Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/13A3EAE47F1911EEBC65E853C4F9AE02.roa
File: 13A3EAE47F1911EEBC65E853C4F9AE02.roa (raw, json)
Hash identifier: yyfNMlsi8fYt8MO98mDGsYQhnZSffiIvChP+TxhFJAg=
Subject key identifier: F0:07:67:99:45:55:6B:2B:61:38:86:DF:55:A3:5B:69:1F:7E:A8:C3
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 08CE
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/13A3EAE47F1911EEBC65E853C4F9AE02.roa
Signing time: Thu 09 Nov 2023 16:00:18 +0000
ROA not before: Thu 09 Nov 2023 16:00:18 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 132165
IP address blocks: 43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2254 (0x8ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Nov 9 16:00:18 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=654d0211-c36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:61:f3:e3:9e:72:86:96:da:b8:27:e5:75:
e2:18:a6:5b:55:f5:90:88:0b:c2:57:e1:0f:5b:a7:
3d:7d:d2:48:87:bf:c8:9c:66:cc:91:a1:43:37:86:
0a:cb:9b:23:64:75:97:a0:07:93:f6:b4:f6:75:1b:
e5:ee:25:b4:3e:14:0f:45:ef:9f:55:b9:4f:d5:ef:
61:d9:aa:36:ab:6f:29:f1:3b:cd:44:19:a5:ea:73:
9f:ae:68:5b:f9:de:2f:90:f8:ad:d0:c5:c1:13:cd:
d6:1f:e4:18:82:50:b1:c7:14:33:39:c9:74:75:56:
a6:bd:a4:ab:ff:e1:be:9d:07:e2:24:94:1f:66:8e:
ae:69:d5:07:21:85:f6:0c:d8:47:4d:24:df:b6:df:
1a:cf:fe:0f:37:50:df:0d:3e:61:a7:70:8d:ba:77:
00:80:7d:d6:63:e4:41:17:67:79:1e:de:48:88:e7:
d8:44:ed:aa:f7:97:85:6a:07:5a:ec:5c:42:18:b1:
1d:43:6b:dc:77:9d:c4:ba:c2:4a:a8:c6:45:a5:52:
41:52:39:d4:aa:79:72:06:21:e5:65:52:a7:7f:4f:
86:25:c2:3b:7d:36:45:55:74:2e:42:6c:40:2d:64:
85:2e:21:97:b6:cf:36:65:01:5f:9c:8b:e3:dc:18:
93:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:07:67:99:45:55:6B:2B:61:38:86:DF:55:A3:5B:69:1F:7E:A8:C3
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/13A3EAE47F1911EEBC65E853C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.120.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:b5:09:86:42:2c:db:b2:fe:62:6d:40:7c:14:66:9a:69:e3:
f9:55:fd:60:c4:9b:9d:a5:f7:81:21:2d:fa:68:6f:34:47:05:
dc:38:e6:ef:fb:f7:f7:f0:f6:4c:86:9f:32:90:64:30:bb:b6:
39:35:61:14:dd:e2:9c:b8:67:b1:20:40:ee:f0:07:57:3c:ae:
e9:ce:05:c1:5f:a8:a8:ac:e0:c7:d3:8c:1e:26:a1:87:fc:08:
b1:ba:62:88:d6:f0:b9:d3:57:4f:09:89:e6:0f:22:e2:22:67:
a8:6c:51:2e:ef:7e:c7:6c:1d:1c:c5:cc:ae:ba:fa:e2:34:02:
bd:5d:5d:ce:45:4b:89:e0:c5:3f:75:42:6d:4f:15:6c:8f:66:
d7:8a:ea:a2:99:02:c1:a6:cd:1f:a9:07:81:a5:72:98:ee:ae:
01:d5:f3:d5:aa:75:f3:44:41:43:cb:20:92:9b:83:41:62:fd:
a8:74:11:48:29:29:57:d7:a9:14:71:11:ff:3a:22:2f:d5:71:
26:83:d9:12:b5:04:16:33:97:82:83:67:ec:58:34:67:46:68:
a4:07:ef:0f:ba:a7:5a:0f:42:6e:14:30:b7:40:01:36:77:2d:
ff:2b:55:29:3b:f2:b6:ea:b7:00:16:43:84:29:5a:54:19:e1:
6f:17:5a:b8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjMxMTA5MTYwMDE4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRkMDIxMS1jMzZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo5lh8+OecoaW2rgn5XXiGKZbVfWQiAvCV+EPW6c9fdJIh7/InGbMkaFDN4YK
y5sjZHWXoAeT9rT2dRvl7iW0PhQPRe+fVblP1e9h2ao2q28p8TvNRBml6nOfrmhb
+d4vkPit0MXBE83WH+QYglCxxxQzOcl0dVamvaSr/+G+nQfiJJQfZo6uadUHIYX2
DNhHTSTftt8az/4PN1DfDT5hp3CNuncAgH3WY+RBF2d5Ht5IiOfYRO2q95eFagda
7FxCGLEdQ2vcd53EusJKqMZFpVJBUjnUqnlyBiHlZVKnf0+GJcI7fTZFVXQuQmxA
LWSFLiGXts82ZQFfnIvj3BiTAwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPAHZ5lF
VWsrYTiG31WjW2kffqjDMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMTNBM0VBRTQ3
RjE5MTFFRUJDNjVFODUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr93gwDQYJKoZIhvcNAQELBQADggEBALy1CYZCLNuy/mJt
QHwUZppp4/lV/WDEm52l94EhLfpobzRHBdw45u/79/fw9kyGnzKQZDC7tjk1YRTd
4py4Z7EgQO7wB1c8runOBcFfqKis4MfTjB4moYf8CLG6YojW8LnTV08JieYPIuIi
Z6hsUS7vfsdsHRzFzK66+uI0Ar1dXc5FS4ngxT91Qm1PFWyPZteK6qKZAsGmzR+p
B4GlcpjurgHV89WqdfNEQUPLIJKbg0Fi/ah0EUgpKVfXqRRxEf86Ii/VcSaD2RK1
BBYzl4KDZ+xYNGdGaKQH7w+6p1oPQm4UMLdAATZ3Lf8rVSk78rbqtwAWQ4QpWlQZ
4W8XWrg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:06 2025 by rpki-client