Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911A0B9/2E06D6DE6FB811ECA5677C78C4F9AE02/0952C4546FBA11EC953EEC78C4F9AE02.roa
File: 0952C4546FBA11EC953EEC78C4F9AE02.roa (raw, json)
Hash identifier: oiQ4wkxdPtM8Omzeo4jTR6vAwevZlUmiOnkx0AoJB24=
Subject key identifier: 77:B2:34:13:CC:EB:AB:D9:1E:68:69:1B:F6:88:85:A9:6B:4E:25:FE
Certificate issuer: /CN=A911A0B9/serialNumber=74106684D567572A534BEC9E9ED7A4FC3DB1E2C6
Certificate serial: 04
Authority key identifier: 74:10:66:84:D5:67:57:2A:53:4B:EC:9E:9E:D7:A4:FC:3D:B1:E2:C6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dBBmhNVnVypTS-yentek_D2x4sY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911A0B9/2E06D6DE6FB811ECA5677C78C4F9AE02/0952C4546FBA11EC953EEC78C4F9AE02.roa
Signing time: Fri 07 Jan 2022 15:42:55 +0000
ROA not before: Fri 07 Jan 2022 15:42:55 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 149420
IP address blocks: 103.179.54.0/23 maxlen: 23
103.179.54.0/24 maxlen: 24
103.179.55.0/24 maxlen: 24
2001:df0:48c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911A0B9/serialNumber=74106684D567572A534BEC9E9ED7A4FC3DB1E2C6
Validity
Not Before: Jan 7 15:42:55 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=61d85f7f-94b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:56:e6:95:b2:c2:f8:71:6b:22:da:43:30:7e:
17:bd:07:2e:6f:57:f1:6b:69:8f:fc:42:f9:65:83:
95:87:bc:2e:c1:00:e9:56:93:6f:4d:87:75:2c:a5:
3c:0c:42:a8:61:c1:11:5e:e8:9a:36:85:79:54:76:
35:b3:82:b6:7a:34:a9:3f:e8:7e:b8:a0:ec:c9:7a:
ae:72:af:e4:d3:7e:ac:f7:1c:44:cf:46:c6:87:ad:
ac:bb:43:68:be:a5:b3:64:dd:2a:82:e6:df:b9:b4:
b5:29:bc:a7:6e:32:43:d9:16:3e:fe:bc:77:ab:51:
f8:54:7b:33:47:9e:d2:7f:bc:7f:ec:ad:f7:02:76:
1f:7d:97:a2:21:1f:08:46:66:8b:b3:e0:3a:01:12:
6f:5f:29:0c:72:95:05:12:1b:45:bd:95:87:e2:9c:
97:f9:e9:f7:1b:3b:e4:c6:3a:f3:8e:dc:c3:d6:c5:
5b:3a:fc:86:db:7d:a5:a7:90:67:28:ab:86:17:a3:
4d:7f:00:be:61:88:6b:48:23:3f:81:5d:fa:a0:86:
22:b4:3d:5e:64:22:28:79:d0:55:1c:a0:2c:85:8a:
dd:27:89:ba:20:82:fe:44:8a:88:61:b3:07:22:80:
49:23:a6:b6:31:0f:3f:7e:6f:7c:af:c9:b7:3d:b3:
bc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B2:34:13:CC:EB:AB:D9:1E:68:69:1B:F6:88:85:A9:6B:4E:25:FE
X509v3 Authority Key Identifier:
keyid:74:10:66:84:D5:67:57:2A:53:4B:EC:9E:9E:D7:A4:FC:3D:B1:E2:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911A0B9/2E06D6DE6FB811ECA5677C78C4F9AE02/dBBmhNVnVypTS-yentek_D2x4sY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dBBmhNVnVypTS-yentek_D2x4sY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911A0B9/2E06D6DE6FB811ECA5677C78C4F9AE02/0952C4546FBA11EC953EEC78C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.54.0/23
