Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/382D82CC7F5B11ECA27EA93CC4F9AE02.roa
File: 382D82CC7F5B11ECA27EA93CC4F9AE02.roa (raw, json)
Hash identifier: 1BEzMUm2CXNuK72FKuZRRrNend6TmYWPLdV4FhiwaGw=
Subject key identifier: D8:BF:B7:68:7A:A8:DD:CB:AD:8B:DA:88:9B:37:C6:81:62:95:3C:2F
Certificate issuer: /CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7
Certificate serial: 73
Authority key identifier: 3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/382D82CC7F5B11ECA27EA93CC4F9AE02.roa
Signing time: Fri 28 Jan 2022 17:22:47 +0000
ROA not before: Fri 28 Jan 2022 17:22:47 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 141677
IP address blocks: 103.177.248.0/24 maxlen: 24
103.177.249.0/24 maxlen: 24
2400:3e20:2000::/36 maxlen: 36
2400:3e20:e000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115 (0x73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170E11
Validity
Not Before: Jan 28 17:22:47 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61f42667-2189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f0:e5:6b:51:c3:d0:4a:01:e4:0c:d1:71:3d:
ec:0b:d7:89:8d:5e:20:4e:a8:a0:30:d8:94:98:58:
17:dd:5c:f3:6c:2e:0b:6f:ce:e9:af:69:61:a6:fc:
9f:77:12:1c:7e:06:14:00:6d:31:e2:60:00:31:d3:
3f:08:e7:05:86:28:33:39:87:1a:41:d3:ff:31:3e:
da:da:f5:a2:7e:d0:79:fd:6e:3c:2b:a1:0a:2f:ba:
d9:5b:be:3c:8b:6a:20:d6:e8:0c:b0:15:38:05:15:
bb:b5:36:fb:cc:56:cc:f2:8f:d8:6e:36:dd:36:f4:
87:55:e3:58:43:76:28:b3:e9:23:09:58:10:2d:33:
99:4e:b6:76:2d:3e:26:42:d0:08:51:83:16:f5:f5:
f6:21:b5:76:27:5a:9b:4b:a0:fa:dc:2f:b4:11:83:
65:71:c0:56:51:ad:f1:cf:d9:d2:01:d7:17:c9:02:
15:bc:eb:18:e7:e4:62:b1:c4:3a:0b:d8:bf:69:e0:
f6:0b:d7:e4:1c:25:ae:93:d0:9c:cf:bf:6f:07:be:
51:f9:e2:d9:9a:c7:9a:80:8a:c4:a8:9b:0d:70:97:
ad:f9:c7:e1:60:54:fc:18:86:74:3d:1f:9d:e6:7f:
8e:5b:5d:3a:bf:b7:f1:30:8e:9c:e0:03:e4:ea:a1:
ac:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BF:B7:68:7A:A8:DD:CB:AD:8B:DA:88:9B:37:C6:81:62:95:3C:2F
X509v3 Authority Key Identifier:
keyid:3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/382D82CC7F5B11ECA27EA93CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.248.0/23
IPv6:
2400:3e20:2000::/36
2400:3e20:e000::/36
Signature Algorithm: sha256WithRSAEncryption
64:6d:66:04:07:15:c0:b4:e5:e1:c3:0c:60:e5:17:e4:a4:2e:
76:70:34:7e:88:f0:f8:d2:00:18:e3:07:3f:56:a9:89:2e:57:
b1:89:6b:ad:c1:1d:8c:6c:c2:f4:7d:91:4e:fe:a0:49:45:30:
