Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/AC9779D0849211EF89DEFA82C4F9AE02.roa
File: AC9779D0849211EF89DEFA82C4F9AE02.roa (raw, json)
Hash identifier: GoR3TjAaPGBwEWWTp2V8LIu5rRVhB9SwD9Xv6PIvAyU=
Subject key identifier: C1:03:2C:BB:6A:25:C0:6A:C0:3A:0A:55:3A:0A:B7:E2:17:9C:21:C9
Certificate issuer: /CN=A91E0D87/serialNumber=725FD977CE734BBA9933F2943DC26939FA0608A7
Certificate serial: 0465
Authority key identifier: 72:5F:D9:77:CE:73:4B:BA:99:33:F2:94:3D:C2:69:39:FA:06:08:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cl_Zd85zS7qZM_KUPcJpOfoGCKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/AC9779D0849211EF89DEFA82C4F9AE02.roa
Signing time: Mon 07 Oct 2024 09:58:17 +0000
ROA not before: Mon 07 Oct 2024 09:58:17 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 151734
IP address blocks: 103.204.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1125 (0x465)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0D87, serialNumber=725FD977CE734BBA9933F2943DC26939FA0608A7
Validity
Not Before: Oct 7 09:58:17 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6703b0b9-3490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9a:f6:9f:3c:ed:66:45:72:26:09:ba:9f:7a:
cc:de:2a:7e:c5:bc:65:4e:c6:f5:49:81:6e:c6:7f:
76:74:c8:f0:6a:e5:50:56:fc:b8:cd:4f:53:4d:be:
60:bd:77:96:ac:8b:4b:09:41:3f:f3:83:fa:4a:99:
6b:90:3a:74:dc:3d:7c:2e:99:3d:b8:56:df:09:92:
af:e9:df:8a:5a:fa:d3:3a:4e:91:31:1b:75:47:da:
99:3b:95:2d:dc:1d:e0:bc:b2:26:2f:02:7c:db:b2:
1e:7e:03:9a:4b:33:dd:96:1d:18:5e:54:b8:ba:32:
0e:01:1d:10:cd:ba:4f:1d:e2:a2:18:31:db:10:dd:
b0:52:7b:1f:dc:9d:a6:eb:96:48:81:47:93:37:39:
94:0c:6f:66:aa:5e:58:ec:d3:15:c4:ed:28:1b:d6:
5f:0d:7c:f6:dc:65:a0:87:35:fd:40:97:62:ab:f4:
02:cf:a9:ed:be:1e:4a:bd:89:eb:71:cb:a9:28:6a:
69:47:f4:1b:1f:c4:c4:cf:da:d4:e7:2c:ca:55:a4:
03:16:c5:a1:ca:03:ce:61:99:dc:f3:3c:90:e5:2f:
54:a0:f3:2a:64:98:0b:dc:89:55:88:ed:8e:82:b2:
6c:96:90:1a:f6:95:ee:60:f6:67:39:33:c0:42:ba:
29:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:03:2C:BB:6A:25:C0:6A:C0:3A:0A:55:3A:0A:B7:E2:17:9C:21:C9
X509v3 Authority Key Identifier:
keyid:72:5F:D9:77:CE:73:4B:BA:99:33:F2:94:3D:C2:69:39:FA:06:08:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/cl_Zd85zS7qZM_KUPcJpOfoGCKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cl_Zd85zS7qZM_KUPcJpOfoGCKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0D87/F683CEF221EB11EC92501819C4F9AE02/AC9779D0849211EF89DEFA82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.22.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:d5:c3:d4:48:2a:53:34:c9:e0:f9:7d:47:d2:d3:43:75:60:
