Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/02F9582AC2D111EBB93A4850C4F9AE02.roa
File: 02F9582AC2D111EBB93A4850C4F9AE02.roa (raw, json)
Hash identifier: zFEH8fcts+wn1HfDlciLky8ZNrlmZbQ6mz0fulltehk=
Subject key identifier: B7:1A:29:03:5D:CE:A2:54:37:87:3C:EC:05:07:1E:53:6D:DE:6A:08
Certificate issuer: /CN=A911EB2D/serialNumber=C03056F68099647AF7585E53F6A98ECFF3D988DF
Certificate serial: 0343
Authority key identifier: C0:30:56:F6:80:99:64:7A:F7:58:5E:53:F6:A9:8E:CF:F3:D9:88:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wDBW9oCZZHr3WF5T9qmOz_PZiN8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/02F9582AC2D111EBB93A4850C4F9AE02.roa
Signing time: Mon 19 Jul 2021 10:49:18 +0000
ROA not before: Mon 19 Jul 2021 10:49:18 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 140849
IP address blocks: 103.152.104.0/24 maxlen: 24
103.152.105.0/24 maxlen: 24
2001:df4:a80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 835 (0x343)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911EB2D/serialNumber=C03056F68099647AF7585E53F6A98ECFF3D988DF
Validity
Not Before: Jul 19 10:49:18 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60f558ae-78b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:aa:d4:49:6a:12:97:5a:4d:f1:d3:4e:c9:
68:a4:9c:47:c7:aa:77:b5:2e:ea:00:69:a9:a1:ec:
90:d8:19:70:cc:e2:a0:df:7d:d5:7e:de:9d:9f:ca:
18:c4:c9:40:d8:c2:ba:e4:7e:2f:bd:2f:4c:37:03:
b4:b5:ce:54:af:cc:af:c3:59:3d:d1:09:bc:33:69:
df:a2:5e:28:f1:6a:8d:52:f1:24:67:32:8c:92:c7:
16:0f:be:d5:47:6d:65:cd:1d:52:24:98:da:5d:5a:
7f:08:1a:f6:94:df:05:0e:5c:b0:3b:16:ef:7a:2f:
fc:15:6a:de:cb:2e:ab:3c:ea:64:1a:df:99:ab:63:
9e:2b:6f:e7:2e:40:a8:26:ce:33:27:12:03:c0:ae:
e2:c8:eb:38:64:f6:a6:3a:89:f0:b8:5d:b0:22:2f:
8e:68:da:45:91:9d:03:33:43:1c:b6:eb:47:d4:cf:
98:30:d7:26:a8:b5:81:41:dc:e2:61:7b:4a:b6:d5:
0a:0f:b7:2e:75:46:86:6b:9e:3a:13:6f:b3:02:f1:
02:f8:cb:a2:3c:d5:32:00:93:db:78:96:72:36:4f:
e9:56:1f:09:9c:c1:55:3d:2d:f1:89:d6:69:a1:82:
25:71:10:01:1c:a9:6f:f0:df:50:9f:63:b0:6c:e8:
2b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1A:29:03:5D:CE:A2:54:37:87:3C:EC:05:07:1E:53:6D:DE:6A:08
X509v3 Authority Key Identifier:
keyid:C0:30:56:F6:80:99:64:7A:F7:58:5E:53:F6:A9:8E:CF:F3:D9:88:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/wDBW9oCZZHr3WF5T9qmOz_PZiN8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wDBW9oCZZHr3WF5T9qmOz_PZiN8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EB2D/4A6CEDACBEB311EA82687643C4F9AE02/02F9582AC2D111EBB93A4850C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.104.0/23