IPv6:
2001:df0:48c0::/48
Signature Algorithm: sha256WithRSAEncryption
2b:f5:00:70:45:fa:6a:28:c3:35:62:e0:04:d1:45:04:6d:a3:
0f:b0:67:8d:bd:47:13:43:11:0c:63:be:07:fe:2f:17:55:73:
e1:4b:f7:66:a2:23:88:2d:25:b2:15:cc:f9:e0:14:d0:02:f4:
fd:5f:be:c4:66:da:15:f1:b8:cf:dc:62:a6:6e:98:88:23:ff:
0b:f9:4c:d0:9a:f6:81:16:60:4a:07:7c:a8:d8:ce:13:cf:d2:
af:a6:28:96:c7:57:5a:89:70:e4:bf:a4:15:a2:63:04:c8:fc:
73:ab:5b:3d:0e:66:2d:69:c3:a5:6a:c0:a4:8a:7d:e9:0a:54:
c8:61:fe:7d:46:46:ae:c7:37:4f:d6:31:ea:4b:ed:37:b7:dd:
87:0e:96:57:4c:e9:8e:d0:d4:b0:c5:ba:85:88:96:e1:2a:30:
a4:68:c8:56:3f:45:7b:1a:12:4e:39:42:e9:dd:33:f4:ce:66:
02:81:fd:c4:3b:f6:e6:b5:58:c1:d5:d9:98:cc:46:40:ee:38:
28:00:42:8a:2d:99:41:97:09:48:ab:16:be:0c:35:59:eb:ed:
1c:21:65:69:fa:1b:f9:0d:ab:1f:4e:b9:61:43:9e:c4:ac:c4:
a7:59:be:63:e7:da:6c:5d:e9:34:06:f5:47:16:19:fe:b3:a8:
85:09:eb:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QTBCOTExMC8GA1UEBRMoNzQxMDY2ODRENTY3NTcyQTUzNEJFQzlFOUVEN0E0RkMz
REIxRTJDNjAeFw0yMjAxMDcxNTQyNTVaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxZDg1ZjdmLTk0YjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDwVuaVssL4cWsi2kMwfhe9By5vV/FraY/8Qvllg5WHvC7BAOlWk29Nh3UspTwM
QqhhwRFe6Jo2hXlUdjWzgrZ6NKk/6H64oOzJeq5yr+TTfqz3HETPRsaHray7Q2i+
pbNk3SqC5t+5tLUpvKduMkPZFj7+vHerUfhUezNHntJ/vH/srfcCdh99l6IhHwhG
Zouz4DoBEm9fKQxylQUSG0W9lYfinJf56fcbO+TGOvOO3MPWxVs6/IbbfaWnkGco
q4YXo01/AL5hiGtIIz+BXfqghiK0PV5kIih50FUcoCyFit0niboggv5Eiohhswci
gEkjprYxDz9+b3yvybc9s7zBAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUd7I0E8zr
q9keaGkb9oiFqWtOJf4wHwYDVR0jBBgwFoAUdBBmhNVnVypTS+yentek/D2x4sYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBMEI5LzJFMDZENkRFNkZC
ODExRUNBNTY3N0M3OEM0RjlBRTAyL2RCQm1oTlZuVnlwVFMteWVudGVrX0QyeDRz
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZEJCbWhOVm5WeXBUUy15ZW50ZWtfRDJ4NHNZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QTBCOS8yRTA2RDZERTZGQjgxMUVDQTU2NzdDNzhDNEY5QUUwMi8wOTUyQzQ1NDZG
QkExMUVDOTUzRUVDNzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWezNjAPBAIAAjAJAwcAIAEN8EjAMA0GCSqGSIb3DQEBCwUA
A4IBAQAr9QBwRfpqKMM1YuAE0UUEbaMPsGeNvUcTQxEMY74H/i8XVXPhS/dmoiOI
LSWyFcz54BTQAvT9X77EZtoV8bjP3GKmbpiII/8L+UzQmvaBFmBKB3yo2M4Tz9Kv
piiWx1daiXDkv6QVomMEyPxzq1s9DmYtacOlasCkin3pClTIYf59RkauxzdP1jHq
S+03t92HDpZXTOmO0NSwxbqFiJbhKjCkaMhWP0V7GhJOOULp3TP0zmYCgf3EO/bm
tVjB1dmYzEZA7jgoAEKKLZlBlwlIqxa+DDVZ6+0cIWVp+hv5DasfTrlhQ57ErMSn
Wb5j59psXek0BvVHFhn+s6iFCeu5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org