Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/56B018D61EF511EFBC195A6FC4F9AE02.roa
File: 56B018D61EF511EFBC195A6FC4F9AE02.roa (raw, json)
Hash identifier: jH/MfZlAvlYuR+iKoZI+Fmro1Ar0VphUuZAwReewPwc=
Subject key identifier: FA:43:AF:F4:A5:28:79:B2:8C:2F:2D:3E:F8:1A:54:F7:DD:91:A7:1C
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 098F
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/56B018D61EF511EFBC195A6FC4F9AE02.roa
Signing time: Fri 31 May 2024 02:27:34 +0000
ROA not before: Fri 31 May 2024 02:27:34 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 149495
IP address blocks: 43.247.122.0/24 maxlen: 24
2403:7980:f000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2447 (0x98f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: May 31 02:27:34 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66593596-0a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:51:3c:26:b5:7b:f7:ce:fa:da:45:2d:d4:ef:
da:66:7d:a4:d7:30:c2:fd:90:3c:8c:e5:23:33:75:
28:12:36:b1:52:74:d7:4a:db:4c:49:46:f3:66:b7:
a2:69:bb:4c:1e:5d:ee:85:4e:3e:54:98:d3:89:75:
58:94:20:83:59:fc:bf:49:ac:f2:f5:0f:d7:4b:c8:
c1:ec:d6:b8:60:ba:f2:fb:65:4e:56:61:a7:eb:2b:
cf:ca:59:89:af:9d:45:57:c5:11:ac:e4:25:98:f2:
25:98:91:04:34:fa:6a:c7:26:33:d8:f4:23:ca:65:
94:7b:49:f4:e2:54:97:ef:d3:05:37:18:c8:95:d0:
7b:42:ce:55:c2:77:76:39:57:91:f4:1b:12:6d:25:
b3:01:a3:d0:dd:b9:12:a4:15:5a:d0:54:da:65:8e:
fd:ba:d8:3e:81:02:f0:da:3d:ee:73:1c:e3:e2:dc:
c9:a8:53:bb:fb:a0:c7:bc:ed:da:3e:8b:b3:1d:11:
7e:c7:15:27:ce:df:93:c3:7a:77:58:c3:1b:1e:7d:
f4:24:bc:9d:cc:0c:ef:74:2c:78:70:3f:d4:e4:77:
7f:c7:9b:82:51:76:d3:9d:32:d9:12:68:67:3e:37:
a3:9c:a4:df:be:55:1d:cb:cd:57:81:ef:29:0a:93:
ce:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:43:AF:F4:A5:28:79:B2:8C:2F:2D:3E:F8:1A:54:F7:DD:91:A7:1C
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/56B018D61EF511EFBC195A6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.122.0/24
IPv6:
2403:7980:f000::/36
Signature Algorithm: sha256WithRSAEncryption
57:f9:80:50:70:78:6b:1b:2e:9e:e7:8a:a1:99:b0:11:af:5c:
1d:24:8e:31:39:91:4c:82:0d:f2:a7:fd:f0:db:65:f7:6e:a6:
5c:e4:b7:2e:3e:20:48:6b:c4:10:d7:23:f6:7b:94:c5:49:34:
6f:4a:cc:36:34:91:fe:c3:de:6d:d5:30:a2:58:36:f5:c7:5a:
03:b2:67:06:09:61:a1:48:6e:fe:cb:6d:03:0d:cc:5a:2e:81:
d9:9c:08:d1:84:87:57:44:1c:18:1b:f2:6e:f7:14:a5:93:3b:
27:44:9c:4c:91:04:f5:2f:a5:f5:2c:13:41:28:77:37:c9:42:
ef:f0:00:7a:2f:fd:4b:be:d6:78:70:1f:38:a3:46:d8:d1:a3:
dc:0e:0a:5c:c2:b1:3e:c5:42:6a:73:e7:5e:3c:8a:e3:85:46:
ec:50:a4:ec:09:c6:1d:86:81:db:69:40:42:7c:68:21:c0:f1:
36:8c:63:13:2b:db:46:0d:70:d7:16:2d:19:cd:58:26:a7:1d:
70:b8:a2:f6:14:b3:5d:7e:38:54:03:19:49:aa:6e:f1:6d:47:
74:50:41:5b:a1:db:23:1c:7c:33:6f:4a:38:ec:55:32:d0:b6:
28:64:69:9c:f3:cc:2c:40:8e:be:62:86:2c:d1:5b:d4:03:8f:
97:de:f4:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICCY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwNTMxMDIyNzM0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU5MzU5Ni0wYTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA11E8JrV798762kUt1O/aZn2k1zDC/ZA8jOUjM3UoEjaxUnTXSttMSUbzZrei
abtMHl3uhU4+VJjTiXVYlCCDWfy/Sazy9Q/XS8jB7Na4YLry+2VOVmGn6yvPylmJ
r51FV8URrOQlmPIlmJEENPpqxyYz2PQjymWUe0n04lSX79MFNxjIldB7Qs5Vwnd2
OVeR9BsSbSWzAaPQ3bkSpBVa0FTaZY79utg+gQLw2j3ucxzj4tzJqFO7+6DHvO3a
PouzHRF+xxUnzt+Tw3p3WMMbHn30JLydzAzvdCx4cD/U5Hd/x5uCUXbTnTLZEmhn
PjejnKTfvlUdy81Xge8pCpPOxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPpDr/Sl
KHmyjC8tPvgaVPfdkaccMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvNTZCMDE4RDYx
RUY1MTFFRkJDMTk1QTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBAAr93owDgQCAAIwCAMGBCQDeYDwMA0GCSqGSIb3DQEBCwUA
A4IBAQBX+YBQcHhrGy6e54qhmbARr1wdJI4xOZFMgg3yp/3w22X3bqZc5LcuPiBI
a8QQ1yP2e5TFSTRvSsw2NJH+w95t1TCiWDb1x1oDsmcGCWGhSG7+y20DDcxaLoHZ
nAjRhIdXRBwYG/Ju9xSlkzsnRJxMkQT1L6X1LBNBKHc3yULv8AB6L/1LvtZ4cB84
o0bY0aPcDgpcwrE+xUJqc+dePIrjhUbsUKTsCcYdhoHbaUBCfGghwPE2jGMTK9tG
DXDXFi0ZzVgmpx1wuKL2FLNdfjhUAxlJqm7xbUd0UEFbodsjHHwzb0o47FUy0LYo
ZGmc88wsQI6+YoYs0VvUA4+X3vRX
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:13:07 2025 by rpki-client