Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BCC2C1AC626A11EE977B9651C4F9AE02.roa
File: BCC2C1AC626A11EE977B9651C4F9AE02.roa (raw, json)
Hash identifier: 0nvrr6Gf0YzzI8riplyPsacYni5OWXovv6OwjhhiW4g=
Subject key identifier: F0:4A:D5:46:76:8A:F9:C5:15:78:EE:15:7D:83:17:1B:2E:4C:5C:EB
Certificate issuer: /CN=A918036A/serialNumber=57840FB441D2B34C8EE699D264712B4A5E0FED8D
Certificate serial: 0EFF
Authority key identifier: 57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BCC2C1AC626A11EE977B9651C4F9AE02.roa
Signing time: Wed 04 Oct 2023 04:01:47 +0000
ROA not before: Wed 04 Oct 2023 04:01:47 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 132400
IP address blocks: 103.72.188.0/24 maxlen: 24
103.72.189.0/24 maxlen: 24
103.72.190.0/24 maxlen: 24
103.72.191.0/24 maxlen: 24
160.20.40.0/24 maxlen: 24
160.20.41.0/24 maxlen: 24
160.20.42.0/24 maxlen: 24
160.20.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3839 (0xeff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918036A, serialNumber=57840FB441D2B34C8EE699D264712B4A5E0FED8D
Validity
Not Before: Oct 4 04:01:47 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651ce3ab-f4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fa:e5:9f:de:33:cd:95:ee:df:64:71:cb:9f:
55:46:13:bd:b2:87:9c:92:61:8a:e8:ca:b9:b6:64:
0b:ab:4f:b0:76:eb:f8:d4:f8:db:9e:c4:95:09:83:
74:4d:0a:27:74:0c:25:d9:e1:94:79:a9:4f:d3:91:
58:b4:58:1c:d7:0b:14:9a:c8:3e:39:49:fb:f6:07:
da:62:ac:52:e4:cb:7e:e6:b2:4b:4c:71:40:62:72:
db:b1:85:a7:7d:3b:d0:17:1e:25:47:ef:4d:f1:af:
11:05:7a:12:e7:de:6d:c8:5a:6f:84:ad:07:ba:f0:
dc:85:31:1d:3e:25:c1:f8:34:ac:e8:34:ed:d0:76:
91:a5:72:98:c7:cd:1b:51:1d:90:d2:d9:13:ce:be:
87:ab:76:db:5f:17:a0:8b:63:ea:43:d6:e6:38:b3:
c5:67:48:f5:c1:4d:e8:35:3b:16:48:a9:a4:47:d0:
da:2e:85:84:d3:1b:b7:90:6a:43:e9:5c:d5:9e:df:
92:64:61:c4:70:bf:54:73:4a:9e:93:d6:43:0b:7f:
c4:cc:de:60:b7:84:f5:78:91:ad:11:3f:11:6e:2d:
0e:da:70:89:d7:72:3a:7c:fb:5b:28:b5:13:41:08:
d5:3c:a3:a4:3f:40:84:cc:54:80:db:1a:95:4e:17:
b3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4A:D5:46:76:8A:F9:C5:15:78:EE:15:7D:83:17:1B:2E:4C:5C:EB
X509v3 Authority Key Identifier:
keyid:57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BCC2C1AC626A11EE977B9651C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.188.0/22
160.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:7d:5e:f5:e8:ff:a6:1b:e1:b4:b0:20:c5:fe:75:3f:64:25:
