Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/97266C98B14F11EF9B09BD46C4F9AE02.roa
File: 97266C98B14F11EF9B09BD46C4F9AE02.roa (raw, json)
Hash identifier: YPDhJ7SV3M8e+dXWuhjSN/Bx6Q6+HjxR4fiIlwx66zk=
Subject key identifier: 6E:A4:CC:24:ED:73:C1:13:68:AE:09:25:AF:D1:96:7B:8E:7A:27:00
Certificate issuer: /CN=A91215B3/serialNumber=914850C4B8A513B2F8E4EDC4B5578707776372AE
Certificate serial: 012D
Authority key identifier: 91:48:50:C4:B8:A5:13:B2:F8:E4:ED:C4:B5:57:87:07:77:63:72:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kUhQxLilE7L45O3EtVeHB3djcq4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/97266C98B14F11EF9B09BD46C4F9AE02.roa
Signing time: Tue 03 Dec 2024 08:21:27 +0000
ROA not before: Tue 03 Dec 2024 08:21:27 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 17539
IP address blocks: 103.48.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301 (0x12d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91215B3
Validity
Not Before: Dec 3 08:21:27 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=674ebf87-14e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3d:18:94:71:0c:ad:8c:65:8b:f1:a6:1e:3a:
50:88:70:ec:d0:6e:69:bc:f6:70:51:05:52:7e:27:
00:36:e2:e7:64:e5:6a:57:2b:c0:2a:3a:8c:55:97:
ec:cb:47:95:d3:2d:76:d8:b8:46:3c:91:81:21:d7:
a0:89:96:ee:bb:b6:3c:d9:61:e3:47:1a:3f:96:2f:
c3:05:7f:b2:d5:f3:34:72:d9:7a:19:f2:20:a0:a6:
ba:9f:b5:49:45:1a:a4:e9:5b:10:69:c9:64:b1:86:
7b:10:7a:78:e4:69:cd:f6:a4:52:d1:99:b3:f9:e7:
18:3b:46:f9:4a:bd:2d:3b:2a:27:dc:bc:01:1e:4e:
09:be:9e:2b:2c:c6:ec:b3:19:f2:ec:09:8b:60:e9:
31:6c:a2:4c:a0:90:a9:a7:12:fd:42:8c:a9:45:37:
e6:1f:80:56:f5:a0:b4:f2:5a:52:1b:02:31:32:de:
7e:eb:8d:02:41:d3:c7:15:31:c9:fc:cf:dc:c5:00:
d2:11:7e:b3:ea:d1:53:bd:1b:3c:a4:41:41:97:f7:
8a:a7:d3:2f:10:20:eb:bc:75:54:e2:20:64:10:03:
99:4a:9a:61:f9:5a:f9:07:2f:a4:9c:0a:f5:df:82:
6e:af:96:04:1e:09:6b:d6:c8:a2:1a:58:06:63:09:
9f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A4:CC:24:ED:73:C1:13:68:AE:09:25:AF:D1:96:7B:8E:7A:27:00
X509v3 Authority Key Identifier:
keyid:91:48:50:C4:B8:A5:13:B2:F8:E4:ED:C4:B5:57:87:07:77:63:72:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/kUhQxLilE7L45O3EtVeHB3djcq4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kUhQxLilE7L45O3EtVeHB3djcq4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91215B3/E6F68F060B4B11EEAB9AAD79C4F9AE02/97266C98B14F11EF9B09BD46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.0.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ba:75:8f:7c:79:12:2a:22:0b:3e:40:d9:a4:f4:77:c6:93:
