Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/36046172FD7211EEA5E7465CC4F9AE02.roa
File: 36046172FD7211EEA5E7465CC4F9AE02.roa (raw, json)
Hash identifier: SLC0g5tVoV0o+eW1xTQD5WkEATXne9CFYfb9LHo3U9I=
Subject key identifier: 4C:48:C2:EB:E7:4F:61:3B:6B:DA:FB:0C:FA:D5:6A:C5:5E:9C:39:1A
Certificate issuer: /CN=A912DC44/serialNumber=A6421FE13D8C93A7BDDFF8B53719B5808748D0DF
Certificate serial: 0CF1
Authority key identifier: A6:42:1F:E1:3D:8C:93:A7:BD:DF:F8:B5:37:19:B5:80:87:48:D0:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/36046172FD7211EEA5E7465CC4F9AE02.roa
Signing time: Wed 25 Dec 2024 12:29:09 +0000
ROA not before: Wed 25 Dec 2024 12:29:09 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 150748
IP address blocks: 103.89.26.0/24 maxlen: 24
103.127.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3313 (0xcf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912DC44, serialNumber=A6421FE13D8C93A7BDDFF8B53719B5808748D0DF
Validity
Not Before: Dec 25 12:29:09 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=676bfa95-66b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4c:59:4b:2d:a1:ff:f6:a4:9f:94:23:3d:4f:
8f:9a:a1:7a:5f:aa:81:08:84:2f:eb:47:1c:ea:b5:
f0:ca:26:e9:69:f9:12:e3:4e:f5:2c:7b:d4:0d:94:
5e:8f:5a:ed:d8:52:eb:77:bd:d3:d3:08:9e:3a:1e:
08:a6:fb:ee:71:8b:54:41:27:b3:d9:34:5e:33:30:
b0:d8:85:7b:d1:fa:6b:36:77:6d:94:e5:17:fa:e4:
24:3d:fa:f7:27:50:74:57:92:bb:3a:de:38:0f:fd:
84:3a:18:45:cd:9a:f3:a7:9d:48:ac:f2:e7:56:d5:
cd:29:41:1c:ac:63:d0:dd:de:af:08:f3:bf:d4:8f:
0c:19:14:7b:10:45:b7:e5:f8:d7:a3:09:09:0d:4d:
fb:41:1a:2d:3e:cf:0d:5e:d1:20:dc:a2:78:f0:0f:
bf:a3:6e:ae:b7:73:8e:44:36:92:a3:8d:b5:8d:15:
3f:0b:05:cd:f0:6c:84:f6:e4:69:c7:d9:61:86:0c:
bc:59:bf:f8:7e:76:64:79:d1:83:87:ac:b1:a0:47:
02:a1:91:80:03:91:9e:43:49:76:9d:b7:fe:8e:95:
3b:d1:4e:10:ec:ea:6e:8d:bb:36:68:ac:f8:c3:b3:
d9:ce:69:40:6a:b1:2f:97:2b:82:f9:73:fe:a7:42:
a2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:48:C2:EB:E7:4F:61:3B:6B:DA:FB:0C:FA:D5:6A:C5:5E:9C:39:1A
X509v3 Authority Key Identifier:
keyid:A6:42:1F:E1:3D:8C:93:A7:BD:DF:F8:B5:37:19:B5:80:87:48:D0:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/36046172FD7211EEA5E7465CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.89.26.0/24
103.127.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:25:7e:34:d0:95:2d:79:31:22:33:e0:2e:37:97:7a:fb:50:
