Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/10F4726C368711EE86778E65C4F9AE02.roa
File: 10F4726C368711EE86778E65C4F9AE02.roa (raw, json)
Hash identifier: t6J0elhur8/AvNXFy0TXEWKikN5WaCM4+xUGdeqj3cY=
Subject key identifier: F5:FC:B7:DF:D6:66:48:1D:C2:0E:90:0B:35:41:10:86:32:B0:9A:AB
Certificate issuer: /CN=A91BBA80/serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Certificate serial: 0B4D
Authority key identifier: 06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/10F4726C368711EE86778E65C4F9AE02.roa
Signing time: Wed 09 Aug 2023 08:03:34 +0000
ROA not before: Wed 09 Aug 2023 08:03:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10214
IP address blocks: 103.6.208.0/22 maxlen: 23
103.6.208.0/23 maxlen: 24
103.6.210.0/24 maxlen: 24
103.46.212.0/22 maxlen: 22
103.46.212.0/24 maxlen: 24
103.46.213.0/24 maxlen: 24
103.46.214.0/24 maxlen: 24
103.46.215.0/24 maxlen: 24
103.89.80.0/22 maxlen: 24
103.225.228.0/22 maxlen: 24
113.30.224.0/22 maxlen: 24
121.200.32.0/20 maxlen: 20
121.200.32.0/21 maxlen: 24
121.200.40.0/22 maxlen: 24
121.200.44.0/24 maxlen: 24
121.200.46.0/23 maxlen: 24
160.20.72.0/22 maxlen: 24
163.47.56.0/22 maxlen: 22
163.47.56.0/24 maxlen: 24
163.47.57.0/24 maxlen: 24
163.47.58.0/24 maxlen: 24
163.47.59.0/24 maxlen: 24
203.57.126.0/23 maxlen: 24
2001:df1:b400::/48 maxlen: 48
2400:ec40::/32 maxlen: 32
2400:ec40::/36 maxlen: 36
2400:ec40:1000::/36 maxlen: 36
2400:ec40:2000::/36 maxlen: 36
2400:ec40:3000::/36 maxlen: 36
2400:ec40:4000::/36 maxlen: 36
2400:ec40:4000::/40 maxlen: 40
2400:ec40:5000::/36 maxlen: 36
2400:ec40:5100::/40 maxlen: 40
2400:ec40:5200::/40 maxlen: 40
2400:ec40:6000::/36 maxlen: 36
2400:ec40:7000::/36 maxlen: 36
2400:ec40:8000::/36 maxlen: 36
2400:ec40:9000::/36 maxlen: 36
2400:ec40:a000::/36 maxlen: 36
2400:ec40:b000::/36 maxlen: 36
2400:ec40:c000::/36 maxlen: 36
2400:ec40:d000::/36 maxlen: 36
2400:ec40:e000::/36 maxlen: 36
2400:ec40:f000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2893 (0xb4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BBA80, serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Validity
Not Before: Aug 9 08:03:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d34855-bb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5b:98:4b:6f:e7:59:fb:b0:b7:9c:8c:75:1d:
54:6b:34:32:c8:63:8d:f8:6b:6d:33:23:a9:05:eb:
bc:78:a5:66:bc:ab:8d:55:b8:9c:12:79:a6:b9:a2:
5c:94:fb:29:a9:e6:99:70:92:f1:5c:4c:57:f6:7d:
d6:d1:5f:31:a4:0d:55:8d:0d:27:6e:86:ad:36:e5:
cf:28:2a:35:7f:17:d6:64:c6:de:07:19:1c:e0:a9:
57:09:9e:a4:27:1b:c7:a2:c8:cc:8d:ad:bc:1c:2b:
97:0d:4c:8f:c7:ae:0c:c5:4e:ae:88:50:9a:59:3f:
03:d5:0e:d1:80:b7:10:af:4d:b8:5c:cd:46:60:9b:
12:04:07:e8:d8:55:a8:b9:4f:4b:44:a3:1e:42:4e:
5e:a1:24:5a:3d:27:01:ec:6b:02:16:1f:35:b9:af:
a6:8b:9f:ed:b6:b3:eb:35:52:6b:5b:12:03:9c:ed:
21:61:37:d0:6e:20:15:8a:0f:e9:1c:a7:2d:92:ac:
04:65:73:60:34:64:1d:df:e3:cc:fa:aa:01:df:b7:
15:a4:86:7a:da:80:8f:b5:35:73:b2:ff:8a:d0:ea:
66:a5:b7:74:ef:0c:10:72:25:cb:86:5f:44:29:39:
