Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/CB261308ACCD11EF8093E675C4F9AE02.roa
File: CB261308ACCD11EF8093E675C4F9AE02.roa (raw, json)
Hash identifier: Q+/h0gdukd5W9HbYtaDdgONSa9Y4AtHlrIOFRg/0yRw=
Subject key identifier: BC:08:68:AB:5B:42:38:02:90:64:1F:F2:AE:7E:05:D0:62:95:EE:1A
Certificate issuer: /CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Certificate serial: 0135
Authority key identifier: EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/CB261308ACCD11EF8093E675C4F9AE02.roa
Signing time: Wed 27 Nov 2024 14:58:51 +0000
ROA not before: Wed 27 Nov 2024 14:58:51 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 20473
IP address blocks: 103.43.173.0/24 maxlen: 24
103.43.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309 (0x135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3C87, serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Validity
Not Before: Nov 27 14:58:51 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=674733ab-be39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:df:65:a6:97:ff:36:33:5e:eb:ec:eb:a6:
8a:3d:b7:ae:db:33:ec:80:89:d1:c6:72:64:33:fd:
7b:af:2b:81:07:ac:77:61:38:7f:2f:0a:d0:da:01:
4b:80:c2:ed:c6:9f:07:a0:f2:cd:40:62:01:da:65:
e6:3b:6c:f6:a8:9d:24:c2:af:a0:64:00:9b:21:c9:
6a:f3:57:c2:f6:3b:88:b9:65:23:11:57:e4:93:72:
e9:e9:98:08:cb:b4:2b:e9:77:89:43:94:bf:4f:83:
89:ae:71:fe:32:00:9c:db:3a:02:85:71:49:f9:71:
c4:f1:74:07:fd:d4:04:16:5b:3d:39:71:4f:99:f3:
54:e8:d0:e1:53:bb:79:c0:aa:e8:60:00:cd:0b:e2:
1f:54:10:d4:74:87:bd:8e:ff:ec:13:ff:4d:d1:74:
72:52:6c:67:b4:67:62:44:6c:8f:cf:ac:22:56:2d:
23:63:30:d1:db:bc:c8:b4:1f:bc:18:03:7a:da:33:
d6:bb:be:e9:89:eb:28:59:c4:52:70:67:a2:16:bd:
03:78:bf:a8:36:ef:a3:f2:c1:33:67:bb:c7:fd:83:
87:29:e8:40:1f:4d:8d:70:20:92:47:6e:0c:d8:ff:
ca:bb:bf:d5:0c:af:42:e5:bc:22:97:a4:ff:bb:20:
74:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:08:68:AB:5B:42:38:02:90:64:1F:F2:AE:7E:05:D0:62:95:EE:1A
X509v3 Authority Key Identifier:
keyid:EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/CB261308ACCD11EF8093E675C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.173.0-103.43.174.255
Signature Algorithm: sha256WithRSAEncryption
60:8a:2b:03:80:de:57:e2:57:78:6c:c2:be:c8:f8:93:d0:c4:
bc:8a:86:4d:4a:40:e4:d3:73:47:3a:6f:6d:1b:c2:82:45:87:
94:6a:a2:09:55:b7:8e:95:8e:f1:08:75:08:7a:dc:11:3b:49:
ea:66:49:97:15:1c:f0:81:46:b1:ed:32:ad:49:a5:bc:1c:83:
c3:05:00:a1:9a:da:8a:4c:12:2e:a6:b6:ae:9b:d7:35:80:89:
f8:46:e0:49:f3:1b:fc:fe:fe:1a:64:1e:6e:b0:00:5a:6f:5a:
01:5d:af:ec:f6:71:65:55:0d:02:b1:8d:27:79:8f:87:2e:26:
c3:ff:ad:0a:4e:ed:93:43:e2:f7:19:2d:fb:40:13:9e:ac:82:
88:d5:89:b2:c7:27:e9:66:86:ca:ec:23:77:55:d8:de:7f:e9:
28:41:0f:43:27:bb:6a:40:0a:f7:19:3a:41:a3:7c:50:53:2a:
06:11:f3:ca:22:f1:51:a3:5f:72:7e:a4:00:32:3c:09:9b:54:
53:8e:02:78:68:47:08:0b:a3:c4:2f:5b:ac:91:f5:d2:1d:99:
ae:fe:73:1d:4e:fd:9a:f7:43:ce:12:a9:f8:2a:34:a7:34:0c:
50:a6:6a:fb:b0:1b:f7:31:a5:a7:20:40:9d:58:24:4f:0c:c5:
eb:86:34:19
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICATUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNDODcxMTAvBgNVBAUTKEVGOUZFMzgxREEzRDQyRUI3QzRFMEQwNDlDQ0FFNzIy
OEUyOEZCNEIwHhcNMjQxMTI3MTQ1ODUxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ3MzNhYi1iZTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArvrfZaaX/zYzXuvs66aKPbeu2zPsgInRxnJkM/17ryuBB6x3YTh/LwrQ2gFL
gMLtxp8HoPLNQGIB2mXmO2z2qJ0kwq+gZACbIclq81fC9juIuWUjEVfkk3Lp6ZgI
y7Qr6XeJQ5S/T4OJrnH+MgCc2zoChXFJ+XHE8XQH/dQEFls9OXFPmfNU6NDhU7t5
wKroYADNC+IfVBDUdIe9jv/sE/9N0XRyUmxntGdiRGyPz6wiVi0jYzDR27zItB+8
GAN62jPWu77piesoWcRScGeiFr0DeL+oNu+j8sEzZ7vH/YOHKehAH02NcCCSR24M
2P/Ku7/VDK9C5bwil6T/uyB0RQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFLwIaKtb
QjgCkGQf8q5+BdBile4aMB8GA1UdIwQYMBaAFO+f44HaPULrfE4NBJzK5yKOKPtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0M4Ny9FNzgyODU0RUVG
MEIxMUVEODFERDJENzJDNEY5QUUwMi83NV9qZ2RvOVF1dDhUZzBFbk1ybklvNG8t
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc1X2pnZG85UXV0OFRnMEVuTXJuSW80by0wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNDODcvRTc4Mjg1NEVFRjBCMTFFRDgxREQyRDcyQzRGOUFFMDIvQ0IyNjEzMDhB
Q0NEMTFFRjgwOTNFNjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGcrrQMEAGcrrjANBgkqhkiG9w0BAQsFAAOCAQEAYIor
A4DeV+JXeGzCvsj4k9DEvIqGTUpA5NNzRzpvbRvCgkWHlGqiCVW3jpWO8Qh1CHrc
ETtJ6mZJlxUc8IFGse0yrUmlvByDwwUAoZraikwSLqa2rpvXNYCJ+EbgSfMb/P7+
GmQebrAAWm9aAV2v7PZxZVUNArGNJ3mPhy4mw/+tCk7tk0Pi9xkt+0ATnqyCiNWJ
sscn6WaGyuwjd1XY3n/pKEEPQye7akAK9xk6QaN8UFMqBhHzyiLxUaNfcn6kADI8
CZtUU44CeGhHCAujxC9brJH10h2Zrv5zHU79mvdDzhKp+Co0pzQMUKZq+7Ab9zGl
pyBAnVgkTwzF64Y0GQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:03:14 2025 by rpki-client