Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/7581DE08AC0711EFB5289586C4F9AE02.roa
File: 7581DE08AC0711EFB5289586C4F9AE02.roa (raw, json)
Hash identifier: V5Kvg2TI2ZWlUosW9t+n4KtretO/NWBeTsWtHbc2trs=
Subject key identifier: BD:A2:25:4A:59:62:03:75:C8:5F:69:40:AB:E3:86:FE:77:0C:C2:AD
Certificate issuer: /CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Certificate serial: 012F
Authority key identifier: EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/7581DE08AC0711EFB5289586C4F9AE02.roa
Signing time: Tue 26 Nov 2024 15:02:31 +0000
ROA not before: Tue 26 Nov 2024 15:02:31 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 133892
IP address blocks: 103.43.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303 (0x12f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3C87, serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Validity
Not Before: Nov 26 15:02:31 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6745e307-e8fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ac:fd:6c:84:e7:06:60:1b:bd:cf:c8:33:e9:
e6:77:b1:a5:9a:86:43:af:75:b9:31:df:ee:03:a2:
10:ee:d6:6f:5e:a9:20:f1:cb:1b:c8:49:24:d0:31:
e2:49:62:cb:8e:64:7b:b6:aa:7e:7b:a2:cd:c3:ec:
16:77:ff:0b:ea:b1:90:9c:93:f7:3f:a6:f1:59:05:
40:5c:0c:59:f9:e5:dc:1a:df:8a:74:03:8f:2f:9b:
0a:d3:4d:b9:47:13:af:92:99:98:37:ef:01:03:6f:
e5:af:bf:e4:fb:39:8d:cc:49:d6:89:78:20:ae:b3:
bc:9b:44:b6:5e:be:6d:98:35:c0:9f:95:5b:6e:ee:
b4:51:e7:80:fb:93:df:fa:49:e2:dd:0b:74:83:e1:
27:6b:4d:cd:53:05:7f:9a:c0:dc:26:cb:6e:67:b5:
1c:64:b5:5a:82:01:7d:3e:0b:46:c9:ac:f0:bc:8b:
a6:21:9f:50:06:02:a5:9e:6e:37:9f:50:43:df:db:
c7:d6:d9:84:24:e6:62:2f:00:ce:3e:7d:f2:c1:22:
f4:2f:55:51:43:ef:98:71:55:a5:58:27:8f:92:53:
e8:92:07:7e:90:17:8e:5d:51:32:0d:a9:5a:09:a9:
f7:31:91:73:30:6f:b8:c2:fb:2d:7b:81:d9:44:b4:
60:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A2:25:4A:59:62:03:75:C8:5F:69:40:AB:E3:86:FE:77:0C:C2:AD
X509v3 Authority Key Identifier:
keyid:EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/7581DE08AC0711EFB5289586C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.173.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:f3:f9:f0:8d:59:7e:a9:52:8a:93:1d:36:8d:30:33:bf:d3:
14:ea:f9:e1:25:0f:aa:64:45:f2:96:c3:19:db:f6:97:b2:13:
d8:9e:97:c0:f6:99:5b:b6:98:8e:16:8a:d9:0a:e9:1b:af:8e:
c8:ac:99:85:45:34:03:0c:89:74:9f:3d:22:b3:2d:38:02:00:
ea:3d:d8:e7:91:a2:81:f3:87:88:86:a1:65:27:e8:a7:25:62:
9f:84:a3:ae:14:97:69:c2:8a:19:ea:34:72:38:68:63:d8:00:
81:66:85:c4:bf:b7:12:4c:95:d5:26:75:a4:32:6d:31:79:9a:
4b:27:ee:2e:73:8f:38:d0:e3:48:b0:9c:e6:c1:50:2a:39:2c:
97:4d:13:32:88:de:22:77:fd:1a:32:76:f8:9e:20:41:49:1c:
5d:46:00:6e:3a:0c:4a:b9:cd:ef:a2:bd:d6:93:20:5a:e2:78:
44:50:e6:af:6d:98:7f:95:24:cb:49:4c:5c:59:42:54:54:03:
88:d2:6c:09:45:f3:03:5d:16:b1:19:b0:18:15:72:a8:ac:84:
cb:e5:97:bc:e3:3f:9c:82:87:53:ed:f9:49:54:31:f5:32:cd:
9d:44:f6:fd:58:26:39:ac:3f:8b:04:8b:44:33:55:a7:59:eb:
96:24:5a:1e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNDODcxMTAvBgNVBAUTKEVGOUZFMzgxREEzRDQyRUI3QzRFMEQwNDlDQ0FFNzIy
OEUyOEZCNEIwHhcNMjQxMTI2MTUwMjMxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ1ZTMwNy1lOGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKz9bITnBmAbvc/IM+nmd7GlmoZDr3W5Md/uA6IQ7tZvXqkg8csbyEkk0DHi
SWLLjmR7tqp+e6LNw+wWd/8L6rGQnJP3P6bxWQVAXAxZ+eXcGt+KdAOPL5sK0025
RxOvkpmYN+8BA2/lr7/k+zmNzEnWiXggrrO8m0S2Xr5tmDXAn5Vbbu60UeeA+5Pf
+kni3Qt0g+Ena03NUwV/msDcJstuZ7UcZLVaggF9PgtGyazwvIumIZ9QBgKlnm43
n1BD39vH1tmEJOZiLwDOPn3ywSL0L1VRQ++YcVWlWCePklPokgd+kBeOXVEyDala
Can3MZFzMG+4wvste4HZRLRgjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL2iJUpZ
YgN1yF9pQKvjhv53DMKtMB8GA1UdIwQYMBaAFO+f44HaPULrfE4NBJzK5yKOKPtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0M4Ny9FNzgyODU0RUVG
MEIxMUVEODFERDJENzJDNEY5QUUwMi83NV9qZ2RvOVF1dDhUZzBFbk1ybklvNG8t
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc1X2pnZG85UXV0OFRnMEVuTXJuSW80by0wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNDODcvRTc4Mjg1NEVFRjBCMTFFRDgxREQyRDcyQzRGOUFFMDIvNzU4MURFMDhB
QzA3MTFFRkI1Mjg5NTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnK60wDQYJKoZIhvcNAQELBQADggEBAKzz+fCNWX6pUoqT
HTaNMDO/0xTq+eElD6pkRfKWwxnb9peyE9iel8D2mVu2mI4WitkK6RuvjsismYVF
NAMMiXSfPSKzLTgCAOo92OeRooHzh4iGoWUn6KclYp+Eo64Ul2nCihnqNHI4aGPY
AIFmhcS/txJMldUmdaQybTF5mksn7i5zjzjQ40iwnObBUCo5LJdNEzKI3iJ3/Roy
dvieIEFJHF1GAG46DEq5ze+ivdaTIFrieERQ5q9tmH+VJMtJTFxZQlRUA4jSbAlF
8wNdFrEZsBgVcqishMvll7zjP5yCh1Pt+UlUMfUyzZ1E9v1YJjmsP4sEi0QzVadZ
65YkWh4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:01:21 2025 by rpki-client