01:40:c2:c8:45:80:de:53:98:a8:15:84:18:71:71:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FC:B7:DF:D6:66:48:1D:C2:0E:90:0B:35:41:10:86:32:B0:9A:AB
X509v3 Authority Key Identifier:
keyid:06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/10F4726C368711EE86778E65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.208.0/22
103.46.212.0/22
103.89.80.0/22
103.225.228.0/22
113.30.224.0/22
121.200.32.0/20
160.20.72.0/22
163.47.56.0/22
203.57.126.0/23
IPv6:
2001:df1:b400::/48
2400:ec40::/32
Signature Algorithm: sha256WithRSAEncryption
70:7f:7e:a1:23:9a:43:74:a4:e5:0a:16:bc:4a:d6:57:91:4f:
e2:e5:1c:34:e7:b6:ae:61:17:8b:26:b7:50:91:e9:21:3b:1c:
af:83:06:95:8b:a0:bc:16:1e:3b:8b:9c:72:84:1f:43:7b:64:
be:26:13:46:f4:67:04:a0:cc:54:8d:e3:3d:16:e3:74:a6:3b:
f6:d7:59:eb:c6:4b:b0:33:28:6a:49:06:e0:c3:1e:14:ee:01:
2d:26:f4:af:df:23:71:6f:9b:61:65:56:bd:f4:88:50:5e:4f:
49:32:4b:8f:00:63:67:3e:34:dc:04:87:c4:7d:ab:52:96:a8:
22:d3:b2:d2:29:1c:17:74:5a:30:80:6c:52:d5:76:63:9a:23:
fc:93:c0:e2:dc:2d:22:11:d8:10:e5:23:71:f5:ab:4d:be:52:
da:cb:8b:34:6f:4e:25:1e:d3:b5:4b:21:0d:6e:25:0a:cc:cb:
2b:d0:7a:74:26:e1:a9:f8:4b:31:3b:e4:fc:76:5f:eb:18:40:
fd:35:38:ba:ea:8a:1f:17:e0:ae:37:b6:fa:9f:e0:6e:bc:bd:
2f:30:af:4f:6a:bc:7a:89:96:03:e0:c7:b8:a3:f6:5f:a0:e5:
dd:39:f0:a4:9e:b7:b7:88:95:1f:ae:c0:32:24:97:b6:68:36:
45:5f:a0:d3
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICC00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkJBODAxMTAvBgNVBAUTKDA2MEY3RTc3QzAwQUNCRTA4NjhEQzBCOEZDQTIzRDRB
NUYwN0Q3N0EwHhcNMjMwODA5MDgwMzM0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQzNDg1NS1iYjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxVuYS2/nWfuwt5yMdR1UazQyyGON+GttMyOpBeu8eKVmvKuNVbicEnmmuaJc
lPspqeaZcJLxXExX9n3W0V8xpA1VjQ0nboatNuXPKCo1fxfWZMbeBxkc4KlXCZ6k
JxvHosjMja28HCuXDUyPx64MxU6uiFCaWT8D1Q7RgLcQr024XM1GYJsSBAfo2FWo
uU9LRKMeQk5eoSRaPScB7GsCFh81ua+mi5/ttrPrNVJrWxIDnO0hYTfQbiAVig/p
HKctkqwEZXNgNGQd3+PM+qoB37cVpIZ62oCPtTVzsv+K0Opmpbd07wwQciXLhl9E
KTkBQMLIRYDeU5ioFYQYcXEY0QIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFPX8t9/W
Zkgdwg6QCzVBEIYysJqrMB8GA1UdIwQYMBaAFAYPfnfACsvgho3AuPyiPUpfB9d6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkE4MC9COThFODFENjA1
QjkxMUVBODIwODk5NkVDNEY5QUUwMi9CZzktZDhBS3ktQ0dqY0M0X0tJOVNsOEgx
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JnOS1kOEFLeS1DR2pjQzRfS0k5U2w4SDEzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkJBODAvQjk4RTgxRDYwNUI5MTFFQTgyMDg5OTZFQzRGOUFFMDIvMTBGNDcyNkMz
Njg3MTFFRTg2Nzc4RTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMDwEAgABMDYDBAJnBtADBAJnLtQDBAJnWVADBAJn4eQDBAJxHuADBAR5yCAD
BAKgFEgDBAKjLzgDBAHLOX4wFgQCAAIwEAMHACABDfG0AAMFACQA7EAwDQYJKoZI
hvcNAQELBQADggEBAHB/fqEjmkN0pOUKFrxK1leRT+LlHDTntq5hF4smt1CR6SE7
HK+DBpWLoLwWHjuLnHKEH0N7ZL4mE0b0ZwSgzFSN4z0W43SmO/bXWevGS7AzKGpJ
BuDDHhTuAS0m9K/fI3Fvm2FlVr30iFBeT0kyS48AY2c+NNwEh8R9q1KWqCLTstIp
HBd0WjCAbFLVdmOaI/yTwOLcLSIR2BDlI3H1q02+UtrLizRvTiUe07VLIQ1uJQrM
yyvQenQm4an4SzE75Px2X+sYQP01OLrqih8X4K43tvqf4G68vS8wr09qvHqJlgPg
x7ij9l+g5d058KSet7eIlR+uwDIkl7ZoNkVfoNM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:21:35 2025 by rpki-client