Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/35D22E883DA511EE9EE68B46C4F9AE02.roa
File: 35D22E883DA511EE9EE68B46C4F9AE02.roa (raw, json)
Hash identifier: 5oNmsvbo6ZSZ4qlzcH+GE3S0IjBcZ9QSadXcZqnGbok=
Subject key identifier: C7:F5:A5:96:E1:3F:33:0D:66:EC:DD:06:57:90:BB:19:1B:B2:97:12
Certificate issuer: /CN=A91A9D0F/serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2
Certificate serial: 0E04
Authority key identifier: 88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/35D22E883DA511EE9EE68B46C4F9AE02.roa
Signing time: Fri 18 Aug 2023 08:57:08 +0000
ROA not before: Fri 18 Aug 2023 08:57:08 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 138575
IP address blocks: 103.133.140.0/22 maxlen: 22
103.133.140.0/24 maxlen: 24
103.133.141.0/24 maxlen: 24
103.133.142.0/24 maxlen: 24
103.133.143.0/24 maxlen: 24
2404:4d40::/32 maxlen: 32
2404:4d40:1000::/36 maxlen: 36
2404:4d40:1000::/40 maxlen: 40
2404:4d40:1001::/48 maxlen: 48
2404:4d40:1002::/48 maxlen: 48
2404:4d40:1003::/48 maxlen: 48
2404:4d40:1004::/48 maxlen: 48
2404:4d40:1005::/48 maxlen: 48
2404:4d40:1006::/48 maxlen: 48
2404:4d40:1007::/48 maxlen: 48
2404:4d40:1008::/48 maxlen: 48
2404:4d40:1009::/48 maxlen: 48
2404:4d40:100a::/48 maxlen: 48
2404:4d40:100b::/48 maxlen: 48
2404:4d40:100c::/48 maxlen: 48
2404:4d40:100d::/48 maxlen: 48
2404:4d40:100e::/48 maxlen: 48
2404:4d40:100f::/48 maxlen: 48
2404:4d40:1010::/48 maxlen: 48
2404:4d40:1011::/48 maxlen: 48
2404:4d40:1012::/48 maxlen: 48
2404:4d40:1013::/48 maxlen: 48
2404:4d40:1014::/48 maxlen: 48
2404:4d40:1015::/48 maxlen: 48
2404:4d40:1016::/48 maxlen: 48
2404:4d40:1017::/48 maxlen: 48
2404:4d40:1018::/48 maxlen: 48
2404:4d40:1019::/48 maxlen: 48
2404:4d40:101a::/48 maxlen: 48
2404:4d40:101b::/48 maxlen: 48
2404:4d40:101c::/48 maxlen: 48
2404:4d40:101d::/48 maxlen: 48
2404:4d40:101e::/48 maxlen: 48
2404:4d40:101f::/48 maxlen: 48
2404:4d40:1020::/48 maxlen: 48
2404:4d40:1021::/48 maxlen: 48
2404:4d40:1022::/48 maxlen: 48
2404:4d40:1100::/40 maxlen: 40
2404:4d40:1200::/40 maxlen: 40
2404:4d40:1300::/40 maxlen: 40
2404:4d40:1400::/40 maxlen: 40
2404:4d40:1500::/40 maxlen: 40
2404:4d40:1600::/40 maxlen: 40
2404:4d40:1700::/40 maxlen: 40
2404:4d40:1800::/40 maxlen: 40
2404:4d40:1900::/40 maxlen: 40
2404:4d40:1a00::/40 maxlen: 40
2404:4d40:1b00::/40 maxlen: 40
2404:4d40:1c00::/40 maxlen: 40
2404:4d40:1d00::/40 maxlen: 40
2404:4d40:1e00::/40 maxlen: 40
2404:4d40:1f00::/40 maxlen: 40
