Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A49B/B94F6936015111EF9857C01EC4F9AE02/38FF043205D211EF94FC904CC4F9AE02.roa
File: 38FF043205D211EF94FC904CC4F9AE02.roa (raw, json)
Hash identifier: pvs6hdXHm0qwxdxyBjXBLFBCGwU3PAqZh4ptUI6drKw=
Subject key identifier: D2:5D:87:11:61:21:94:83:25:B8:D1:9A:E5:5D:14:CA:07:3A:B7:2B
Certificate issuer: /CN=A914A49B/serialNumber=D5037AF969C8ACEA01B570FC64ADD4828AC06414
Certificate serial: 06
Authority key identifier: D5:03:7A:F9:69:C8:AC:EA:01:B5:70:FC:64:AD:D4:82:8A:C0:64:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1QN6-WnIrOoBtXD8ZK3UgorAZBQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A49B/B94F6936015111EF9857C01EC4F9AE02/38FF043205D211EF94FC904CC4F9AE02.roa
Signing time: Mon 29 Apr 2024 02:43:13 +0000
ROA not before: Mon 29 Apr 2024 02:43:13 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 152477
IP address blocks: 103.213.10.0/24 maxlen: 24
103.213.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A49B, serialNumber=D5037AF969C8ACEA01B570FC64ADD4828AC06414
Validity
Not Before: Apr 29 02:43:13 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=662f0941-5303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b0:4d:4e:b3:4c:5a:a3:2c:6f:71:e5:25:b8:
e2:21:59:df:af:37:08:56:a6:13:bd:66:5e:84:a6:
2c:b1:f4:cf:18:d5:e0:39:ba:96:bf:54:37:e7:5d:
4b:7b:ed:18:3b:0d:88:41:f2:1e:cc:dd:af:13:79:
c4:84:46:10:71:36:46:f0:a3:91:5a:f8:79:36:a2:
89:45:e7:84:b0:8e:5e:29:b6:30:6e:75:dc:c7:14:
1f:66:2d:46:b2:90:21:a3:46:38:0c:c2:b7:f9:7c:
68:67:09:7e:3a:04:7d:47:df:82:0e:cd:14:23:dc:
26:a9:fd:b8:42:4c:70:aa:7a:45:b8:10:84:b1:d3:
b9:0a:2d:32:b3:11:3c:d0:50:77:0e:11:74:10:93:
af:c7:83:f2:21:2f:6c:3e:fc:67:95:d6:ee:0e:b2:
a4:d8:47:3b:f7:fc:87:2e:a7:a8:23:80:49:7d:e5:
51:f5:b7:f4:16:82:dc:80:0e:2c:97:2c:94:5a:64:
f9:47:f2:65:4b:e7:a7:9c:8d:fe:97:b1:90:25:bf:
bb:84:8b:e1:b3:b9:29:f8:dc:79:67:d7:36:a5:1f:
8f:60:df:34:77:58:80:18:1e:b2:a2:5a:0f:b3:f6:
5c:b7:0e:2f:a3:c1:a3:19:76:58:0a:ed:f4:b6:4d:
3a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5D:87:11:61:21:94:83:25:B8:D1:9A:E5:5D:14:CA:07:3A:B7:2B
X509v3 Authority Key Identifier:
keyid:D5:03:7A:F9:69:C8:AC:EA:01:B5:70:FC:64:AD:D4:82:8A:C0:64:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A49B/B94F6936015111EF9857C01EC4F9AE02/1QN6-WnIrOoBtXD8ZK3UgorAZBQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1QN6-WnIrOoBtXD8ZK3UgorAZBQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A49B/B94F6936015111EF9857C01EC4F9AE02/38FF043205D211EF94FC904CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.10.0/23
