Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D3C/127157F2056A11EEB8870013C4F9AE02/F6205C5A0C7C11EE82544D6DC4F9AE02.roa
File: F6205C5A0C7C11EE82544D6DC4F9AE02.roa (raw, json)
Hash identifier: s6/78/5jmKAT3053fSm4Bk3kXggk0/7bEq1McSjNz7Y=
Subject key identifier: 8C:CA:0D:A6:C6:5A:D3:79:68:22:46:D3:C8:7B:A5:D0:39:77:B2:DB
Certificate issuer: /CN=A9171D3C/serialNumber=4DEE0836FA0F7EE92C2E6A6C198016DE8CF8BF16
Certificate serial: 0E
Authority key identifier: 4D:EE:08:36:FA:0F:7E:E9:2C:2E:6A:6C:19:80:16:DE:8C:F8:BF:16
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Te4INvoPfuksLmpsGYAW3oz4vxY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171D3C/127157F2056A11EEB8870013C4F9AE02/F6205C5A0C7C11EE82544D6DC4F9AE02.roa
Signing time: Fri 23 Jun 2023 18:34:42 +0000
ROA not before: Fri 23 Jun 2023 18:34:42 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151368
IP address blocks: 103.213.38.0/24 maxlen: 24
103.213.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171D3C
Validity
Not Before: Jun 23 18:34:42 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6495e5c2-9f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b0:3c:f5:e8:6d:0c:8c:5d:a9:40:04:5b:1a:
77:c1:29:40:4a:5e:b3:8e:c7:eb:c2:bc:c5:d5:d7:
9b:e2:be:70:74:5d:e0:95:92:73:07:4b:a9:32:21:
cc:a6:26:09:be:64:be:5e:a0:49:6f:ef:35:26:4e:
c3:2f:be:9a:dd:e8:63:8d:ff:4d:83:4c:40:e1:f1:
2f:10:a2:d5:1b:3d:66:68:80:4b:68:95:c2:3d:74:
58:d3:ba:51:26:c2:72:50:ec:6e:c4:a5:c7:94:57:
d1:26:bc:d6:99:ae:e8:72:cb:5c:72:07:f8:a2:22:
9b:0b:08:48:be:20:ec:01:2c:7b:04:8f:c9:48:81:
91:6b:a1:50:ce:89:f9:cf:cd:cb:81:cb:7c:90:c7:
ca:bd:96:51:b9:ed:52:51:8a:34:90:93:c3:3d:3b:
32:53:2c:73:1c:44:aa:6b:42:d0:6f:08:d8:68:e2:
1f:91:69:bb:30:55:52:36:d7:89:7d:9e:da:a5:4f:
24:61:f5:fe:5e:08:c5:88:6a:3d:02:6a:9d:78:65:
1b:d9:b6:4e:58:a1:71:67:83:3c:84:cc:c3:0a:ae:
9b:3f:f1:38:bd:40:82:b6:e5:37:0c:37:c4:41:d1:
89:a5:b4:af:98:6d:ff:f5:33:bc:3c:0b:1a:48:36:
e4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CA:0D:A6:C6:5A:D3:79:68:22:46:D3:C8:7B:A5:D0:39:77:B2:DB
X509v3 Authority Key Identifier:
keyid:4D:EE:08:36:FA:0F:7E:E9:2C:2E:6A:6C:19:80:16:DE:8C:F8:BF:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171D3C/127157F2056A11EEB8870013C4F9AE02/Te4INvoPfuksLmpsGYAW3oz4vxY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Te4INvoPfuksLmpsGYAW3oz4vxY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D3C/127157F2056A11EEB8870013C4F9AE02/F6205C5A0C7C11EE82544D6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.38.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:e0:1a:c8:50:92:7c:d2:c6:40:2c:c9:7f:16:db:1a:a4:cb:
