Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9566159CD51111EC9720583FC4F9AE02.roa
File: 9566159CD51111EC9720583FC4F9AE02.roa (raw, json)
Hash identifier: R25GzoBe/flG2/nZSZEc3LfD8zXYVI3AqMWdKpE1/PY=
Subject key identifier: 51:8B:24:AC:1E:E1:FA:D2:E4:E2:51:77:05:28:40:A5:4E:B9:2E:42
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0878
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9566159CD51111EC9720583FC4F9AE02.roa
Signing time: Mon 31 Jul 2023 21:18:20 +0000
ROA not before: Mon 31 Jul 2023 21:18:20 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 149495
IP address blocks: 43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
2403:7980:f000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2168 (0x878)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Jul 31 21:18:20 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64c8251c-5b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:84:02:eb:d5:27:1c:6a:69:0b:5e:3a:a0:05:
fc:1e:b0:ad:dc:21:31:9a:9f:be:c4:3b:68:43:c8:
83:c2:c1:d7:55:9f:04:8e:c3:16:14:7c:bf:f2:38:
50:90:e4:cf:da:86:1a:f0:09:f6:c1:9c:0b:53:b3:
d5:43:1e:30:2a:be:dc:8c:aa:25:85:44:39:db:f7:
3e:f6:d4:e0:1a:d5:aa:b6:a4:73:92:b6:78:3e:8b:
4d:71:9c:e1:73:da:c0:75:80:ac:a7:2b:7d:2e:33:
63:ae:6c:0a:aa:c1:57:30:43:d9:79:74:06:8e:10:
cc:db:63:73:c4:6f:e1:33:a3:00:9c:42:a9:01:8b:
0f:e3:0d:d5:bb:22:47:cf:d0:1a:e1:5e:57:50:d7:
87:70:3b:58:6a:60:f8:0f:63:5c:b0:53:4f:1b:b4:
1d:71:1b:74:5e:fb:3d:7f:87:d5:6c:ab:7b:5c:38:
11:30:62:a7:54:1d:f3:de:ae:6d:29:93:70:e1:2b:
96:e0:bf:2e:19:06:f9:d1:a6:b8:b4:56:ac:d6:c6:
35:15:2b:34:0f:7b:1f:ce:b3:a7:e8:d8:09:00:e1:
4c:1c:11:49:6c:fa:ad:49:1e:0d:fa:b9:94:8e:53:
a9:b6:ca:b7:37:59:14:38:07:2e:48:67:c2:c5:1c:
0b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8B:24:AC:1E:E1:FA:D2:E4:E2:51:77:05:28:40:A5:4E:B9:2E:42
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9566159CD51111EC9720583FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.120.0/22
IPv6:
2403:7980:f000::/36
Signature Algorithm: sha256WithRSAEncryption
51:fb:99:8a:1c:9e:69:f5:74:5e:18:a9:68:1e:ea:49:7e:d6:
8b:e1:e7:5a:56:13:3f:c1:04:3d:57:99:3e:ad:73:51:94:79:
a1:3f:07:c8:d4:ac:7b:66:fa:ad:64:55:97:30:77:13:a0:e8:
29:2e:3f:93:d1:d8:38:44:0d:75:9e:81:b9:1e:a6:4c:e0:bd:
ff:8b:f2:15:63:8e:28:07:77:75:cf:51:34:8e:57:ff:91:27:
a3:9e:d9:1c:43:c9:03:c7:d9:69:ce:23:0c:7c:b8:48:d0:90:
15:cf:03:1a:5b:b1:51:e9:4a:62:e4:aa:33:e7:2e:25:64:f1:
d6:97:99:63:50:4c:b0:ad:96:b8:e3:1e:e5:23:01:0d:90:44:
d0:58:ed:45:24:a3:7a:ac:bc:33:8f:0c:b5:a9:ed:06:7b:54:
66:6f:96:94:58:d8:b1:68:ab:7a:ac:3d:ca:e8:b4:c0:62:b8:
e8:f8:11:f8:ca:b9:83:73:24:69:55:43:18:c5:54:71:55:7b:
c5:66:57:2e:1b:e1:1c:59:f8:40:34:c7:b5:5b:74:89:aa:77:
68:78:c2:78:57:b6:f2:bd:fe:fc:a3:1b:02:ea:5f:c5:7c:80:
ec:8d:c3:c3:e8:89:1f:f4:d3:f5:16:cf:53:aa:64:c2:b9:0d:
1d:3b:a8:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICCHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjMwNzMxMjExODIwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4MjUxYy01YjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYQC69UnHGppC146oAX8HrCt3CExmp++xDtoQ8iDwsHXVZ8EjsMWFHy/8jhQ
kOTP2oYa8An2wZwLU7PVQx4wKr7cjKolhUQ52/c+9tTgGtWqtqRzkrZ4PotNcZzh
c9rAdYCspyt9LjNjrmwKqsFXMEPZeXQGjhDM22NzxG/hM6MAnEKpAYsP4w3VuyJH
z9Aa4V5XUNeHcDtYamD4D2NcsFNPG7QdcRt0Xvs9f4fVbKt7XDgRMGKnVB3z3q5t
KZNw4SuW4L8uGQb50aa4tFas1sY1FSs0D3sfzrOn6NgJAOFMHBFJbPqtSR4N+rmU
jlOptsq3N1kUOAcuSGfCxRwLYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFGLJKwe
4frS5OJRdwUoQKVOuS5CMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvOTU2NjE1OUNE
NTExMTFFQzk3MjA1ODNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAIr93gwDgQCAAIwCAMGBCQDeYDwMA0GCSqGSIb3DQEBCwUA
A4IBAQBR+5mKHJ5p9XReGKloHupJftaL4edaVhM/wQQ9V5k+rXNRlHmhPwfI1Kx7
ZvqtZFWXMHcToOgpLj+T0dg4RA11noG5HqZM4L3/i/IVY44oB3d1z1E0jlf/kSej
ntkcQ8kDx9lpziMMfLhI0JAVzwMaW7FR6Upi5Koz5y4lZPHWl5ljUEywrZa44x7l
IwENkETQWO1FJKN6rLwzjwy1qe0Ge1Rmb5aUWNixaKt6rD3K6LTAYrjo+BH4yrmD
cyRpVUMYxVRxVXvFZlcuG+EcWfhANMe1W3SJqndoeMJ4V7byvf78oxsC6l/FfIDs
jcPD6Ikf9NP1Fs9TqmTCuQ0dO6iE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:34 2025 by rpki-client