Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/3E6B01DC656A11EDA3AE912EC4F9AE02.roa
File: 3E6B01DC656A11EDA3AE912EC4F9AE02.roa (raw, json)
Hash identifier: j9RVp4PNODdHvPo+9NWRVNJXGjxkEmXeci3pvchvYF0=
Subject key identifier: C2:25:6E:29:E3:A7:94:DA:24:51:6A:85:8E:78:91:51:6D:F3:5C:A4
Certificate issuer: /CN=A918BBEF/serialNumber=2412876430E2ACF4A1A83E5A575C7F97AB2B3B2E
Certificate serial: 04D7
Authority key identifier: 24:12:87:64:30:E2:AC:F4:A1:A8:3E:5A:57:5C:7F:97:AB:2B:3B:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JBKHZDDirPShqD5aV1x_l6srOy4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/3E6B01DC656A11EDA3AE912EC4F9AE02.roa
Signing time: Wed 09 Aug 2023 00:01:02 +0000
ROA not before: Wed 09 Aug 2023 00:01:02 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 136897
IP address blocks: 103.97.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1239 (0x4d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BBEF
Validity
Not Before: Aug 9 00:01:02 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64d2d73e-7bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b0:ff:d0:a4:bf:62:bd:7d:3c:aa:29:25:8d:
35:99:05:70:e9:ec:2e:c1:52:02:55:8c:88:c5:ec:
17:a3:23:e2:49:4e:02:8d:55:97:1a:50:81:4f:32:
20:23:ba:b3:84:7b:89:26:2c:a7:e5:5f:45:11:3f:
f7:1d:97:74:ec:dc:7a:c4:d1:87:3d:9b:ad:8f:37:
74:4e:72:f0:80:0c:38:0c:3e:68:7f:8a:c1:c8:c2:
62:ac:13:f8:89:17:97:d5:55:c0:23:75:7b:c7:36:
f4:be:be:f1:e5:73:90:d3:b5:dc:14:f8:bf:d2:b1:
7f:7f:e3:6a:ad:21:b2:ac:42:0a:46:b2:21:f8:cd:
6e:f6:74:95:77:5a:a9:c1:85:87:21:6f:9f:86:81:
c0:de:82:e1:ce:ed:2a:4a:c5:39:71:c1:01:69:6f:
68:74:b2:84:dd:1c:1e:40:7a:dd:c0:14:c1:fd:ff:
22:e6:46:44:8f:8b:90:00:35:de:0f:f4:37:7e:ae:
cb:67:68:be:51:66:d2:70:a9:33:47:db:54:8b:e3:
9a:2c:67:89:9f:82:ca:e9:b6:6d:69:97:6e:e0:1b:
c3:85:f9:6d:26:a5:ee:b3:62:13:2a:31:5b:11:c4:
3e:fa:c8:b7:10:e8:00:12:74:f0:84:6b:dc:b7:00:
c4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:25:6E:29:E3:A7:94:DA:24:51:6A:85:8E:78:91:51:6D:F3:5C:A4
X509v3 Authority Key Identifier:
keyid:24:12:87:64:30:E2:AC:F4:A1:A8:3E:5A:57:5C:7F:97:AB:2B:3B:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/JBKHZDDirPShqD5aV1x_l6srOy4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JBKHZDDirPShqD5aV1x_l6srOy4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/3E6B01DC656A11EDA3AE912EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:06:1e:8a:62:d7:61:5d:36:e0:d5:7b:b6:fc:8f:fa:cc:13:
