Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/394F959E594A11EE8201DE62C4F9AE02.roa
File: 394F959E594A11EE8201DE62C4F9AE02.roa (raw, json)
Hash identifier: hxTfbAuy2ZH5HTjFv/CzjSXcvUPMI2lsR/WHs6YyEZo=
Subject key identifier: 4D:6E:F0:48:5F:D3:0D:27:AB:86:29:51:89:05:20:F7:EF:67:F3:DD
Certificate issuer: /CN=A9154AFB/serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A
Certificate serial: 15FB
Authority key identifier: D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/394F959E594A11EE8201DE62C4F9AE02.roa
Signing time: Fri 22 Sep 2023 13:16:22 +0000
ROA not before: Fri 22 Sep 2023 13:16:22 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 135003
IP address blocks: 103.86.132.0/22 maxlen: 24
203.6.208.0/22 maxlen: 24
2400:bf40::/32 maxlen: 32
2400:bf40:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5627 (0x15fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9154AFB, serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A
Validity
Not Before: Sep 22 13:16:22 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=650d93a6-c5c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f9:56:08:48:78:d2:45:19:dc:1d:b7:25:6b:
8a:19:8f:9c:6b:d0:5a:70:70:6a:9c:32:a3:23:1e:
58:4d:07:ac:52:6a:e9:1e:46:6a:79:8f:33:a8:d6:
be:74:b7:bd:e6:94:9e:ef:57:d8:df:f6:89:d8:8b:
25:b5:2d:34:03:fe:f7:7e:0d:51:45:9b:9a:10:8d:
4f:19:5e:90:13:8c:12:a7:b3:9c:26:0e:6a:2c:1f:
30:b0:21:ad:44:b5:fa:5d:32:c1:29:68:49:d4:28:
80:c8:49:f3:e7:d6:57:6e:43:d4:85:cf:d3:cf:88:
1d:e0:b5:1f:08:5c:90:f5:b3:87:8e:20:fc:83:ca:
06:56:5a:c7:a0:c7:50:1b:ab:29:79:8a:8d:93:9d:
44:0b:dd:d5:02:15:40:92:d6:d6:1d:08:0c:3c:28:
a2:09:ca:f8:da:54:00:25:3b:35:69:9e:06:b0:d1:
cc:b7:ac:3d:65:f9:17:e4:5c:06:ea:b4:1c:dc:6b:
40:69:4e:3a:d1:bb:51:c9:bf:37:ef:5a:8f:94:1c:
6b:aa:b9:a0:11:ae:49:96:ba:92:6e:a4:b5:77:94:
80:4c:3e:56:1d:e5:4b:3d:30:fe:58:45:b3:d8:1f:
95:45:1e:8a:43:84:40:da:dd:aa:0f:8b:03:f5:28:
5f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6E:F0:48:5F:D3:0D:27:AB:86:29:51:89:05:20:F7:EF:67:F3:DD
X509v3 Authority Key Identifier:
keyid:D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/394F959E594A11EE8201DE62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.132.0/22
203.6.208.0/22
IPv6:
2400:bf40::/32
Signature Algorithm: sha256WithRSAEncryption
00:dd:9b:50:97:5e:91:13:e8:50:e3:b4:6e:49:c7:1d:c1:b0:
d5:a6:22:f6:eb:cb:93:d6:85:a3:ec:5d:85:c3:b2:63:80:eb:
0d:c8:26:4a:fc:60:d3:c6:21:d7:fa:d5:5d:ea:94:2f:6d:30:
19:9a:13:ff:62:d7:d5:a5:ef:95:18:6b:54:0d:77:65:7c:22:
12:6d:ed:88:e7:b0:09:cd:48:76:22:13:3d:eb:36:71:b3:1e:
1f:86:61:56:f4:83:89:6e:f2:49:8d:3c:11:fa:6d:07:b1:09:
1e:3b:46:ec:de:8a:39:da:9d:1d:80:80:29:8e:0f:f2:2f:e7:
96:54:ce:ad:a1:9c:af:e3:a4:ea:16:37:7d:4e:90:38:50:78:
ec:60:02:10:d1:8d:9d:52:b5:63:71:7a:66:65:72:87:02:6d:
03:27:7a:d8:79:3d:52:2c:27:64:ef:56:b0:4a:bd:2b:a3:de:
d1:92:85:cf:7f:b6:fa:ac:d7:ec:16:a5:79:97:de:43:39:d9:
d7:7c:ef:e0:e5:75:53:e5:03:66:c3:5c:b5:ba:f3:a0:62:6e:
b8:0b:1e:55:e7:e7:b9:65:b8:e0:d0:35:ef:19:91:d2:7a:b9:
a7:18:8a:c0:c1:0d:a9:4f:64:d1:3f:b8:cc:1b:0e:de:83:28:
3f:7f:36:1a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICFfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTRBRkIxMTAvBgNVBAUTKEQ0RTMxNzZDQjlGNDg5M0U3NEM0RTgwNUZBN0ZCNUQ5
MEE0QTdCMEEwHhcNMjMwOTIyMTMxNjIyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBkOTNhNi1jNWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1PlWCEh40kUZ3B23JWuKGY+ca9BacHBqnDKjIx5YTQesUmrpHkZqeY8zqNa+
dLe95pSe71fY3/aJ2IsltS00A/73fg1RRZuaEI1PGV6QE4wSp7OcJg5qLB8wsCGt
RLX6XTLBKWhJ1CiAyEnz59ZXbkPUhc/Tz4gd4LUfCFyQ9bOHjiD8g8oGVlrHoMdQ
G6speYqNk51EC93VAhVAktbWHQgMPCiiCcr42lQAJTs1aZ4GsNHMt6w9ZfkX5FwG
6rQc3GtAaU460btRyb8371qPlBxrqrmgEa5JlrqSbqS1d5SATD5WHeVLPTD+WEWz
2B+VRR6KQ4RA2t2qD4sD9Shf7QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFE1u8Ehf
0w0nq4YpUYkFIPfvZ/PdMB8GA1UdIwQYMBaAFNTjF2y59Ik+dMToBfp/tdkKSnsK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEFGQi83OEEwNEU0Q0Uz
MkYxMUU3QjZDRUQ0MkZDNEY5QUUwMi8xT01YYkxuMGlUNTB4T2dGLW4tMTJRcEtl
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFPTVhiTG4waVQ1MHhPZ0Ytbi0xMlFwS2V3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTRBRkIvNzhBMDRFNENFMzJGMTFFN0I2Q0VENDJGQzRGOUFFMDIvMzk0Rjk1OUU1
OTRBMTFFRTgyMDFERTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnVoQDBALLBtAwDQQCAAIwBwMFACQAv0AwDQYJKoZIhvcN
AQELBQADggEBAADdm1CXXpET6FDjtG5Jxx3BsNWmIvbry5PWhaPsXYXDsmOA6w3I
Jkr8YNPGIdf61V3qlC9tMBmaE/9i19Wl75UYa1QNd2V8IhJt7YjnsAnNSHYiEz3r
NnGzHh+GYVb0g4lu8kmNPBH6bQexCR47RuzeijnanR2AgCmOD/Iv55ZUzq2hnK/j
pOoWN31OkDhQeOxgAhDRjZ1StWNxemZlcocCbQMneth5PVIsJ2TvVrBKvSuj3tGS
hc9/tvqs1+wWpXmX3kM52dd87+DldVPlA2bDXLW686BibrgLHlXn57lluODQNe8Z
kdJ6uacYisDBDalPZNE/uMwbDt6DKD9/Nho=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:23:01 2025 by rpki-client