9e:6b:f8:2c:f3:be:91:7f:94:3c:19:1f:84:80:b7:c0:68:ad:
39:17:09:a8:3e:4d:53:a8:e6:e0:9c:20:22:8f:37:26:a7:32:
40:7c:6f:45:02:79:6b:99:c8:6b:d9:5b:2b:d0:ec:b9:3f:27:
cc:5a:40:0b:b5:b9:86:03:9e:06:16:7d:9f:a7:a0:a0:ef:33:
46:5f:69:59:de:58:e7:a6:3b:f4:ce:8a:aa:ce:82:60:8f:c8:
06:91:95:d0:f8:5b:a3:9c:d6:62:b3:5f:f9:84:24:b8:6c:0d:
0d:83:9e:9c:95:24:5f:9a:35:ce:94:30:a5:33:0a:32:82:da:
07:01:ae:22:d5:df:82:5b:bd:9a:a3:f4:26:5a:e9:64:f1:e4:
5a:cb:9c:64:49:ee:a9:29:38:fc:3a:0a:a3:2c:a1:60:32:5a:
78:53:d5:0c:02:ef:c1:6b:f6:cf:85:33:1b:ec:1b:10:72:23:
17:7a:e2:b3:5f:f2:00:ae:fb:bd:a6:46:04:82:45:d1:52:4c:
c5:21:d6:0c:fe:0a:63:8d:b5:69:45:b4:db:ec:af:23:7d:79:
87:af:20:0a:2e:a1:0b:46:01:a6:3f:bb:53:8d:82:61:77:4f:
34:3e:83:34
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MUQzQzExMC8GA1UEBRMoNERFRTA4MzZGQTBGN0VFOTJDMkU2QTZDMTk4MDE2REU4
Q0Y4QkYxNjAeFw0yMzA2MjMxODM0NDJaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OTVlNWMyLTlmNmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNsDz16G0MjF2pQARbGnfBKUBKXrOOx+vCvMXV15vivnB0XeCVknMHS6kyIcym
Jgm+ZL5eoElv7zUmTsMvvprd6GON/02DTEDh8S8QotUbPWZogEtolcI9dFjTulEm
wnJQ7G7EpceUV9EmvNaZruhyy1xyB/iiIpsLCEi+IOwBLHsEj8lIgZFroVDOifnP
zcuBy3yQx8q9llG57VJRijSQk8M9OzJTLHMcRKprQtBvCNho4h+RabswVVI214l9
ntqlTyRh9f5eCMWIaj0Cap14ZRvZtk5YoXFngzyEzMMKrps/8Ti9QIK25TcMN8RB
0YmltK+Ybf/1M7w8CxpINuSjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUjMoNpsZa
03loIkbTyHul0Dl3stswHwYDVR0jBBgwFoAUTe4INvoPfuksLmpsGYAW3oz4vxYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcxRDNDLzEyNzE1N0YyMDU2
QTExRUVCODg3MDAxM0M0RjlBRTAyL1RlNElOdm9QZnVrc0xtcHNHWUFXM296NHZ4
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVGU0SU52b1BmdWtzTG1wc0dZQVczb3o0dnhZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MUQzQy8xMjcxNTdGMjA1NkExMUVFQjg4NzAwMTNDNEY5QUUwMi9GNjIwNUM1QTBD
N0MxMUVFODI1NDRENkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfVJjANBgkqhkiG9w0BAQsFAAOCAQEAa+AayFCSfNLGQCzJ
fxbbGqTLnmv4LPO+kX+UPBkfhIC3wGitORcJqD5NU6jm4JwgIo83JqcyQHxvRQJ5
a5nIa9lbK9DsuT8nzFpAC7W5hgOeBhZ9n6egoO8zRl9pWd5Y56Y79M6Kqs6CYI/I
BpGV0Phbo5zWYrNf+YQkuGwNDYOenJUkX5o1zpQwpTMKMoLaBwGuItXfglu9mqP0
JlrpZPHkWsucZEnuqSk4/DoKoyyhYDJaeFPVDALvwWv2z4UzG+wbEHIjF3ris1/y
AK77vaZGBIJF0VJMxSHWDP4KY421aUW02+yvI315h68gCi6hC0YBpj+7U42CYXdP
ND6DNA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:21:07 2025 by rpki-client