Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/8BCE39D290E311ECA1AA751AC4F9AE02.roa
File: 8BCE39D290E311ECA1AA751AC4F9AE02.roa (raw, json)
Hash identifier: Ys7nelc49RVWZDBzaeAl+GsbJHqW5SDbfd+vg5e5y40=
Subject key identifier: 82:85:45:30:6D:9D:EA:76:35:D6:97:96:9A:65:B2:72:8A:7A:A6:13
Certificate issuer: /CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7
Certificate serial: A0
Authority key identifier: 3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/8BCE39D290E311ECA1AA751AC4F9AE02.roa
Signing time: Fri 18 Feb 2022 17:52:32 +0000
ROA not before: Fri 18 Feb 2022 17:52:32 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 141677
IP address blocks: 103.177.248.0/24 maxlen: 24
103.177.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160 (0xa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170E11
Validity
Not Before: Feb 18 17:52:32 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=620fdce0-1b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f7:63:ce:1d:a5:ab:39:30:f4:f1:43:7e:66:
41:f8:c5:74:fe:5b:9a:0c:7a:0e:48:b8:91:68:d9:
96:c2:f3:63:63:0f:d5:38:44:24:bd:d0:bb:bd:7e:
15:26:22:8a:66:d9:6b:02:32:1e:08:a0:0c:6e:29:
e8:35:8a:28:6f:62:d1:03:58:20:77:36:75:0b:3a:
27:42:75:1a:7a:88:3c:49:c5:29:e7:7c:0b:d2:3d:
72:87:6e:c8:47:f2:fa:23:a5:56:d3:ab:b6:11:86:
c3:49:da:32:05:4d:96:98:d0:b8:92:67:f5:5e:c2:
d9:8d:cb:73:a3:26:31:32:61:c8:d3:4d:70:96:71:
b7:90:b0:65:c6:6f:5c:8e:9d:3b:a0:df:02:80:9b:
91:c4:c1:dc:e0:ea:78:53:0d:58:8f:bf:62:15:10:
d8:8a:d6:1d:5f:95:0b:d1:c9:39:ad:fd:69:05:7d:
e1:a8:7e:ad:68:d0:39:64:2d:38:e7:14:38:63:b3:
44:34:39:d7:48:26:62:f9:34:3e:ec:1f:83:dc:73:
aa:ec:fc:1f:ea:6b:a8:79:6b:1a:e2:a4:18:00:1c:
24:8c:92:c0:46:dc:d6:4e:6e:88:66:ce:b1:39:a1:
3c:3e:b8:44:07:d5:ce:cc:01:bc:88:bf:7e:0f:91:
ac:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:85:45:30:6D:9D:EA:76:35:D6:97:96:9A:65:B2:72:8A:7A:A6:13
X509v3 Authority Key Identifier:
keyid:3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/8BCE39D290E311ECA1AA751AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.248.0/23
Signature Algorithm: sha256WithRSAEncryption
99:50:fd:c3:8d:2e:28:ea:58:d2:8d:cd:fd:30:5f:3f:3f:5b:
0e:10:b9:3f:e8:a8:32:22:34:06:c3:cc:b9:1c:4c:2d:54:74:
a9:b2:b1:64:7c:c3:50:65:11:f6:f0:bd:6e:1e:a6:ea:2e:4a:
89:c7:6e:e5:8d:3a:56:05:92:a1:e3:ca:ea:61:55:ef:a6:c6:
d1:f0:dd:b5:13:cd:28:32:e1:90:7f:76:33:49:1c:6e:fa:8b:
0c:4c:ef:95:90:83:aa:ab:28:91:a3:c6:ae:9e:35:53:de:74:
1b:c9:a7:65:12:3a:52:04:fb:9e:1e:54:c3:eb:60:1d:92:46:
42:55:15:39:b7:df:c9:e3:35:ac:aa:e7:59:54:46:1a:a0:5d:
63:cc:2c:c6:9c:f5:52:26:12:44:56:b1:59:fa:81:68:90:e8:
3d:44:8f:80:38:73:a1:a9:b8:7d:0a:a6:a7:31:a5:5b:60:49:
f3:0e:2d:a5:26:02:13:23:ef:25:eb:d9:94:27:aa:27:49:9e:
35:29:e7:cf:85:cb:3a:84:dc:93:41:23:e2:5c:16:94:43:97:
e7:b6:5e:bd:56:ac:18:6c:6d:56:d7:b0:e9:ff:8d:e5:95:56:
32:fe:ad:8b:22:ce:9d:7c:2f:bc:4c:83:2f:23:e3:95:4d:f7:
7b:dd:9a:a3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBFMTExMTAvBgNVBAUTKDNENjQ0N0Q3Mjk3NDgzMjk0RUNFQ0I4NTNBNUU1MDA5
MzVEMUI4RDcwHhcNMjIwMjE4MTc1MjMyWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBmZGNlMC0xYjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt/djzh2lqzkw9PFDfmZB+MV0/luaDHoOSLiRaNmWwvNjYw/VOEQkvdC7vX4V
JiKKZtlrAjIeCKAMbinoNYoob2LRA1ggdzZ1CzonQnUaeog8ScUp53wL0j1yh27I
R/L6I6VW06u2EYbDSdoyBU2WmNC4kmf1XsLZjctzoyYxMmHI001wlnG3kLBlxm9c
jp07oN8CgJuRxMHc4Op4Uw1Yj79iFRDYitYdX5UL0ck5rf1pBX3hqH6taNA5ZC04
5xQ4Y7NENDnXSCZi+TQ+7B+D3HOq7Pwf6muoeWsa4qQYABwkjJLARtzWTm6IZs6x
OaE8PrhEB9XOzAG8iL9+D5GsowIDAQABo4IClTCCApEwHQYDVR0OBBYEFIKFRTBt
nep2NdaXlpplsnKKeqYTMB8GA1UdIwQYMBaAFD1kR9cpdIMpTs7LhTpeUAk10bjX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEUxMS9EMDYwQzlCMjVC
RDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi9QV1JIMXlsMGd5bE96c3VGT2w1UUNUWFJ1
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BXUkgxeWwwZ3lsT3pzdUZPbDVRQ1RYUnVOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzBFMTEvRDA2MEM5QjI1QkQ2MTFFQ0FEODMzNjUxQzRGOUFFMDIvOEJDRTM5RDI5
MEUzMTFFQ0ExQUE3NTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsfgwDQYJKoZIhvcNAQELBQADggEBAJlQ/cONLijqWNKN
zf0wXz8/Ww4QuT/oqDIiNAbDzLkcTC1UdKmysWR8w1BlEfbwvW4epuouSonHbuWN
OlYFkqHjyuphVe+mxtHw3bUTzSgy4ZB/djNJHG76iwxM75WQg6qrKJGjxq6eNVPe
dBvJp2USOlIE+54eVMPrYB2SRkJVFTm338njNayq51lURhqgXWPMLMac9VImEkRW
sVn6gWiQ6D1Ej4A4c6GpuH0KpqcxpVtgSfMOLaUmAhMj7yXr2ZQnqidJnjUp58+F
yzqE3JNBI+JcFpRDl+e2Xr1WrBhsbVbXsOn/jeWVVjL+rYsizp18L7xMgy8j45VN
93vdmqM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:32 2025 by rpki-client