a0:34:f6:d3:f4:6f:be:67:69:62:58:b6:57:45:dc:9b:46:78:
68:64:44:8c:5d:4c:ae:d5:6d:74:ad:73:a4:16:3e:a8:2e:f7:
f0:8c:92:c1:f2:e9:61:b9:ea:34:32:89:a3:2b:96:ca:f2:d7:
4e:08:08:7d:f2:43:80:a7:63:e3:c4:f6:ed:04:c4:28:87:89:
b2:7a:0e:c9:04:37:3c:a1:30:db:ba:2d:77:34:52:83:c9:b1:
5f:70:53:42:f6:ad:0e:31:df:8d:5d:22:c1:3d:9d:6e:15:29:
91:18:37:2a:45:e9:1c:a3:41:7b:e7:a8:ab:c0:4d:03:6b:60:
c2:c1:c5:09:7e:0e:e9:af:cd:7f:7e:fb:5f:11:1b:a8:22:84:
de:46:bd:c4:c4:7c:c7:36:05:ed:a9:28:9f:22:a3:0c:8c:23:
af:3e:de:70:87:bc:e0:ff:19:9a:14:72:18:44:2d:1d:81:5e:
21:48:27:0a:2a:2a:19:dd:9e:76:0d:05:e9:ff:16:ed:ff:50:
a0:d2:8d:c4:b6:c0:2c:33:02:80:bc:18:ff:93:40:81:e2:ab:
ca:86:bb:0b:9d:ce:35:76:e5:d3:ec:bf:69:c5:a3:36:36:fe:
1d:bc:51:fa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBGUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBEODcxMTAvBgNVBAUTKDcyNUZEOTc3Q0U3MzRCQkE5OTMzRjI5NDNEQzI2OTM5
RkEwNjA4QTcwHhcNMjQxMDA3MDk1ODE3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzAzYjBiOS0zNDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtpr2nzztZkVyJgm6n3rM3ip+xbxlTsb1SYFuxn92dMjwauVQVvy4zU9TTb5g
vXeWrItLCUE/84P6SplrkDp03D18Lpk9uFbfCZKv6d+KWvrTOk6RMRt1R9qZO5Ut
3B3gvLImLwJ827IefgOaSzPdlh0YXlS4ujIOAR0QzbpPHeKiGDHbEN2wUnsf3J2m
65ZIgUeTNzmUDG9mql5Y7NMVxO0oG9ZfDXz23GWghzX9QJdiq/QCz6ntvh5KvYnr
ccupKGppR/QbH8TEz9rU5yzKVaQDFsWhygPOYZnc8zyQ5S9UoPMqZJgL3IlViO2O
grJslpAa9pXuYPZnOTPAQropEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMEDLLtq
JcBqwDoKVToKt+IXnCHJMB8GA1UdIwQYMBaAFHJf2XfOc0u6mTPylD3CaTn6Bgin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEQ4Ny9GNjgzQ0VGMjIx
RUIxMUVDOTI1MDE4MTlDNEY5QUUwMi9jbF9aZDg1elM3cVpNX0tVUGNKcE9mb0dD
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NsX1pkODV6UzdxWk1fS1VQY0pwT2ZvR0NLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBEODcvRjY4M0NFRjIyMUVCMTFFQzkyNTAxODE5QzRGOUFFMDIvQUM5Nzc5RDA4
NDkyMTFFRjg5REVGQTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnzBYwDQYJKoZIhvcNAQELBQADggEBAJ3Vw9RIKlM0yeD5
fUfS00N1YKA09tP0b75naWJYtldF3JtGeGhkRIxdTK7VbXStc6QWPqgu9/CMksHy
6WG56jQyiaMrlsry104ICH3yQ4CnY+PE9u0ExCiHibJ6DskENzyhMNu6LXc0UoPJ
sV9wU0L2rQ4x341dIsE9nW4VKZEYNypF6RyjQXvnqKvATQNrYMLBxQl+DumvzX9+
+18RG6gihN5GvcTEfMc2Be2pKJ8iowyMI68+3nCHvOD/GZoUchhELR2BXiFIJwoq
KhndnnYNBen/Fu3/UKDSjcS2wCwzAoC8GP+TQIHiq8qGuwudzjV25dPsv2nFozY2
/h28Ufo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:27:29 2025 by rpki-client