23:4c:85:38:42:40:73:70:99:69:e2:27:a7:82:c9:82:70:aa:
de:6e:66:6e:c9:2a:bb:58:8f:fb:3e:60:7d:64:9c:03:15:d6:
e2:97:71:f9:d4:ea:45:e3:2d:11:a2:43:39:59:72:1f:15:0f:
2b:a1:60:5b:c4:bf:55:48:b3:39:4c:f1:8c:58:c6:65:ed:19:
32:9a:2a:00:1e:51:1a:0c:87:27:d9:69:a7:96:d2:cb:1c:e2:
61:6d:98:de:fc:73:14:7b:fe:4d:f3:7e:af:66:61:4d:56:fe:
d4:3d:05:4c:34:c6:2f:1c:ce:ea:68:ea:d3:27:46:49:fa:3d:
58:f0:e1:e9:1a:9a:e5:0d:b5:44:45:6e:a0:73:e8:9e:ed:84:
c6:d8:36:b1:c8:8f:6b:f7:1f:5b:76:e3:78:ec:54:a6:97:87:
79:2c:f2:df:ea:44:53:52:15:9b:bd:be:c2:bd:ea:1b:04:db:
e7:99:c0:11:86:6f:51:75:bc:74:36:cb:fc:39:25:38:0f:18:
3b:2f:58:8d:e1:4a:98:07:9b:af:0b:e1:e7:9f:38:42:a1:cf:
0a:17:eb:67:39:e8:3a:61:ce:23:13:4d:50:32:17:52:f3:dd:
8a:6f:b8:2f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODAzNkExMTAvBgNVBAUTKDU3ODQwRkI0NDFEMkIzNEM4RUU2OTlEMjY0NzEyQjRB
NUUwRkVEOEQwHhcNMjMxMDA0MDQwMTQ3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFjZTNhYi1mNGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Prln94zzZXu32Rxy59VRhO9soeckmGK6Mq5tmQLq0+wduv41PjbnsSVCYN0
TQondAwl2eGUealP05FYtFgc1wsUmsg+OUn79gfaYqxS5Mt+5rJLTHFAYnLbsYWn
fTvQFx4lR+9N8a8RBXoS595tyFpvhK0HuvDchTEdPiXB+DSs6DTt0HaRpXKYx80b
UR2Q0tkTzr6Hq3bbXxegi2PqQ9bmOLPFZ0j1wU3oNTsWSKmkR9DaLoWE0xu3kGpD
6VzVnt+SZGHEcL9Uc0qek9ZDC3/EzN5gt4T1eJGtET8Rbi0O2nCJ13I6fPtbKLUT
QQjVPKOkP0CEzFSA2xqVThezZQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPBK1UZ2
ivnFFXjuFX2DFxsuTFzrMB8GA1UdIwQYMBaAFFeED7RB0rNMjuaZ0mRxK0peD+2N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDM2QS80MzNBRjc4QzQ2
QzcxMUU5QURFOUQ0MjRDNEY5QUUwMi9WNFFQdEVIU3MweU81cG5TWkhFclNsNFA3
WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Y0UVB0RUhTczB5TzVwblNaSEVyU2w0UDdZMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODAzNkEvNDMzQUY3OEM0NkM3MTFFOUFERTlENDI0QzRGOUFFMDIvQkNDMkMxQUM2
MjZBMTFFRTk3N0I5NjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnSLwDBAKgFCgwDQYJKoZIhvcNAQELBQADggEBAJ59XvXo
/6Yb4bSwIMX+dT9kJSNMhThCQHNwmWniJ6eCyYJwqt5uZm7JKrtYj/s+YH1knAMV
1uKXcfnU6kXjLRGiQzlZch8VDyuhYFvEv1VIszlM8YxYxmXtGTKaKgAeURoMhyfZ
aaeW0ssc4mFtmN78cxR7/k3zfq9mYU1W/tQ9BUw0xi8czupo6tMnRkn6PVjw4eka
muUNtURFbqBz6J7thMbYNrHIj2v3H1t243jsVKaXh3ks8t/qRFNSFZu9vsK96hsE
2+eZwBGGb1F1vHQ2y/w5JTgPGDsvWI3hSpgHm68L4eefOEKhzwoX62c56DphziMT
TVAyF1Lz3YpvuC8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:57:25 2025 by rpki-client