93:e7:a5:72:1c:26:17:3e:
47:71:97:9d:1d:69:18:fb:77:5b:f7:6a:e7:da:e4:7b:bf:d5:
be:79:fe:87:a8:72:b8:0a:8a:bf:3b:cb:9a:aa:dc:22:60:e5:
dd:06:b3:a3:55:59:e4:44:22:c5:22:2f:12:ec:aa:72:1e:e3:
1e:b1:4b:ad:84:fe:b2:65:64:80:8b:e4:c8:2b:6d:ed:2b:17:
fa:c3:1c:ea:e7:77:97:15:5c:02:54:98:37:4f:9c:21:2c:65:
97:37:f6:6d:38:1a:30:d3:81:e2:67:30:19:b4:5c:dd:9e:b5:
45:af:88:8b:ed:66:1d:d2:cf:a7:48:e1:b4:78:52:24:10:be:
27:d4:a1:06:c1:07:a1:f0:c5:57:89:3c:c4:8b:94:72:ad:28:
82:f9:ef:f0:55:50:9d:93:b7:73:5c:af:e8:4e:5d:50:5c:80:
40:c2:c5:62:d2:dc:61:4f:7d:94:c2:5c:ae:29:93:85:bd:bf:
b6:0f:79:98:b4:01:6f:cb:0d:33:30:3c:63:60:ca:2e:e8:41:
60:07:94:cb:cf:16:e2:14:42:e4:53:39:21:05:46:06:80:e4:
3c:d0:9a:69:e6:b3:ea:8e:df:31:37:b7:ef:61:02:91:5d:a7:
31:b0:5f:dd
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNCMDkxMTAvBgNVBAUTKDUzMjk3MDBCNEREREFEOUUzRkNEQzMyNzNGNEQxOEQz
RTMwNDVEQzAwHhcNMjQxMjAyMDgxMDIzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkNmI2Zi0wMDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsJBDdZ+eGCxzkRwM2ZbfIsnUrAS0TGNvGgFOYoqtedltntWrr85NKTbdmMXB
YTPkpD2o0dtzlzR3DwjvaImB/aYI1IoEjdmBe7RLzYDGwLwNLh0fZw8FPStqZch0
Uhr+IwI95o1cgFSrhzpp0M00BqJfsau8vuLo0fKOKp21NkHOCREWo3YVBqJmlXp6
rq9VKegnaZMVByj42mxnU/DUTew5NKVH4uKSFN5mxtUxQp5f8d/4QHX3BomZpR/r
3gThe/R+uWVSHh9P9xHlfltvQvLaq/iXE+yAZZ4kMyCpWQP2W7WqFxOADtG/d2/U
tWVMwgPpsIarq2Y/Dy3jxT4QGwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFGpdChdw
Kdw0hlbY660TzqWByR7oMB8GA1UdIwQYMBaAFFMpcAtN3a2eP83DJz9NGNPjBF3A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwOS8zQjM2N0JDRTMz
QjcxMUU5QUQwRjU4N0FDNEY5QUUwMi9VeWx3QzAzZHJaNF96Y01uUDAwWTAtTUVY
Y0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V5bHdDMDNkclo0X3pjTW5QMDBZMC1NRVhjQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNCMDkvM0IzNjdCQ0UzM0I3MTFFOUFEMEY1ODdBQzRGOUFFMDIvRTEyMDRGQzRC
MDg0MTFFRkFCMkIzRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAEtdkQDBAAtdkcDBABnMcgDBAFnMcowDQQCAAIwBwMFACQC
HIAwDQYJKoZIhvcNAQELBQADggEBAJQNmheLlW/gPliT56VyHCYXPkdxl50daRj7
d1v3aufa5Hu/1b55/oeocrgKir87y5qq3CJg5d0Gs6NVWeREIsUiLxLsqnIe4x6x
S62E/rJlZICL5Mgrbe0rF/rDHOrnd5cVXAJUmDdPnCEsZZc39m04GjDTgeJnMBm0
XN2etUWviIvtZh3Sz6dI4bR4UiQQvifUoQbBB6HwxVeJPMSLlHKtKIL57/BVUJ2T
t3Ncr+hOXVBcgEDCxWLS3GFPfZTCXK4pk4W9v7YPeZi0AW/LDTMwPGNgyi7oQWAH
lMvPFuIUQuRTOSEFRgaA5DzQmmnms+qO3zE3t+9hApFdpzGwX90=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:39:57 2025 by rpki-client