Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912DB99/BC659BC631B411EEB551F211C4F9AE02/412DC75A9F3011EEA2D27757C4F9AE02.roa
File: 412DC75A9F3011EEA2D27757C4F9AE02.roa (raw, json)
Hash identifier: 1UNa4h0XNgDS0/AxYRTwrUi+aZgcmPLVhKUvp3qDqYw=
Subject key identifier: C0:95:DE:A5:C3:E4:63:8E:7C:B3:75:08:8A:F3:11:93:AB:0A:09:60
Certificate issuer: /CN=A912DB99/serialNumber=E98612EEEA4AE70D1FB5B6524B969D4742DCE810
Certificate serial: 4D
Authority key identifier: E9:86:12:EE:EA:4A:E7:0D:1F:B5:B6:52:4B:96:9D:47:42:DC:E8:10
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6YYS7upK5w0ftbZSS5adR0Lc6BA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912DB99/BC659BC631B411EEB551F211C4F9AE02/412DC75A9F3011EEA2D27757C4F9AE02.roa
Signing time: Wed 20 Dec 2023 12:06:50 +0000
ROA not before: Wed 20 Dec 2023 12:06:50 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 136895
IP address blocks: 103.246.64.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77 (0x4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912DB99
Validity
Not Before: Dec 20 12:06:50 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6582d8d9-3b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9a:a7:b3:c9:d8:68:92:5e:4c:55:e4:b1:75:
e1:85:23:19:f1:a6:00:77:ab:d2:18:94:52:ea:b6:
8d:52:9f:35:13:4d:b5:9f:d1:9c:68:b2:42:48:c3:
70:9d:d0:a3:15:ac:ad:5a:d1:f1:8b:d7:0a:84:2e:
18:90:8a:8c:fd:61:29:dd:cf:41:d9:e5:73:04:7f:
9c:7c:c8:30:62:d2:94:be:7d:74:28:03:64:06:85:
7b:37:83:e7:c6:d4:56:6f:01:b3:e6:c3:ad:07:99:
49:ee:71:18:a8:e1:9e:a4:96:a0:97:dc:01:57:c6:
49:9b:bb:77:d2:53:eb:d0:cc:09:b5:62:96:42:35:
3c:af:3a:35:64:49:b3:cc:41:42:0c:3b:c7:02:2d:
7b:1f:8c:ce:4d:65:42:83:04:40:c1:68:e7:a1:cf:
29:87:1c:33:c8:48:8e:ba:44:29:3c:e1:fc:22:4b:
76:0a:90:a1:f4:57:a5:88:4c:64:43:0b:ff:9f:cf:
64:dd:f9:1b:ec:74:ba:43:63:69:31:1e:1f:71:72:
86:1a:d2:ae:c9:ad:1a:33:70:19:47:24:89:9f:e0:
33:2c:4c:ec:c7:3e:4a:ae:cd:56:55:4b:cf:e1:ac:
64:b2:09:22:c6:54:41:fc:92:cc:5c:a1:f0:c5:74:
f0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:95:DE:A5:C3:E4:63:8E:7C:B3:75:08:8A:F3:11:93:AB:0A:09:60
X509v3 Authority Key Identifier:
keyid:E9:86:12:EE:EA:4A:E7:0D:1F:B5:B6:52:4B:96:9D:47:42:DC:E8:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912DB99/BC659BC631B411EEB551F211C4F9AE02/6YYS7upK5w0ftbZSS5adR0Lc6BA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6YYS7upK5w0ftbZSS5adR0Lc6BA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DB99/BC659BC631B411EEB551F211C4F9AE02/412DC75A9F3011EEA2D27757C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.246.64.0/23