80:cc:6e:18:03:b0:11:16:d3:24:65:c2:91:8b:b8:ce:13:fb:
a9:fd:f5:07:f6:b2:01:e9:e6:ec:23:03:7f:5f:da:5e:ee:fa:
92:88:11:07:c4:5b:74:8a:76:54:e2:d7:29:91:73:0a:0c:2e:
04:55:9a:21:9e:d0:53:98:07:bd:37:42:66:5d:b7:cb:39:49:
d6:34:b9:30:7f:f5:a2:90:cc:f8:76:6a:35:c9:4f:73:8d:cb:
fa:c7:bf:46:11:d6:43:48:5b:d9:3d:a7:5d:f2:b6:cb:7f:2f:
2c:e3:7c:d7:ae:99:ca:ef:82:e2:81:b0:ac:58:43:b8:eb:9c:
04:2f:60:0a:20:8e:0e:4a:b8:bf:08:51:1d:2b:ca:68:05:24:
1e:a5:6b:a8:08:e9:9f:c9:29:25:63:71:81:42:02:a7:42:67:
58:db:e0:ac:57:32:7f:57:2d:9a:2c:23:63:65:0c:47:0a:39:
72:0a:ca:58:d6:67:4d:28:58:8f:cf:19:72:8a:f3:13:0e:5b:
01:0f:42:39
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBczANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MEUxMTExMC8GA1UEBRMoM0Q2NDQ3RDcyOTc0ODMyOTRFQ0VDQjg1M0E1RTUwMDkz
NUQxQjhENzAeFw0yMjAxMjgxNzIyNDdaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxZjQyNjY3LTIxODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDh8OVrUcPQSgHkDNFxPewL14mNXiBOqKAw2JSYWBfdXPNsLgtvzumvaWGm/J93
Ehx+BhQAbTHiYAAx0z8I5wWGKDM5hxpB0/8xPtra9aJ+0Hn9bjwroQovutlbvjyL
aiDW6AywFTgFFbu1NvvMVszyj9huNt029IdV41hDdiiz6SMJWBAtM5lOtnYtPiZC
0AhRgxb19fYhtXYnWptLoPrcL7QRg2VxwFZRrfHP2dIB1xfJAhW86xjn5GKxxDoL
2L9p4PYL1+QcJa6T0JzPv28HvlH54tmax5qAisSomw1wl635x+FgVPwYhnQ9H53m
f45bXTq/t/EwjpzgA+Tqoaz9AgMBAAGjggKtMIICqTAdBgNVHQ4EFgQU2L+3aHqo
3cuti9qImzfGgWKVPC8wHwYDVR0jBBgwFoAUPWRH1yl0gylOzsuFOl5QCTXRuNcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRTExL0QwNjBDOUIyNUJE
NjExRUNBRDgzMzY1MUM0RjlBRTAyL1BXUkgxeWwwZ3lsT3pzdUZPbDVRQ1RYUnVO
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUFdSSDF5bDBneWxPenN1Rk9sNVFDVFhSdU5jLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEUxMS9EMDYwQzlCMjVCRDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi8zODJEODJDQzdG
NUIxMUVDQTI3RUE5M0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwDAQCAAEwBgMEAWex+DAWBAIAAjAQAwYEJAA+ICADBgQkAD4g4DANBgkqhkiG
9w0BAQsFAAOCAQEAZG1mBAcVwLTl4cMMYOUX5KQudnA0fojw+NIAGOMHP1apiS5X
sYlrrcEdjGzC9H2RTv6gSUUwgMxuGAOwERbTJGXCkYu4zhP7qf31B/ayAenm7CMD
f1/aXu76kogRB8RbdIp2VOLXKZFzCgwuBFWaIZ7QU5gHvTdCZl23yzlJ1jS5MH/1
opDM+HZqNclPc43L+se/RhHWQ0hb2T2nXfK2y38vLON8166Zyu+C4oGwrFhDuOuc
BC9gCiCODkq4vwhRHSvKaAUkHqVrqAjpn8kpJWNxgUICp0JnWNvgrFcyf1ctmiwj
Y2UMRwo5cgrKWNZnTShYj88ZcorzEw5bAQ9COQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:46 2025 by rpki-client