1f:b0:cb:90:9e:29:ed:ec:2b:d7:4c:56:32:42:98:5a:30:09:
c7:d3:1c:66:de:2d:42:9a:ce:c7:42:79:14:81:ed:de:5f:c2:
72:77:aa:5d:7b:fa:a1:78:10:09:12:7b:c7:c5:8a:75:65:b4:
a7:b3:3a:f2:9c:b4:44:ff:d5:05:ff:b6:e1:3d:43:55:f7:68:
20:20:98:d4:ca:71:38:6f:4a:49:b1:47:4a:c9:c6:cd:ca:0b:
ba:08:59:37:95:f3:97:9c:ad:60:6b:df:71:2f:39:6a:62:21:
f7:c1:f4:de:bf:bb:a2:b7:5f:6c:09:ed:f1:48:1b:d2:1b:dc:
d5:c2:ff:8e:7b:e8:ec:d0:44:d1:df:a6:e1:a6:01:c1:1e:3d:
c0:6e:38:16:99:94:62:15:8a:8a:20:b0:c1:3b:87:49:6a:03:
b3:1a:74:ef:50:81:c1:3b:93:9d:19:00:64:a4:4d:60:12:24:
2c:40:bb:1d:0a:49:bb:ab:e2:de:7a:f0:23:1e:53:8a:44:17:
ae:84:1d:48:06:0d:60:cc:f0:e0:91:09:7d:8c:70:ea:a8:6c:
3b:ac:5f:de:be:81:23:9a:58:70:7f:c3:1f:15:8e:64:62:75:
de:77:cf:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJCRUYxMTAvBgNVBAUTKDI0MTI4NzY0MzBFMkFDRjRBMUE4M0U1QTU3NUM3Rjk3
QUIyQjNCMkUwHhcNMjMwODA5MDAwMTAyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQyZDczZS03YmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxLD/0KS/Yr19PKopJY01mQVw6ewuwVICVYyIxewXoyPiSU4CjVWXGlCBTzIg
I7qzhHuJJiyn5V9FET/3HZd07Nx6xNGHPZutjzd0TnLwgAw4DD5of4rByMJirBP4
iReX1VXAI3V7xzb0vr7x5XOQ07XcFPi/0rF/f+NqrSGyrEIKRrIh+M1u9nSVd1qp
wYWHIW+fhoHA3oLhzu0qSsU5ccEBaW9odLKE3RweQHrdwBTB/f8i5kZEj4uQADXe
D/Q3fq7LZ2i+UWbScKkzR9tUi+OaLGeJn4LK6bZtaZdu4BvDhfltJqXus2ITKjFb
EcQ++si3EOgAEnTwhGvctwDEQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMIlbinj
p5TaJFFqhY54kVFt81ykMB8GA1UdIwQYMBaAFCQSh2Qw4qz0oag+Wldcf5erKzsu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkJFRi9GNzkxQzM3RUEw
NDIxMUVCODU2OTlFMjFDNEY5QUUwMi9KQktIWkREaXJQU2hxRDVhVjF4X2w2c3JP
eTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pCS0haRERpclBTaHFENWFWMXhfbDZzck95NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJCRUYvRjc5MUMzN0VBMDQyMTFFQjg1Njk5RTIxQzRGOUFFMDIvM0U2QjAxREM2
NTZBMTFFREEzQUU5MTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnYSAwDQYJKoZIhvcNAQELBQADggEBAH8GHopi12FdNuDV
e7b8j/rMEx+wy5CeKe3sK9dMVjJCmFowCcfTHGbeLUKazsdCeRSB7d5fwnJ3ql17
+qF4EAkSe8fFinVltKezOvKctET/1QX/tuE9Q1X3aCAgmNTKcThvSkmxR0rJxs3K
C7oIWTeV85ecrWBr33EvOWpiIffB9N6/u6K3X2wJ7fFIG9Ib3NXC/4576OzQRNHf
puGmAcEePcBuOBaZlGIVioogsME7h0lqA7MadO9QgcE7k50ZAGSkTWASJCxAux0K
Sbur4t568CMeU4pEF66EHUgGDWDM8OCRCX2McOqobDusX96+gSOaWHB/wx8VjmRi
dd53z/Q=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:51 2025 by rpki-client