Signature Algorithm: sha256WithRSAEncryption
77:25:3c:c7:7b:7d:b5:55:0f:0c:91:a4:dc:41:f4:d6:08:fb:
cd:b5:63:9f:38:98:88:6d:d7:b4:4c:25:3c:e4:07:1c:40:c5:
1d:91:a9:25:63:ee:01:35:cb:91:d0:fe:42:6b:96:85:4a:97:
d3:05:2a:99:57:aa:da:e7:9b:5d:b1:55:d4:d6:19:ba:0f:2d:
50:bc:8f:c0:50:af:76:18:d7:58:73:cc:2c:b2:22:78:9a:2b:
3d:94:08:27:2d:37:e4:83:f3:0b:1f:8f:d4:bf:f7:f8:92:be:
93:61:c0:32:48:0e:40:cd:ec:56:d5:cb:72:b1:bf:9f:0a:b4:
a0:a7:2e:6f:9b:32:b5:28:14:81:e5:5b:35:63:57:68:9a:73:
a7:9f:aa:e9:6a:e8:25:95:52:cb:f4:91:5f:ee:dd:25:96:52:
1a:f4:fd:36:8a:d4:25:2a:60:55:56:80:37:b8:cf:29:97:f8:
93:58:d1:60:6e:a8:65:b2:90:72:58:ba:22:b3:09:bc:23:f8:
04:e1:14:5d:48:17:77:e8:a7:dd:57:a3:38:5a:e2:46:8d:cb:
69:03:c4:3a:6b:4b:da:c6:95:00:6b:63:59:3c:85:2a:9e:b1:
63:a9:d8:05:44:47:17:e6:e7:8d:fa:ca:72:2b:c3:ad:c7:3e:
81:b7:30:00
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
REI5OTExMC8GA1UEBRMoRTk4NjEyRUVFQTRBRTcwRDFGQjVCNjUyNEI5NjlENDc0
MkRDRTgxMDAeFw0yMzEyMjAxMjA2NTBaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ODJkOGQ5LTNiM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKmqezydhokl5MVeSxdeGFIxnxpgB3q9IYlFLqto1SnzUTTbWf0ZxoskJIw3Cd
0KMVrK1a0fGL1wqELhiQioz9YSndz0HZ5XMEf5x8yDBi0pS+fXQoA2QGhXs3g+fG
1FZvAbPmw60HmUnucRio4Z6klqCX3AFXxkmbu3fSU+vQzAm1YpZCNTyvOjVkSbPM
QUIMO8cCLXsfjM5NZUKDBEDBaOehzymHHDPISI66RCk84fwiS3YKkKH0V6WITGRD
C/+fz2Td+RvsdLpDY2kxHh9xcoYa0q7JrRozcBlHJImf4DMsTOzHPkquzVZVS8/h
rGSyCSLGVEH8ksxcofDFdPDXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwJXepcPk
Y458s3UIivMRk6sKCWAwHwYDVR0jBBgwFoAU6YYS7upK5w0ftbZSS5adR0Lc6BAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJEQjk5L0JDNjU5QkM2MzFC
NDExRUVCNTUxRjIxMUM0RjlBRTAyLzZZWVM3dXBLNXcwZnRiWlNTNWFkUjBMYzZC
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNllZUzd1cEs1dzBmdGJaU1M1YWRSMExjNkJBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
REI5OS9CQzY1OUJDNjMxQjQxMUVFQjU1MUYyMTFDNEY5QUUwMi80MTJEQzc1QTlG
MzAxMUVFQTJEMjc3NTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWf2QDANBgkqhkiG9w0BAQsFAAOCAQEAdyU8x3t9tVUPDJGk
3EH01gj7zbVjnziYiG3XtEwlPOQHHEDFHZGpJWPuATXLkdD+QmuWhUqX0wUqmVeq
2uebXbFV1NYZug8tULyPwFCvdhjXWHPMLLIieJorPZQIJy035IPzCx+P1L/3+JK+
k2HAMkgOQM3sVtXLcrG/nwq0oKcub5sytSgUgeVbNWNXaJpzp5+q6WroJZVSy/SR
X+7dJZZSGvT9NorUJSpgVVaAN7jPKZf4k1jRYG6oZbKQcli6IrMJvCP4BOEUXUgX
d+in3VejOFriRo3LaQPEOmtL2saVAGtjWTyFKp6xY6nYBURHF+bnjfrKcivDrcc+
gbcwAA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:39 2025 by rpki-client