Signature Algorithm: sha256WithRSAEncryption
31:4a:38:1f:7f:dd:6d:68:df:45:76:3d:74:df:dd:ca:66:ef:
72:05:1e:43:38:e8:d0:4f:6b:8c:a0:63:34:ff:64:06:b9:c6:
e8:de:48:4d:8b:ec:fd:24:3e:a6:7d:31:a2:c6:c9:f5:f8:4c:
c4:24:55:c1:3a:3d:31:54:e7:e2:16:7b:f1:b0:9b:4c:36:97:
36:5a:d3:29:76:7f:54:ae:b4:3c:d9:94:b6:d2:de:06:3b:7f:
ca:9c:a2:78:55:5d:85:07:2f:f6:fe:d9:36:98:e2:b3:f6:44:
89:70:11:14:b4:ae:ae:8f:54:0f:93:56:c8:5c:b1:f4:e9:37:
5b:a0:98:dc:2e:23:ba:e1:92:9c:ac:ed:4d:c8:ec:14:55:e6:
16:ef:45:a1:6b:43:66:50:86:4b:80:43:eb:a7:be:17:ef:d6:
c6:1e:38:e3:ae:a8:fd:97:30:ab:9b:77:c9:6e:09:01:bd:2d:
9a:c4:1e:b4:18:b3:03:e9:a2:ac:e8:59:66:fe:53:5f:3c:fc:
b8:b8:c8:7f:5a:a1:5f:2f:ad:8c:18:52:af:02:50:ee:c0:cd:
fe:4f:1e:70:01:97:74:e7:2c:3a:db:b4:61:3a:75:ff:26:84:
b1:8b:5f:bb:08:21:f0:18:02:3b:7b:49:4f:98:58:0a:1a:ad:
e1:fa:73:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QTQ5QjExMC8GA1UEBRMoRDUwMzdBRjk2OUM4QUNFQTAxQjU3MEZDNjRBREQ0ODI4
QUMwNjQxNDAeFw0yNDA0MjkwMjQzMTNaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmYwOTQxLTUzMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDsE1Os0xaoyxvceUluOIhWd+vNwhWphO9Zl6Epiyx9M8Y1eA5upa/VDfnXUt7
7Rg7DYhB8h7M3a8TecSERhBxNkbwo5Fa+Hk2oolF54Swjl4ptjBuddzHFB9mLUay
kCGjRjgMwrf5fGhnCX46BH1H34IOzRQj3Cap/bhCTHCqekW4EISx07kKLTKzETzQ
UHcOEXQQk6/Hg/IhL2w+/GeV1u4OsqTYRzv3/Icup6gjgEl95VH1t/QWgtyADiyX
LJRaZPlH8mVL56ecjf6XsZAlv7uEi+GzuSn43Hln1zalH49g3zR3WIAYHrKiWg+z
9ly3Di+jwaMZdlgK7fS2TToZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU0l2HEWEh
lIMluNGa5V0Uygc6tyswHwYDVR0jBBgwFoAU1QN6+WnIrOoBtXD8ZK3UgorAZBQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRBNDlCL0I5NEY2OTM2MDE1
MTExRUY5ODU3QzAxRUM0RjlBRTAyLzFRTjYtV25Jck9vQnRYRDhaSzNVZ29yQVpC
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMVFONi1XbklyT29CdFhEOFpLM1Vnb3JBWkJRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QTQ5Qi9COTRGNjkzNjAxNTExMUVGOTg1N0MwMUVDNEY5QUUwMi8zOEZGMDQzMjA1
RDIxMUVGOTRGQzkwNENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfVCjANBgkqhkiG9w0BAQsFAAOCAQEAMUo4H3/dbWjfRXY9
dN/dymbvcgUeQzjo0E9rjKBjNP9kBrnG6N5ITYvs/SQ+pn0xosbJ9fhMxCRVwTo9
MVTn4hZ78bCbTDaXNlrTKXZ/VK60PNmUttLeBjt/ypyieFVdhQcv9v7ZNpjis/ZE
iXARFLSuro9UD5NWyFyx9Ok3W6CY3C4juuGSnKztTcjsFFXmFu9FoWtDZlCGS4BD
66e+F+/Wxh44466o/Zcwq5t3yW4JAb0tmsQetBizA+mirOhZZv5TXzz8uLjIf1qh
Xy+tjBhSrwJQ7sDN/k8ecAGXdOcsOtu0YTp1/yaEsYtfuwgh8BgCO3tJT5hYChqt
4fpztQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:28:25 2025 by rpki-client