ec:84:57:b6:08:d7:8f:3d:44:e5:70:4b:6f:d7:4f:1d:2e:74:
e7:7a:52:9a:f2:24:b8:6f:61:90:08:37:3a:53:5d:cd:99:e0:
71:b8:ab:e4:bd:5f:b9:f5:0c:af:54:77:c2:f4:fc:64:c2:f8:
5c:75:57:ec:26:70:2b:62:e0:21:3c:2f:6d:67:a2:f2:08:af:
73:0c:67:6b:f9:0e:35:9b:e1:e3:7e:b7:44:b3:e6:69:53:72:
0a:34:55:fe:b2:0e:86:53:f3:3b:77:eb:d8:f8:74:aa:32:35:
56:c6:13:9e:cf:db:e3:df:43:f1:e7:d5:e6:9e:fb:fe:78:3e:
c8:07:80:7a:49:e4:7d:be:14:41:30:46:80:25:54:2d:9c:f9:
aa:47:a0:83:4e:77:99:4b:3a:60:cf:ef:27:13:b8:7d:7b:81:
71:24:d9:50:ab:0a:40:d4:f2:96:ba:56:52:c4:a9:16:f1:9f:
1c:57:8a:57:14:17:09:3f:05:34:be:16:31:1c:21:73:08:55:
a3:c4:ac:49:f6:91:d5:08:23:f8:19:96:9e:3d:04:79:9a:b0:
b2:4b:6e:9b:f1:79:6f:76:d5:aa:6c:28:f6:1e:7d:41:a7:7c:
2a:e1:4f:da
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE1QjMxMTAvBgNVBAUTKDkxNDg1MEM0QjhBNTEzQjJGOEU0RURDNEI1NTc4NzA3
Nzc2MzcyQUUwHhcNMjQxMjAzMDgyMTI3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlYmY4Ny0xNGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqj0YlHEMrYxli/GmHjpQiHDs0G5pvPZwUQVSficANuLnZOVqVyvAKjqMVZfs
y0eV0y122LhGPJGBIdegiZbuu7Y82WHjRxo/li/DBX+y1fM0ctl6GfIgoKa6n7VJ
RRqk6VsQaclksYZ7EHp45GnN9qRS0Zmz+ecYO0b5Sr0tOyon3LwBHk4Jvp4rLMbs
sxny7AmLYOkxbKJMoJCppxL9QoypRTfmH4BW9aC08lpSGwIxMt5+640CQdPHFTHJ
/M/cxQDSEX6z6tFTvRs8pEFBl/eKp9MvECDrvHVU4iBkEAOZSpph+Vr5By+knAr1
34Jur5YEHglr1siiGlgGYwmfNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG6kzCTt
c8ETaK4JJa/RlnuOeicAMB8GA1UdIwQYMBaAFJFIUMS4pROy+OTtxLVXhwd3Y3Ku
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTVCMy9FNkY2OEYwNjBC
NEIxMUVFQUI5QUFENzlDNEY5QUUwMi9rVWhReExpbEU3TDQ1TzNFdFZlSEIzZGpj
cTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tVaFF4TGlsRTdMNDVPM0V0VmVIQjNkamNxNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE1QjMvRTZGNjhGMDYwQjRCMTFFRUFCOUFBRDc5QzRGOUFFMDIvOTcyNjZDOThC
MTRGMTFFRjlCMDlCRDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnMAAwDQYJKoZIhvcNAQELBQADggEBAAa6dY98eRIqIgs+
QNmk9HfGk+yEV7YI1489ROVwS2/XTx0udOd6UpryJLhvYZAINzpTXc2Z4HG4q+S9
X7n1DK9Ud8L0/GTC+Fx1V+wmcCti4CE8L21novIIr3MMZ2v5DjWb4eN+t0Sz5mlT
cgo0Vf6yDoZT8zt369j4dKoyNVbGE57P2+PfQ/Hn1eae+/54PsgHgHpJ5H2+FEEw
RoAlVC2c+apHoINOd5lLOmDP7ycTuH17gXEk2VCrCkDU8pa6VlLEqRbxnxxXilcU
Fwk/BTS+FjEcIXMIVaPErEn2kdUII/gZlp49BHmasLJLbpvxeW921apsKPYefUGn
fCrhT9o=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:41:42 2025 by rpki-client