Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/BDA85A7E483011EC8A987F72C4F9AE02.roa
File: BDA85A7E483011EC8A987F72C4F9AE02.roa (raw, json)
Hash identifier: oJJ4NvJjLiO3HjVPAFzsu2aYO/IArz4LXUY5Fb179V4=
Subject key identifier: 14:F8:1A:82:59:38:91:06:CD:56:E4:09:9A:A3:9D:21:7C:75:22:F5
Certificate issuer: /CN=A918BBEF/serialNumber=2412876430E2ACF4A1A83E5A575C7F97AB2B3B2E
Certificate serial: 01B4
Authority key identifier: 24:12:87:64:30:E2:AC:F4:A1:A8:3E:5A:57:5C:7F:97:AB:2B:3B:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JBKHZDDirPShqD5aV1x_l6srOy4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/BDA85A7E483011EC8A987F72C4F9AE02.roa
Signing time: Thu 18 Nov 2021 05:31:12 +0000
ROA not before: Thu 18 Nov 2021 05:31:12 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 60798
IP address blocks: 103.97.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436 (0x1b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BBEF
Validity
Not Before: Nov 18 05:31:12 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6195e520-5303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:3e:98:ff:4d:35:1e:8f:07:37:67:74:5b:
9f:f3:69:2b:40:61:7e:11:df:fa:87:49:1c:e4:95:
de:97:55:b2:72:80:3b:62:9e:65:3f:19:68:5d:20:
98:12:17:bc:22:d9:6c:6c:37:33:37:9e:33:92:1d:
ce:30:97:bb:72:c8:08:be:de:5d:11:57:11:8c:58:
85:4a:d1:a0:0b:2f:e9:0c:0e:85:e1:4f:36:f9:4b:
b5:68:f7:61:ff:84:9a:4e:4f:c5:5a:ed:64:2e:24:
37:49:a8:2b:89:ef:56:c9:e0:39:94:39:7a:7d:b8:
b3:c8:d9:8b:a6:38:bb:56:1c:4d:bf:d2:5d:db:23:
0e:61:49:72:08:12:72:d7:cf:55:95:f1:27:ca:38:
05:c5:27:df:e6:30:15:eb:e9:81:64:02:c6:84:81:
ac:1f:62:67:74:ee:80:ff:9d:93:0e:44:7b:65:4c:
b5:92:e7:55:fa:4b:d7:fa:69:b7:4a:25:24:08:87:
a1:8c:1a:b1:e2:81:b4:68:84:f3:7c:53:c8:1f:09:
69:59:07:d3:e6:09:99:5e:2e:96:f5:6e:19:91:c7:
a3:71:e3:7a:de:fd:f0:0f:7c:ee:c6:d4:49:99:a5:
a7:8b:6e:f3:fa:7f:1e:17:37:46:e3:a8:df:4b:c2:
17:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F8:1A:82:59:38:91:06:CD:56:E4:09:9A:A3:9D:21:7C:75:22:F5
X509v3 Authority Key Identifier:
keyid:24:12:87:64:30:E2:AC:F4:A1:A8:3E:5A:57:5C:7F:97:AB:2B:3B:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/JBKHZDDirPShqD5aV1x_l6srOy4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JBKHZDDirPShqD5aV1x_l6srOy4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BBEF/F791C37EA04211EB85699E21C4F9AE02/BDA85A7E483011EC8A987F72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.35.0/24
