Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/FB493356FAD711EE9AAB7E47C4F9AE02.roa
File: FB493356FAD711EE9AAB7E47C4F9AE02.roa (raw, json)
Hash identifier: JJX2W4/vfzYSBoJInddVPOjCb3aKNz1VRIkPKpP2Ems=
Subject key identifier: 90:CA:A3:15:69:88:54:12:84:ED:6A:79:69:2A:D3:3B:7D:3C:AB:57
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0988
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/FB493356FAD711EE9AAB7E47C4F9AE02.roa
Signing time: Tue 28 May 2024 19:24:19 +0000
ROA not before: Tue 28 May 2024 19:24:19 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 133933
IP address blocks: 43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2440 (0x988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: May 28 19:24:19 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66562f63-4915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b7:54:b3:6a:25:72:8d:c4:c3:7c:70:e7:03:
3c:1e:df:45:4d:61:06:9b:c4:75:9d:08:ca:e7:75:
7f:92:f6:8e:5d:25:5e:1d:f4:a3:7a:36:61:b0:94:
24:2e:dc:ef:2c:65:d2:e1:b7:dc:bb:26:d3:8c:31:
3f:1c:a3:aa:f3:28:55:54:ee:e0:38:e5:4a:1c:6c:
a7:24:87:5c:fb:05:94:8d:ae:ff:23:3b:be:35:7b:
63:e6:29:5a:3b:49:6a:27:80:d2:1a:1f:8e:a5:26:
02:c5:64:85:d0:6e:4b:a6:3e:6d:26:83:9a:72:02:
74:07:b4:ac:f9:82:7a:3c:f2:59:5d:a1:15:60:93:
d0:70:b9:ec:84:29:1a:ef:5a:68:8a:f6:e9:e7:1c:
66:b7:1a:10:23:e7:cc:fa:14:90:f3:23:8a:26:28:
d0:dc:68:f6:19:3b:07:89:1e:54:58:ee:f2:fc:9a:
67:2d:0f:66:28:3d:4f:02:e8:83:39:27:64:a4:3e:
eb:68:21:a4:92:43:18:8d:cf:dd:b9:27:5d:88:a2:
93:80:c2:9d:96:18:da:74:43:98:b2:28:72:4a:06:
03:7b:20:fe:11:1c:4d:8a:da:af:e6:4b:50:83:4b:
f2:5f:e5:75:fe:19:e8:45:39:92:bc:ee:02:a0:b5:
4e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CA:A3:15:69:88:54:12:84:ED:6A:79:69:2A:D3:3B:7D:3C:AB:57
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/FB493356FAD711EE9AAB7E47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.121.0-43.247.123.255
103.20.134.0/23
Signature Algorithm: sha256WithRSAEncryption
06:35:0b:f4:d5:93:d7:f9:c4:cf:ed:53:a0:d7:52:96:c1:e7:
99:b0:71:2c:ae:a8:63:17:62:f9:80:9a:11:1b:ca:02:24:a4:
b1:49:8e:1b:49:88:56:8e:85:c6:08:ac:58:57:c2:29:86:b9:
0c:9d:28:69:f5:24:b5:4e:51:bf:0a:c1:4b:eb:41:97:4c:d5:
ba:ed:11:fc:67:95:cf:0b:df:f7:8e:83:17:c3:d7:c5:55:b3:
5d:b2:78:d1:cc:58:cc:fd:24:74:05:f0:eb:ce:74:34:7c:dc:
3c:a1:b9:f3:69:ea:e5:4f:30:b7:5b:a3:62:ef:ce:24:2a:64:
57:5c:90:1d:73:28:d7:06:fa:87:02:29:a4:91:f7:6a:43:fd:
31:22:f5:3c:69:87:8b:1c:ec:6a:bb:6c:d2:0a:dc:74:4b:62:
12:2c:f2:11:2c:76:53:8a:b6:be:b4:a7:cd:78:fb:eb:09:6f:
82:18:c1:3b:8b:7a:a2:3b:44:b3:70:be:06:ca:8b:9e:37:f9:
a1:81:8c:77:05:c8:c0:87:ca:91:1c:a2:60:fb:12:7c:e8:68:
64:8d:4c:94:36:fd:a3:e7:9a:c4:63:a0:b6:3c:3d:f0:d3:6e:
1a:f3:11:09:ef:50:e7:7e:93:68:54:fd:bc:f0:c4:78:86:05:
c1:7a:06:8a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNTI4MTkyNDE5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU2MmY2My00OTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo7dUs2olco3Ew3xw5wM8Ht9FTWEGm8R1nQjK53V/kvaOXSVeHfSjejZhsJQk
LtzvLGXS4bfcuybTjDE/HKOq8yhVVO7gOOVKHGynJIdc+wWUja7/Izu+NXtj5ila
O0lqJ4DSGh+OpSYCxWSF0G5Lpj5tJoOacgJ0B7Ss+YJ6PPJZXaEVYJPQcLnshCka
71poivbp5xxmtxoQI+fM+hSQ8yOKJijQ3Gj2GTsHiR5UWO7y/JpnLQ9mKD1PAuiD
OSdkpD7raCGkkkMYjc/duSddiKKTgMKdlhjadEOYsihySgYDeyD+ERxNitqv5ktQ
g0vyX+V1/hnoRTmSvO4CoLVOwQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFJDKoxVp
iFQShO1qeWkq0zt9PKtXMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRkI0OTMzNTZG
QUQ3MTFFRTlBQUI3RTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEACv3eQMEAiv3eAMEAWcUhjANBgkqhkiG9w0BAQsFAAOC
AQEABjUL9NWT1/nEz+1ToNdSlsHnmbBxLK6oYxdi+YCaERvKAiSksUmOG0mIVo6F
xgisWFfCKYa5DJ0oafUktU5RvwrBS+tBl0zVuu0R/GeVzwvf946DF8PXxVWzXbJ4
0cxYzP0kdAXw6850NHzcPKG582nq5U8wt1ujYu/OJCpkV1yQHXMo1wb6hwIppJH3
akP9MSL1PGmHixzsarts0grcdEtiEizyESx2U4q2vrSnzXj76wlvghjBO4t6ojtE
s3C+BsqLnjf5oYGMdwXIwIfKkRyiYPsSfOhoZI1MlDb9o+eaxGOgtjw98NNuGvMR
Ce9Q536TaFT9vPDEeIYFwXoGig==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:37 2025 by rpki-client