34:2e:2a:f5:ee:5e:33:85:a6:fd:ab:e9:a3:08:11:60:54:28:
48:2f:ab:a8:40:06:b0:bc:37:f3:00:56:b0:60:b8:d3:1f:84:
0f:4a:fb:e8:3c:ac:86:2e:bf:25:df:0d:a2:13:8e:41:d2:a4:
58:a8:39:50:74:2f:2e:21:ed:28:27:35:8c:ed:ec:7a:03:40:
44:e4:37:25:90:7a:13:e0:12:73:a1:54:84:99:c9:31:90:9f:
f2:b1:d2:d7:12:b4:71:c5:f5:31:3b:d2:42:71:53:98:8b:12:
61:f6:50:70:78:0f:49:27:1a:0e:6c:d0:4c:af:da:f6:51:61:
fd:29:15:65:23:49:47:87:e9:34:b5:2c:b7:fc:e4:87:ea:db:
4f:ff:76:2c:0e:50:0c:60:58:72:cf:56:a0:76:95:58:fc:49:
7e:14:00:54:13:d1:dd:e3:a2:b3:11:90:ae:fb:09:d9:07:4c:
9a:f0:96:e5:01:65:a1:a1:6c:08:2d:25:2c:10:c9:55:7c:b8:
67:6b:7f:eb:0b:2e:7f:57:eb:03:8d:8e:97:ce:6d:7b:ed:ff:
37:39:31:9a:b4:87:ae:c2:03:3b:49:ec:b3:24:da:8e:a0:af:
24:42:ce:c8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkRDNDQxMTAvBgNVBAUTKEE2NDIxRkUxM0Q4QzkzQTdCRERGRjhCNTM3MTlCNTgw
ODc0OEQwREYwHhcNMjQxMjI1MTIyOTA5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiZmE5NS02NmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvkxZSy2h//akn5QjPU+PmqF6X6qBCIQv60cc6rXwyibpafkS4071LHvUDZRe
j1rt2FLrd73T0wieOh4IpvvucYtUQSez2TReMzCw2IV70fprNndtlOUX+uQkPfr3
J1B0V5K7Ot44D/2EOhhFzZrzp51IrPLnVtXNKUEcrGPQ3d6vCPO/1I8MGRR7EEW3
5fjXowkJDU37QRotPs8NXtEg3KJ48A+/o26ut3OORDaSo421jRU/CwXN8GyE9uRp
x9lhhgy8Wb/4fnZkedGDh6yxoEcCoZGAA5GeQ0l2nbf+jpU70U4Q7Opujbs2aKz4
w7PZzmlAarEvlyuC+XP+p0KigQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFExIwuvn
T2E7a9r7DPrVasVenDkaMB8GA1UdIwQYMBaAFKZCH+E9jJOnvd/4tTcZtYCHSNDf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREM0NC8yOUI2QkVEQUU0
RkMxMUU5QjEzQjQ4NjBDNEY5QUUwMi9wa0lmNFQyTWs2ZTkzX2kxTnhtMWdJZEkw
TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BrSWY0VDJNazZlOTNfaTFOeG0xZ0lkSTBOOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkRDNDQvMjlCNkJFREFFNEZDMTFFOUIxM0I0ODYwQzRGOUFFMDIvMzYwNDYxNzJG
RDcyMTFFRUE1RTc0NjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnWRoDBAJnfzgwDQYJKoZIhvcNAQELBQADggEBAD4lfjTQ
lS15MSIz4C43l3r7UDQuKvXuXjOFpv2r6aMIEWBUKEgvq6hABrC8N/MAVrBguNMf
hA9K++g8rIYuvyXfDaITjkHSpFioOVB0Ly4h7SgnNYzt7HoDQETkNyWQehPgEnOh
VISZyTGQn/Kx0tcStHHF9TE70kJxU5iLEmH2UHB4D0knGg5s0Eyv2vZRYf0pFWUj
SUeH6TS1LLf85Ifq20//diwOUAxgWHLPVqB2lVj8SX4UAFQT0d3jorMRkK77CdkH
TJrwluUBZaGhbAgtJSwQyVV8uGdrf+sLLn9X6wONjpfObXvt/zc5MZq0h67CAztJ
7LMk2o6gryRCzsg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:19:52 2025 by rpki-client