Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/38FD1EEEF5E511EEA5DAAB79C4F9AE02.roa
File: 38FD1EEEF5E511EEA5DAAB79C4F9AE02.roa (raw, json)
Hash identifier: ulDd/ng3PCzF0UiwPdRq321UfWc4gFAPX4ziL6nwazU=
Subject key identifier: B1:4C:C3:74:06:60:44:EE:ED:FA:E9:7D:07:E4:91:FF:FA:67:22:F3
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0954
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/38FD1EEEF5E511EEA5DAAB79C4F9AE02.roa
Signing time: Mon 08 Apr 2024 20:19:51 +0000
ROA not before: Mon 08 Apr 2024 20:19:51 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 133933
IP address blocks: 103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2388 (0x954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Apr 8 20:19:51 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66145166-ba22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:aa:c7:ff:79:05:73:fe:ab:12:f4:59:e1:cd:
af:51:c8:84:2e:db:4a:80:3f:8a:31:90:12:63:a0:
27:75:25:f5:86:96:11:fe:a2:33:3d:a5:1d:9b:91:
d4:88:51:9b:43:a2:c3:44:2e:d3:c3:ac:92:b4:01:
cb:ca:91:35:5f:19:68:44:d2:59:e0:d3:da:21:a3:
63:0a:e2:e1:6f:8d:a7:3f:1a:39:7b:3a:b2:93:0f:
50:de:23:ea:fc:30:2a:36:b1:e1:a4:2f:dd:7e:f8:
33:7d:d4:16:96:16:cb:6a:f3:5e:d7:f2:f2:b2:f0:
ca:48:20:f2:42:5b:74:97:4c:ce:2b:bb:70:b7:f0:
5b:b4:5b:0b:3d:6e:d6:82:cd:d4:ae:ae:bc:aa:c6:
e4:ab:c2:b4:a2:c2:c5:8e:53:ef:9e:4a:fd:1a:97:
15:22:37:4e:92:cc:ef:1e:81:8f:c4:4d:59:65:9c:
70:51:d6:05:cb:c9:b6:9f:6d:ab:43:77:8e:75:a5:
98:25:91:c2:e2:26:8a:69:20:1c:35:e2:4d:c0:65:
8f:df:80:87:4b:cb:87:34:04:b1:51:e7:ad:85:4a:
11:91:0a:d7:6c:bb:bb:5d:44:48:50:e6:65:14:7b:
75:c5:57:e1:33:98:25:16:bd:4f:73:49:cf:51:f3:
dd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4C:C3:74:06:60:44:EE:ED:FA:E9:7D:07:E4:91:FF:FA:67:22:F3
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/38FD1EEEF5E511EEA5DAAB79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.132.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:4d:df:58:d9:0e:6f:0f:bd:b4:35:72:40:ff:e5:70:55:96:
37:fc:ab:f7:ea:dc:cc:e1:06:12:0f:34:7b:2e:61:be:ae:c4:
a7:f7:94:5a:d2:81:74:4e:7a:89:1e:de:e5:14:b2:a8:2e:d1:
0f:9c:60:ac:05:88:84:aa:58:46:79:b2:71:22:b1:9b:6e:67:
16:b1:d4:be:01:a8:58:4f:a6:09:30:f8:f3:ea:34:7d:cf:a1:
15:9b:8f:68:93:ca:9e:b5:da:c1:77:fd:d3:28:9e:32:42:7d:
fc:50:f6:65:58:4e:d9:72:e1:c3:49:6d:30:e3:7e:68:da:55:
0f:33:10:43:51:a2:3f:63:bc:40:74:1b:a2:1f:15:99:49:53:
c7:0d:dd:ff:11:75:58:b7:b3:ae:e7:34:97:67:f7:51:2e:c6:
92:2c:18:df:e6:1f:c2:7f:59:b5:4b:ea:a4:75:d8:21:84:f8:
44:f9:e9:1c:ad:55:02:34:05:ff:f0:e2:93:93:49:76:42:a5:
d7:61:c8:f0:c6:bf:f4:f5:18:7a:73:21:c4:e9:f0:0a:9d:2e:
58:b2:2c:a8:33:e4:cc:71:7a:8b:9d:b6:85:3f:d3:94:dd:14:
45:84:a4:54:f0:b5:97:2c:f5:23:f1:09:74:09:56:52:30:6b:
53:41:47:b7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNDA4MjAxOTUxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE0NTE2Ni1iYTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA26rH/3kFc/6rEvRZ4c2vUciELttKgD+KMZASY6AndSX1hpYR/qIzPaUdm5HU
iFGbQ6LDRC7Tw6yStAHLypE1XxloRNJZ4NPaIaNjCuLhb42nPxo5ezqykw9Q3iPq
/DAqNrHhpC/dfvgzfdQWlhbLavNe1/LysvDKSCDyQlt0l0zOK7twt/BbtFsLPW7W
gs3Urq68qsbkq8K0osLFjlPvnkr9GpcVIjdOkszvHoGPxE1ZZZxwUdYFy8m2n22r
Q3eOdaWYJZHC4iaKaSAcNeJNwGWP34CHS8uHNASxUeethUoRkQrXbLu7XURIUOZl
FHt1xVfhM5glFr1Pc0nPUfPdmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLFMw3QG
YETu7frpfQfkkf/6ZyLzMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMzhGRDFFRUVG
NUU1MTFFRUE1REFBQjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnFIQwDQYJKoZIhvcNAQELBQADggEBAKFN31jZDm8PvbQ1
ckD/5XBVljf8q/fq3MzhBhIPNHsuYb6uxKf3lFrSgXROeoke3uUUsqgu0Q+cYKwF
iISqWEZ5snEisZtuZxax1L4BqFhPpgkw+PPqNH3PoRWbj2iTyp612sF3/dMonjJC
ffxQ9mVYTtly4cNJbTDjfmjaVQ8zEENRoj9jvEB0G6IfFZlJU8cN3f8RdVi3s67n
NJdn91EuxpIsGN/mH8J/WbVL6qR12CGE+ET56RytVQI0Bf/w4pOTSXZCpddhyPDG
v/T1GHpzIcTp8AqdLliyLKgz5MxxeoudtoU/05TdFEWEpFTwtZcs9SPxCXQJVlIw
a1NBR7c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:40 2025 by rpki-client