2404:4d40:2000::/36 maxlen: 36
2404:4d40:2000::/40 maxlen: 40
2404:4d40:2100::/40 maxlen: 40
2404:4d40:2200::/40 maxlen: 40
2404:4d40:2300::/40 maxlen: 40
2404:4d40:2400::/40 maxlen: 40
2404:4d40:2500::/40 maxlen: 40
2404:4d40:2600::/40 maxlen: 40
2404:4d40:2700::/40 maxlen: 40
2404:4d40:2800::/40 maxlen: 40
2404:4d40:2900::/40 maxlen: 40
2404:4d40:2a00::/40 maxlen: 40
2404:4d40:2b00::/40 maxlen: 40
2404:4d40:2c00::/40 maxlen: 40
2404:4d40:2d00::/40 maxlen: 40
2404:4d40:2e00::/40 maxlen: 40
2404:4d40:2f00::/40 maxlen: 40
2404:4d40:3000::/36 maxlen: 36
2404:4d40:4000::/36 maxlen: 36
2404:4d40:4000::/40 maxlen: 40
2404:4d40:5000::/36 maxlen: 36
2404:4d40:6000::/36 maxlen: 36
2404:4d40:7000::/36 maxlen: 36
2404:4d40:8000::/36 maxlen: 36
2404:4d40:9000::/36 maxlen: 36
2404:4d40:a000::/36 maxlen: 36
2404:4d40:b000::/36 maxlen: 36
2404:4d40:c000::/36 maxlen: 36
2404:4d40:d000::/36 maxlen: 36
2404:4d40:e000::/36 maxlen: 36
2404:4d40:f000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3588 (0xe04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A9D0F, serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2
Validity
Not Before: Aug 18 08:57:08 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64df3263-0023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:10:ad:9a:70:44:d5:82:6c:dd:90:bb:d4:20:
65:f0:40:29:98:eb:b6:a4:8f:3a:8b:b8:53:ee:6d:
81:63:15:15:9d:61:7d:04:5d:60:55:45:f5:d2:2f:
f3:87:b8:1b:31:cf:34:70:35:de:84:50:8b:d4:b7:
b5:bd:27:52:55:00:78:e5:ac:ae:f0:62:49:60:0e:
c7:1b:98:6a:72:aa:5e:67:98:50:aa:1d:1d:7f:c1:
1d:d5:8a:12:56:47:74:3b:f2:50:a1:f6:bf:9a:b1:
31:c0:2b:25:82:91:b4:01:b6:be:84:34:88:d9:7f:
5a:fc:3a:a3:20:d1:3a:0d:e1:71:dd:c6:44:20:a2:
57:f0:3c:7b:b1:3d:4f:d4:70:d1:ca:bd:24:70:4c:
36:87:5c:f3:16:1b:de:96:e8:2f:fd:38:ab:21:e1:
65:a3:e9:b7:aa:dc:90:a7:c2:c1:f8:3e:5d:fa:6f:
61:a0:f5:46:be:2f:51:25:e9:16:ca:e7:f0:fd:5b:
92:73:02:48:b9:d0:79:fe:2d:11:41:b7:0e:10:de:
90:ac:f7:1b:7a:d5:b2:97:91:d0:67:00:1a:59:58:
6c:74:ec:ea:f4:71:a9:db:8d:1f:a8:4d:08:10:df:
3c:f0:74:de:f0:6f:7a:fe:5a:74:13:ad:3c:36:a9:
75:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F5:A5:96:E1:3F:33:0D:66:EC:DD:06:57:90:BB:19:1B:B2:97:12
X509v3 Authority Key Identifier:
keyid:88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/35D22E883DA511EE9EE68B46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.140.0/22
IPv6:
2404:4d40::/32
Signature Algorithm: sha256WithRSAEncryption
