Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/EBF7E818FDBB11ECAE699C1BC4F9AE02.roa
File: EBF7E818FDBB11ECAE699C1BC4F9AE02.roa (raw, json)
Hash identifier: zvLtnrE4952ih7RO053CDXd+KKKkpCkg1Fb8o/tVT2c=
Subject key identifier: B0:55:99:FA:5A:39:0E:46:8E:0D:E4:7E:71:89:99:0E:E3:EA:57:02
Certificate issuer: /CN=A9119B43/serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79
Certificate serial: 02AD
Authority key identifier: 5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/EBF7E818FDBB11ECAE699C1BC4F9AE02.roa
Signing time: Sun 01 Jan 2023 04:02:56 +0000
ROA not before: Sun 01 Jan 2023 04:02:56 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 24098
IP address blocks: 103.176.61.0/24 maxlen: 24
2400:3120:fff0::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 685 (0x2ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9119B43/serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79
Validity
Not Before: Jan 1 04:02:56 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63b105f0-a153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:f7:8b:23:21:27:a2:98:23:a0:10:9a:38:
80:be:1d:59:ab:25:a7:7e:e5:e3:af:c4:4f:3d:e6:
d9:00:04:15:0d:2b:8b:62:5b:38:01:1c:f5:56:48:
50:22:8b:3d:88:65:b4:71:4f:5b:76:d0:68:73:fd:
be:bf:37:19:b9:1d:eb:69:6d:f1:af:06:9b:b5:8e:
e8:fb:78:e3:0e:91:51:17:84:4a:a0:33:d3:8f:6b:
23:9e:90:d0:ba:e8:0a:16:4c:e7:8f:67:d6:0f:d5:
31:a5:ef:c0:bb:52:4e:59:28:da:b3:c6:c6:51:7f:
1e:30:d1:0b:74:cd:82:e4:2d:e2:51:75:ee:e4:40:
61:5b:76:94:72:11:c2:63:67:7c:15:73:3f:42:9a:
34:08:db:8b:6e:38:ae:b8:53:97:4f:ca:1f:42:f0:
22:1c:e5:02:27:18:21:07:53:27:5e:21:bb:2d:7d:
97:18:5c:3a:a1:1a:54:ff:ab:3c:1c:90:fb:61:39:
33:50:be:94:42:89:a2:b2:0e:5e:af:51:af:b0:22:
c8:58:9d:88:f2:ac:7d:80:ab:2b:b5:62:4d:cc:8f:
2c:ab:f7:50:78:a2:27:05:c2:65:3d:3b:b1:ca:32:
b0:f8:99:c1:4d:9a:b4:46:53:8b:0e:66:c4:97:3e:
e2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:55:99:FA:5A:39:0E:46:8E:0D:E4:7E:71:89:99:0E:E3:EA:57:02
X509v3 Authority Key Identifier:
keyid:5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/EBF7E818FDBB11ECAE699C1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.61.0/24
IPv6:
2400:3120:fff0::/44
Signature Algorithm: sha256WithRSAEncryption
d0:9b:d2:fa:7b:c6:96:4f:1c:23:eb:48:58:fd:dc:73:b8:ea:
eb:fd:e1:9e:b3:04:f2:97:f0:8e:3d:41:3e:d4:95:d7:95:ac:
6a:2d:8b:e3:8a:32:d2:a5:40:4a:f8:79:8e:7e:e0:26:e8:9e:
e4:90:0f:4d:8d:df:3e:8f:90:cc:77:d6:fa:3f:0c:29:b0:de:
e0:20:4b:22:a0:42:a8:87:42:05:ab:33:68:e3:09:5a:06:27:
1c:2e:32:5b:25:f3:59:c0:f0:16:d1:37:17:5a:2b:0c:b3:fa:
bd:d1:d1:6f:18:ca:91:32:1d:fa:bb:30:5f:8b:dd:94:5e:ec:
eb:1f:b3:63:2c:c5:b1:29:22:48:f6:19:c3:e2:60:05:8d:aa:
40:aa:59:df:72:63:84:3f:0f:0d:45:e5:e8:9f:45:0a:5e:cf:
a6:81:99:de:27:f3:2f:11:8f:01:00:8b:8b:1b:e3:a7:45:b6:
eb:ec:1c:b0:87:51:fc:e5:81:0d:23:8f:6e:26:d3:7b:d4:a4:
34:c5:b5:dc:f9:0a:d0:6f:33:c8:18:af:39:fa:67:12:06:48:
6c:f3:f9:f2:ad:c2:4e:42:c8:e5:6e:4a:c6:47:9e:10:ce:a4:
f3:1d:09:a6:a8:d7:ed:9d:d2:a7:d4:d3:08:c1:28:73:6a:58:
ad:35:ac:3d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTlCNDMxMTAvBgNVBAUTKDVFRDg2OERBODcyQUY4RDY5NkE1QzFBOUZBNzgyOUY2
NTI3M0NBNzkwHhcNMjMwMTAxMDQwMjU2WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IxMDVmMC1hMTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr4H3iyMhJ6KYI6AQmjiAvh1ZqyWnfuXjr8RPPebZAAQVDSuLYls4ARz1VkhQ
Ios9iGW0cU9bdtBoc/2+vzcZuR3raW3xrwabtY7o+3jjDpFRF4RKoDPTj2sjnpDQ
uugKFkznj2fWD9Uxpe/Au1JOWSjas8bGUX8eMNELdM2C5C3iUXXu5EBhW3aUchHC
Y2d8FXM/Qpo0CNuLbjiuuFOXT8ofQvAiHOUCJxghB1MnXiG7LX2XGFw6oRpU/6s8
HJD7YTkzUL6UQomisg5er1GvsCLIWJ2I8qx9gKsrtWJNzI8sq/dQeKInBcJlPTux
yjKw+JnBTZq0RlOLDmbElz7iAQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLBVmfpa
OQ5Gjg3kfnGJmQ7j6lcCMB8GA1UdIwQYMBaAFF7YaNqHKvjWlqXBqfp4KfZSc8p5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUI0My9FNUI4Mzk4MjRC
M0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1OYVdwY0dwLW5ncDlsSnp5
bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h0aG8yb2NxLU5hV3BjR3AtbmdwOWxKenluay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTlCNDMvRTVCODM5ODI0QjNBMTFFQzk5MkU4MTUwQzRGOUFFMDIvRUJGN0U4MThG
REJCMTFFQ0FFNjk5QzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnsD0wDwQCAAIwCQMHBCQAMSD/8DANBgkqhkiG9w0BAQsF
AAOCAQEA0JvS+nvGlk8cI+tIWP3cc7jq6/3hnrME8pfwjj1BPtSV15Wsai2L44oy
0qVASvh5jn7gJuie5JAPTY3fPo+QzHfW+j8MKbDe4CBLIqBCqIdCBaszaOMJWgYn
HC4yWyXzWcDwFtE3F1orDLP6vdHRbxjKkTId+rswX4vdlF7s6x+zYyzFsSkiSPYZ
w+JgBY2qQKpZ33JjhD8PDUXl6J9FCl7PpoGZ3ifzLxGPAQCLixvjp0W26+wcsIdR
/OWBDSOPbibTe9SkNMW13PkK0G8zyBivOfpnEgZIbPP58q3CTkLI5W5KxkeeEM6k
8x0JpqjX7Z3Sp9TTCMEoc2pYrTWsPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org