Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/424ADB9AE93211EE987B1E6FC4F9AE02.roa
File: 424ADB9AE93211EE987B1E6FC4F9AE02.roa (raw, json)
Hash identifier: r4T3SWbmOz4ZAcNpF4r8NNwIqwQ7pFHwfrXu0EEyJPo=
Subject key identifier: 49:76:1C:D9:2A:66:1D:E0:09:2F:EA:02:40:E2:E2:4A:02:42:21:90
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0937
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/424ADB9AE93211EE987B1E6FC4F9AE02.roa
Signing time: Wed 27 Mar 2024 14:56:08 +0000
ROA not before: Wed 27 Mar 2024 14:56:08 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 141432
IP address blocks: 43.247.120.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2359 (0x937)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Mar 27 14:56:08 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66043387-4925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:63:4e:b5:00:9e:58:c4:b7:55:5c:1c:c1:31:
02:da:95:7d:9c:74:67:57:e2:84:e0:97:72:1c:74:
1d:98:11:95:62:70:9c:cf:fe:08:c4:4e:8b:b1:ff:
cf:83:68:6e:aa:53:00:cf:2a:04:b9:66:75:f0:4a:
09:a1:1a:59:24:09:f8:a6:ec:f6:06:ee:4c:b1:f7:
9f:b3:9e:f6:53:25:07:f1:9a:68:cc:5e:4d:96:3a:
f1:ff:2a:d6:27:76:64:19:f5:35:45:dc:32:8d:5d:
3b:9b:31:32:01:01:59:c4:5c:eb:1c:c3:98:b0:d0:
2c:c2:8d:92:81:1a:b2:80:41:d2:a1:68:1a:b7:40:
61:d4:08:9e:75:a7:14:8a:8e:62:2a:28:53:d5:44:
56:0c:2b:b1:6b:0e:3e:3f:a1:ba:78:c7:83:98:67:
cd:67:b8:83:ac:ed:26:c0:5e:1b:4d:bc:d4:25:3b:
cd:78:e4:d2:a6:52:64:7e:0b:18:6c:72:59:fb:a3:
66:98:de:a6:28:82:76:48:74:ae:df:8d:ef:07:3b:
7c:9d:57:96:34:31:f2:3e:bd:7c:05:93:65:fe:6b:
6f:b2:f0:79:8a:4b:02:5c:b3:cb:6a:2e:cd:98:58:
2a:66:e4:81:e2:67:f2:90:ef:81:d4:fc:27:f9:5b:
1b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:76:1C:D9:2A:66:1D:E0:09:2F:EA:02:40:E2:E2:4A:02:42:21:90
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/424ADB9AE93211EE987B1E6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.120.0/24
103.20.132.0-103.20.134.255
Signature Algorithm: sha256WithRSAEncryption
b7:73:73:05:aa:c3:a4:c3:8b:59:83:9f:13:4e:aa:95:1a:b2:
18:b9:21:a8:7d:c5:e8:d4:3a:ac:6d:bc:10:1e:72:28:c9:0f:
cd:f5:9e:9e:6d:47:1a:92:86:48:0f:b6:99:c8:2d:24:c3:39:
ec:8f:36:bc:3f:40:f3:12:67:42:37:c7:04:9f:b7:9f:33:b4:
6b:06:f2:cf:1c:3d:ed:7d:70:36:17:e9:ac:00:93:6e:73:c6:
4e:7e:66:f7:da:6d:e1:1d:f5:a7:ea:79:39:9d:b5:c2:ab:1b:
21:a2:ac:83:79:e3:69:0e:77:7f:d7:c0:04:84:21:87:5e:b1:
17:d9:56:5e:7a:1a:84:6f:23:8f:15:e1:19:94:f4:e9:e1:7d:
00:02:09:6f:ea:ea:3e:3d:4b:25:50:ae:bd:79:8e:12:6f:02:
91:c9:20:26:ce:56:5e:22:76:9a:d6:93:1b:10:3a:9d:e0:47:
be:1d:ab:c3:c9:97:de:ba:c3:79:6c:92:f7:4a:e7:7a:05:bd:
42:f7:94:09:b3:be:55:fd:c1:73:51:7d:5b:0e:d9:fa:5e:e3:
fa:b5:df:30:e0:7a:b1:70:8e:ee:ea:4d:6e:6c:71:d0:12:98:
4e:2a:7b:52:81:c6:dc:74:4d:94:a6:01:68:8b:4b:c5:94:9a:
f2:42:e1:1f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwMzI3MTQ1NjA4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA0MzM4Ny00OTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5WNOtQCeWMS3VVwcwTEC2pV9nHRnV+KE4JdyHHQdmBGVYnCcz/4IxE6Lsf/P
g2huqlMAzyoEuWZ18EoJoRpZJAn4puz2Bu5Msfefs572UyUH8ZpozF5Nljrx/yrW
J3ZkGfU1RdwyjV07mzEyAQFZxFzrHMOYsNAswo2SgRqygEHSoWgat0Bh1AiedacU
io5iKihT1URWDCuxaw4+P6G6eMeDmGfNZ7iDrO0mwF4bTbzUJTvNeOTSplJkfgsY
bHJZ+6NmmN6mKIJ2SHSu343vBzt8nVeWNDHyPr18BZNl/mtvsvB5iksCXLPLai7N
mFgqZuSB4mfykO+B1Pwn+Vsb1wIDAQABo4ICozCCAp8wHQYDVR0OBBYEFEl2HNkq
Zh3gCS/qAkDi4koCQiGQMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNDI0QURCOUFF
OTMyMTFFRTk4N0IxRTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAAr93gwDAMEAmcUhAMEAGcUhjANBgkqhkiG9w0BAQsFAAOC
AQEAt3NzBarDpMOLWYOfE06qlRqyGLkhqH3F6NQ6rG28EB5yKMkPzfWenm1HGpKG
SA+2mcgtJMM57I82vD9A8xJnQjfHBJ+3nzO0awbyzxw97X1wNhfprACTbnPGTn5m
99pt4R31p+p5OZ21wqsbIaKsg3njaQ53f9fABIQhh16xF9lWXnoahG8jjxXhGZT0
6eF9AAIJb+rqPj1LJVCuvXmOEm8CkckgJs5WXiJ2mtaTGxA6neBHvh2rw8mX3rrD
eWyS90rnegW9QveUCbO+Vf3Bc1F9Ww7Z+l7j+rXfMOB6sXCO7upNbmxx0BKYTip7
UoHG3HRNlKYBaItLxZSa8kLhHw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:01 2025 by rpki-client