21:55:b2:a2:ac:0f:46:e4:c9:2a:26:ee:d0:dd:87:e9:05:29:
db:64:22:c2:a0:02:91:8e:a0:9b:46:7e:eb:50:d7:55:e9:f2:
20:f1:65:73:5b:78:94:6a:ec:d9:7d:16:9b:49:62:7d:1d:0f:
21:ed:44:61:71:f5:2d:e2:c4:b0:55:3e:05:aa:71:81:5f:21:
a6:21:e7:74:9f:b7:89:f5:6b:42:d0:e6:e9:af:b8:67:aa:fe:
f9:7c:e8:25:a2:ea:da:0b:cc:d7:56:d3:96:67:37:25:39:a9:
fc:37:31:40:ac:33:5f:cf:09:67:dd:76:18:2c:18:ca:71:33:
4a:d1:15:46:69:79:d3:d6:a5:cc:6c:72:09:b5:b3:fb:37:38:
31:f0:70:b5:3a:e6:ad:5e:c3:62:52:1a:ed:9b:b0:1c:3e:14:
ff:2c:e4:33:a4:8c:31:5b:76:90:f0:30:a7:35:9c:1e:cf:dd:
f0:cd:c5:cb:b5:46:88:3d:82:53:e6:f8:a1:6b:ee:2c:07:a5:
75:91:5f:97:e7:d9:42:e1:4d:fe:fc:73:a8:74:cb:32:03:18:
28:c2:2d:62:53:3f:04:8c:33:8f:3d:57:86:b2:82:5a:df:12:
66:77:d1:fa:87:fb:eb:e5:53:f6:05:1b:ec:08:93:76:05:bb:
1c:ac:61:2b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTlEMEYxMTAvBgNVBAUTKDg4RTdCNTQxRjQyMjk4RDZFOUI1MTY1RDk2NTI0NkND
MUNDMUY1QTIwHhcNMjMwODE4MDg1NzA4WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRmMzI2My0wMDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuxCtmnBE1YJs3ZC71CBl8EApmOu2pI86i7hT7m2BYxUVnWF9BF1gVUX10i/z
h7gbMc80cDXehFCL1Le1vSdSVQB45ayu8GJJYA7HG5hqcqpeZ5hQqh0df8Ed1YoS
Vkd0O/JQofa/mrExwCslgpG0Aba+hDSI2X9a/DqjINE6DeFx3cZEIKJX8Dx7sT1P
1HDRyr0kcEw2h1zzFhvelugv/TirIeFlo+m3qtyQp8LB+D5d+m9hoPVGvi9RJekW
yufw/VuScwJIudB5/i0RQbcOEN6QrPcbetWyl5HQZwAaWVhsdOzq9HGp240fqE0I
EN888HTe8G96/lp0E608Nql1+QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMf1pZbh
PzMNZuzdBleQuxkbspcSMB8GA1UdIwQYMBaAFIjntUH0IpjW6bUWXZZSRswcwfWi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUQwRi83NEJFMzhENjgw
Q0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1OYnB0UlpkbGxKR3pCekI5
YUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lPZTFRZlFpbU5icHRSWmRsbEpHekJ6QjlhSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTlEMEYvNzRCRTM4RDY4MENGMTFFOUFDRDcxQjUwQzRGOUFFMDIvMzVEMjJFODgz
REE1MTFFRTlFRTY4QjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhYwwDQQCAAIwBwMFACQETUAwDQYJKoZIhvcNAQELBQAD
ggEBACFVsqKsD0bkySom7tDdh+kFKdtkIsKgApGOoJtGfutQ11Xp8iDxZXNbeJRq
7Nl9FptJYn0dDyHtRGFx9S3ixLBVPgWqcYFfIaYh53Sft4n1a0LQ5umvuGeq/vl8
6CWi6toLzNdW05ZnNyU5qfw3MUCsM1/PCWfddhgsGMpxM0rRFUZpedPWpcxscgm1
s/s3ODHwcLU65q1ew2JSGu2bsBw+FP8s5DOkjDFbdpDwMKc1nB7P3fDNxcu1Rog9
glPm+KFr7iwHpXWRX5fn2ULhTf78c6h0yzIDGCjCLWJTPwSMM489V4ayglrfEmZ3
0fqH++vlU/YFG+wIk3YFuxysYSs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:19:50 2025 by rpki-client