IPv6:
2001:df4:a80::/48
Signature Algorithm: sha256WithRSAEncryption
31:30:f4:7b:e6:2b:f7:92:b0:cb:2c:a7:87:aa:db:b0:ff:62:
50:74:cd:63:ca:7d:da:21:70:85:d8:78:e6:90:7b:ea:fb:16:
30:91:9b:04:36:fb:01:d8:29:8b:81:ae:20:d6:fd:ec:77:88:
8f:3f:2d:a4:3e:5b:40:77:58:e6:b9:53:95:35:ad:dc:81:7b:
66:f6:17:42:cb:d7:55:5b:0d:bd:e4:7c:c1:a7:1e:ed:3c:14:
cc:ac:20:f6:dd:db:95:c7:36:c3:26:6f:35:5d:52:eb:5f:0f:
22:69:8a:ec:8d:f1:68:c5:5e:66:22:30:f7:7b:64:dd:9b:79:
e3:07:9d:d2:6c:73:bc:59:99:24:b3:ba:4b:3a:a2:4c:b0:d9:
cb:03:19:5f:b8:6e:3f:1d:61:12:9d:37:fb:e6:6d:ca:5e:f0:
85:dc:40:8e:e0:c6:5f:0c:57:c9:2a:77:fa:a7:6f:2c:1d:c4:
b7:79:59:27:78:9c:34:90:9e:8a:53:40:da:13:fc:71:39:d7:
cf:b4:c1:0d:dd:03:aa:5c:7c:e5:ca:1a:63:6e:8a:e7:e1:97:
ca:e2:e5:34:81:e4:e1:46:bf:d1:98:0c:c8:ce:48:8a:6b:3e:
b1:e5:a3:cd:33:80:ca:6d:72:20:e0:af:63:cd:38:bb:9d:c9:
cb:ce:34:25
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUVCMkQxMTAvBgNVBAUTKEMwMzA1NkY2ODA5OTY0N0FGNzU4NUU1M0Y2QTk4RUNG
RjNEOTg4REYwHhcNMjEwNzE5MTA0OTE4WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGY1NThhZS03OGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfaq1ElqEpdaTfHTTslopJxHx6p3tS7qAGmpoeyQ2BlwzOKg333Vft6dn8oY
xMlA2MK65H4vvS9MNwO0tc5Ur8yvw1k90Qm8M2nfol4o8WqNUvEkZzKMkscWD77V
R21lzR1SJJjaXVp/CBr2lN8FDlywOxbvei/8FWreyy6rPOpkGt+Zq2OeK2/nLkCo
Js4zJxIDwK7iyOs4ZPamOonwuF2wIi+OaNpFkZ0DM0MctutH1M+YMNcmqLWBQdzi
YXtKttUKD7cudUaGa546E2+zAvEC+MuiPNUyAJPbeJZyNk/pVh8JnMFVPS3xidZp
oYIlcRABHKlv8N9Qn2OwbOgrRwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLcaKQNd
zqJUN4c87AUHHlNt3moIMB8GA1UdIwQYMBaAFMAwVvaAmWR691heU/apjs/z2Yjf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRUIyRC80QTZDRURBQ0JF
QjMxMUVBODI2ODc2NDNDNEY5QUUwMi93REJXOW9DWlpIcjNXRjVUOXFtT3pfUFpp
TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dEQlc5b0NaWkhyM1dGNVQ5cW1Pel9QWmlOOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUVCMkQvNEE2Q0VEQUNCRUIzMTFFQTgyNjg3NjQzQzRGOUFFMDIvMDJGOTU4MkFD
MkQxMTFFQkI5M0E0ODUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnmGgwDwQCAAIwCQMHACABDfQKgDANBgkqhkiG9w0BAQsF
AAOCAQEAMTD0e+Yr95Kwyyynh6rbsP9iUHTNY8p92iFwhdh45pB76vsWMJGbBDb7
Adgpi4GuINb97HeIjz8tpD5bQHdY5rlTlTWt3IF7ZvYXQsvXVVsNveR8wace7TwU
zKwg9t3blcc2wyZvNV1S618PImmK7I3xaMVeZiIw93tk3Zt54wed0mxzvFmZJLO6
SzqiTLDZywMZX7huPx1hEp03++Ztyl7whdxAjuDGXwxXySp3+qdvLB3Et3lZJ3ic
NJCeilNA2hP8cTnXz7TBDd0Dqlx85coaY26K5+GXyuLlNIHk4Ua/0ZgMyM5Iims+
seWjzTOAym1yIOCvY804u53Jy840JQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org