Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/243C54088DAC11EEBFC67C56C4F9AE02.roa
File: 243C54088DAC11EEBFC67C56C4F9AE02.roa (raw, json)
Hash identifier: d1p4Xhr7ufm8ypv8MhI4KjIiid+LZdXFKJD36On3DJY=
Subject key identifier: B1:40:0A:66:CB:22:D9:C7:DA:AB:BA:7F:97:D5:38:59:52:CE:FB:F6
Certificate issuer: /CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Certificate serial: 0451
Authority key identifier: 45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/243C54088DAC11EEBFC67C56C4F9AE02.roa
Signing time: Fri 15 Dec 2023 01:33:21 +0000
ROA not before: Fri 15 Dec 2023 01:33:21 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 56264
IP address blocks: 103.31.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1105 (0x451)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E5DC, serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Validity
Not Before: Dec 15 01:33:21 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=657bace1-3c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1b:e6:0a:b7:e0:49:5f:2f:f6:46:61:f6:74:
a7:3e:05:6b:23:eb:58:57:eb:31:c0:5b:35:27:aa:
46:df:6a:89:46:38:0b:9c:ed:38:95:bc:dd:71:ba:
5e:c9:dd:dc:f8:56:88:27:e0:c3:8d:25:b4:fb:b0:
d6:96:f7:0b:36:96:2a:b6:8c:6a:dc:ab:5e:fd:cc:
b8:e9:5e:a2:c8:41:9b:5a:80:38:47:fd:31:ad:4a:
d6:7b:c7:a3:23:e1:f9:a4:02:ba:71:35:e4:aa:44:
e2:b4:2b:de:e7:ae:aa:85:be:ef:02:5c:cb:79:b8:
d3:7b:cf:d9:8f:2b:29:ed:67:4a:d1:d1:46:8c:1a:
1d:93:e7:81:93:d9:87:4b:7e:b3:2b:47:99:af:54:
3f:ed:83:74:f5:ff:11:6c:67:96:87:d5:0e:fb:f6:
f8:43:4d:c9:3c:0a:0c:23:13:90:f9:e6:11:72:e8:
e2:cd:18:df:2b:1c:54:ed:42:98:5a:81:70:2e:99:
80:60:bf:ad:c8:47:16:ae:5a:63:e5:dd:fc:4f:ec:
57:26:2a:96:b7:84:10:4d:27:3c:e1:bc:ae:ed:15:
6e:e0:f0:b3:da:d8:76:b0:19:a6:42:f3:23:d8:bb:
18:28:ab:83:17:72:7c:65:1e:5d:ff:22:69:3e:cf:
fc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:40:0A:66:CB:22:D9:C7:DA:AB:BA:7F:97:D5:38:59:52:CE:FB:F6
X509v3 Authority Key Identifier:
keyid:45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/RS-rvfCd335V_Q-dvd1CePRPuIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/243C54088DAC11EEBFC67C56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.211.0/24
Signature Algorithm: sha256WithRSAEncryption
86:7d:99:ea:d5:d2:ac:d4:ec:2b:8f:04:12:d2:f5:50:01:f1:
7e:1e:47:45:9e:d2:84:f2:f9:18:b7:cb:c8:0f:3a:52:a2:df:
89:c1:f1:60:65:f9:ab:65:ff:df:8c:81:ac:7d:0b:fa:d2:ec:
7f:16:0e:dc:52:c8:d2:76:dd:59:75:32:23:37:c3:4e:13:14:
26:36:16:9e:c9:d6:a7:c5:9b:32:b1:7d:3c:11:26:57:28:d4:
14:16:18:aa:c3:ed:73:5b:28:49:23:3f:66:6b:b8:dc:01:03:
0d:b7:e2:4c:70:cf:50:5f:45:54:fe:93:2b:a8:16:44:4e:e2:
4c:fc:9c:ad:c1:74:bb:67:5f:bb:21:ff:48:3a:d8:f6:3d:81:
8c:c8:86:af:ac:01:e4:a0:43:64:ed:3b:8a:af:16:96:ea:96:
21:1d:79:62:b5:5b:d3:2e:75:99:47:11:38:d3:7d:01:18:7f:
01:91:f4:aa:7d:de:16:96:8a:92:22:01:1c:6b:8d:f4:08:c2:
de:95:f1:9b:60:6c:c4:e2:2f:ce:f8:6d:99:6a:3c:c4:3e:63:
5b:f2:83:ab:8c:34:ce:22:03:07:fb:1d:6e:b8:45:5c:dd:c9:
71:15:71:c8:98:93:f2:23:c6:67:9b:18:67:1f:d9:00:d0:c0:
22:77:12:57
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U1REMxMTAvBgNVBAUTKDQ1MkZBQkJERjA5RERGN0U1NUZEMEY5REJEREQ0Mjc4
RjQ0RkI4ODEwHhcNMjMxMjE1MDEzMzIxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdiYWNlMS0zYzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7xvmCrfgSV8v9kZh9nSnPgVrI+tYV+sxwFs1J6pG32qJRjgLnO04lbzdcbpe
yd3c+FaIJ+DDjSW0+7DWlvcLNpYqtoxq3Kte/cy46V6iyEGbWoA4R/0xrUrWe8ej
I+H5pAK6cTXkqkTitCve566qhb7vAlzLebjTe8/Zjysp7WdK0dFGjBodk+eBk9mH
S36zK0eZr1Q/7YN09f8RbGeWh9UO+/b4Q03JPAoMIxOQ+eYRcujizRjfKxxU7UKY
WoFwLpmAYL+tyEcWrlpj5d38T+xXJiqWt4QQTSc84byu7RVu4PCz2th2sBmmQvMj
2LsYKKuDF3J8ZR5d/yJpPs/8PwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLFACmbL
ItnH2qu6f5fVOFlSzvv2MB8GA1UdIwQYMBaAFEUvq73wnd9+Vf0Pnb3dQnj0T7iB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTVEQy9CQkUyQjUwMkY4
RUIxMUVCQkVGNUFBMzdDNEY5QUUwMi9SUy1ydmZDZDMzNVZfUS1kdmQxQ2VQUlB1
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTLXJ2ZkNkMzM1Vl9RLWR2ZDFDZVBSUHVJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U1REMvQkJFMkI1MDJGOEVCMTFFQkJFRjVBQTM3QzRGOUFFMDIvMjQzQzU0MDg4
REFDMTFFRUJGQzY3QzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnH9MwDQYJKoZIhvcNAQELBQADggEBAIZ9merV0qzU7CuP
BBLS9VAB8X4eR0We0oTy+Ri3y8gPOlKi34nB8WBl+atl/9+Mgax9C/rS7H8WDtxS
yNJ23Vl1MiM3w04TFCY2Fp7J1qfFmzKxfTwRJlco1BQWGKrD7XNbKEkjP2ZruNwB
Aw234kxwz1BfRVT+kyuoFkRO4kz8nK3BdLtnX7sh/0g62PY9gYzIhq+sAeSgQ2Tt
O4qvFpbqliEdeWK1W9MudZlHETjTfQEYfwGR9Kp93haWipIiARxrjfQIwt6V8Ztg
bMTiL874bZlqPMQ+Y1vyg6uMNM4iAwf7HW64RVzdyXEVcciYk/IjxmebGGcf2QDQ
wCJ3Elc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:36:08 2025 by rpki-client