Signature Algorithm: sha256WithRSAEncryption
72:3e:3b:8f:47:ef:eb:54:ab:a7:60:07:c5:35:43:db:f4:b4:
90:47:d2:28:eb:8d:ff:e6:3b:cf:29:77:9c:56:a7:e9:6b:04:
d6:23:b8:a1:bd:a5:c5:9c:a9:4b:e3:08:19:f0:ac:e6:1f:7e:
f9:30:72:12:7c:1f:d3:09:ca:cb:d5:c4:66:31:e2:18:77:c7:
a2:06:0d:d5:25:3d:e5:ff:60:e0:93:f7:f5:15:ff:8b:21:8c:
de:fa:bb:3d:56:bd:7d:b8:79:45:39:5f:c2:ec:2b:2c:a6:4b:
05:b1:dc:43:df:03:c6:d2:a7:52:14:df:35:90:a5:71:ec:3a:
30:6d:12:9d:e3:a0:5c:09:38:17:09:22:ef:76:6a:1a:2c:df:
8e:f3:0d:69:b4:ae:0b:dd:c6:5b:f3:ca:94:7d:59:3c:ec:75:
54:45:b0:bb:12:11:3f:41:f9:c0:c5:ee:51:f3:44:16:5c:0c:
f6:d1:7b:76:fa:da:61:5c:1b:13:38:b3:3a:78:cf:00:b4:6e:
6e:fa:5f:0d:ad:ac:11:37:26:0c:03:66:5f:3f:b0:23:4a:ac:
be:a3:a1:bc:e8:6e:03:4a:fa:b9:f1:5f:0c:a2:0f:f3:48:2c:
72:df:83:7b:81:ef:85:71:f8:29:d5:56:ff:fa:76:98:35:fb:
62:9c:01:86
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJCRUYxMTAvBgNVBAUTKDI0MTI4NzY0MzBFMkFDRjRBMUE4M0U1QTU3NUM3Rjk3
QUIyQjNCMkUwHhcNMjExMTE4MDUzMTEyWhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTk1ZTUyMC01MzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoKQ+mP9NNR6PBzdndFuf82krQGF+Ed/6h0kc5JXel1WycoA7Yp5lPxloXSCY
Ehe8ItlsbDczN54zkh3OMJe7csgIvt5dEVcRjFiFStGgCy/pDA6F4U82+Uu1aPdh
/4SaTk/FWu1kLiQ3Sagrie9WyeA5lDl6fbizyNmLpji7VhxNv9Jd2yMOYUlyCBJy
189VlfEnyjgFxSff5jAV6+mBZALGhIGsH2JndO6A/52TDkR7ZUy1kudV+kvX+mm3
SiUkCIehjBqx4oG0aITzfFPIHwlpWQfT5gmZXi6W9W4ZkcejceN63v3wD3zuxtRJ
maWni27z+n8eFzdG46jfS8IXHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBT4GoJZ
OJEGzVbkCZqjnSF8dSL1MB8GA1UdIwQYMBaAFCQSh2Qw4qz0oag+Wldcf5erKzsu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkJFRi9GNzkxQzM3RUEw
NDIxMUVCODU2OTlFMjFDNEY5QUUwMi9KQktIWkREaXJQU2hxRDVhVjF4X2w2c3JP
eTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pCS0haRERpclBTaHFENWFWMXhfbDZzck95NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJCRUYvRjc5MUMzN0VBMDQyMTFFQjg1Njk5RTIxQzRGOUFFMDIvQkRBODVBN0U0
ODMwMTFFQzhBOTg3RjcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnYSMwDQYJKoZIhvcNAQELBQADggEBAHI+O49H7+tUq6dg
B8U1Q9v0tJBH0ijrjf/mO88pd5xWp+lrBNYjuKG9pcWcqUvjCBnwrOYffvkwchJ8
H9MJysvVxGYx4hh3x6IGDdUlPeX/YOCT9/UV/4shjN76uz1WvX24eUU5X8LsKyym
SwWx3EPfA8bSp1IU3zWQpXHsOjBtEp3joFwJOBcJIu92ahos347zDWm0rgvdxlvz
ypR9WTzsdVRFsLsSET9B+cDF7lHzRBZcDPbRe3b62mFcGxM4szp4zwC0bm76Xw2t
rBE3JgwDZl8/sCNKrL6jobzobgNK+rnxXwyiD/NILHLfg3uB74Vx+CnVVv/6dpg1
+2KcAYY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:22 2025 by rpki-client