Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/705C17A68E7511EDA82D5830C4F9AE02.roa
File: 705C17A68E7511EDA82D5830C4F9AE02.roa (raw, json)
Hash identifier: oxvuP9RiXXjUCW+jcC+by6fkqtdgyYWNHnEouZ8mCLA=
Subject key identifier: 5A:44:9E:70:C0:20:16:74:14:27:BD:BC:14:E3:89:6B:71:9F:73:F9
Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A
Certificate serial: 45
Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/705C17A68E7511EDA82D5830C4F9AE02.roa
Signing time: Sat 07 Jan 2023 10:24:17 +0000
ROA not before: Sat 07 Jan 2023 10:24:17 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 141731
IP address blocks: 103.14.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69 (0x45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A
Validity
Not Before: Jan 7 10:24:17 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63b94850-ec21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:21:6d:e5:68:4d:c1:c3:08:dc:5e:c7:e1:83:
9c:84:93:2d:af:e9:12:ba:52:45:d1:01:68:57:4a:
98:15:58:32:02:b5:21:84:83:2a:16:6f:f7:c0:17:
96:68:ef:bb:e2:db:82:da:9b:47:cb:0d:c6:30:07:
82:4d:fe:7c:51:2b:50:6a:41:2b:f9:08:7b:fd:49:
7b:9a:d3:fa:60:b6:9f:35:ef:74:84:34:bb:4a:0e:
c7:16:29:0f:e7:5e:88:38:92:70:12:4d:8e:20:e6:
38:53:59:97:5c:eb:48:24:88:c5:ab:1c:43:fe:c3:
9a:34:32:f4:16:e6:7c:3f:3c:86:bf:6d:ba:ee:5c:
7b:13:59:4f:03:41:bf:5c:6b:4c:b9:17:26:63:c8:
96:b0:40:cd:43:b1:08:ff:2f:a2:ce:1b:b3:c3:70:
f1:6e:26:0a:cd:e2:fe:18:41:87:a5:9f:4e:e2:96:
ff:1e:43:e1:f1:67:63:6c:7f:3b:cf:47:4e:9a:d6:
cc:46:4e:03:c6:bd:f6:97:8c:d1:5d:22:9e:12:c8:
56:ee:62:3b:be:9b:3f:d8:2c:a6:2e:76:85:90:9e:
29:04:20:6d:75:2f:fb:5d:7f:c7:40:d7:b5:d0:05:
b0:c1:b1:64:5e:f4:18:7f:f4:e0:0d:70:93:f5:d4:
08:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:44:9E:70:C0:20:16:74:14:27:BD:BC:14:E3:89:6B:71:9F:73:F9
X509v3 Authority Key Identifier:
keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/705C17A68E7511EDA82D5830C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.168.0/24
Signature Algorithm: sha256WithRSAEncryption
51:8a:6f:64:ae:f9:47:c8:c4:5a:1a:36:cc:4a:7d:5a:2a:a0:
71:59:66:77:16:d5:aa:6d:d8:f2:76:4e:d1:84:4f:5a:45:8d:
fb:c1:43:9d:e6:ff:83:43:ff:c1:98:1b:b8:19:e7:bd:90:6d:
c5:10:59:0f:77:e2:23:76:e3:bd:7c:44:8d:a6:12:0c:6d:2c:
7b:e4:4d:42:19:05:2e:fd:4f:05:85:5b:01:3f:77:20:b1:13:
d8:66:9f:d1:1b:4c:8b:1a:4c:45:42:05:1a:02:d8:ba:ac:e8:
32:af:04:68:37:bd:83:ae:52:ca:d2:72:ac:3b:b5:9c:99:24:
6f:fa:de:9f:08:78:b9:37:f4:fb:ed:36:ab:b1:48:99:34:32:
98:44:2c:a0:ff:8f:e5:e7:30:4a:b8:e3:e2:39:37:cc:91:25:
ea:3b:30:74:65:e7:2d:32:8d:07:d6:3f:a9:d6:be:22:40:cf:
3b:a5:84:3f:a6:42:b2:50:e6:ee:5e:47:98:d7:6c:6b:fe:7e:
0f:79:98:1c:be:42:23:e7:f0:db:fd:38:a1:86:50:b7:ab:e9:
74:11:5d:78:b7:80:53:91:6d:9f:0f:3c:1d:1e:cb:d7:1f:a4:
83:f0:80:9f:9a:5a:56:3c:ec:2c:4b:0d:97:e5:f0:e5:d7:51:
e1:99:3b:59
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OEM3RjExMC8GA1UEBRMoODk3NkI1RkI0OEYyRTQxMTFENzhENUEzQ0Q1QTJGQ0Ex
OTYxMzk3QTAeFw0yMzAxMDcxMDI0MTdaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYjk0ODUwLWVjMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfIW3laE3BwwjcXsfhg5yEky2v6RK6UkXRAWhXSpgVWDICtSGEgyoWb/fAF5Zo
77vi24Lam0fLDcYwB4JN/nxRK1BqQSv5CHv9SXua0/pgtp8173SENLtKDscWKQ/n
Xog4knASTY4g5jhTWZdc60gkiMWrHEP+w5o0MvQW5nw/PIa/bbruXHsTWU8DQb9c
a0y5FyZjyJawQM1DsQj/L6LOG7PDcPFuJgrN4v4YQYeln07ilv8eQ+HxZ2NsfzvP
R06a1sxGTgPGvfaXjNFdIp4SyFbuYju+mz/YLKYudoWQnikEIG11L/tdf8dA17XQ
BbDBsWRe9Bh/9OANcJP11AgjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWkSecMAg
FnQUJ728FOOJa3Gfc/kwHwYDVR0jBBgwFoAUiXa1+0jy5BEdeNWjzVovyhlhOXow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4QzdGLzNCN0JEQUJFM0ZD
NzExRURBQzlCMjIxREM0RjlBRTAyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Y
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVhhMS0wank1QkVkZU5XanpWb3Z5aGxoT1hvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi83MDVDMTdBNjhF
NzUxMUVEQTgyRDU4MzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcOqDANBgkqhkiG9w0BAQsFAAOCAQEAUYpvZK75R8jEWho2
zEp9WiqgcVlmdxbVqm3Y8nZO0YRPWkWN+8FDneb/g0P/wZgbuBnnvZBtxRBZD3fi
I3bjvXxEjaYSDG0se+RNQhkFLv1PBYVbAT93ILET2Gaf0RtMixpMRUIFGgLYuqzo
Mq8EaDe9g65SytJyrDu1nJkkb/renwh4uTf0++02q7FImTQymEQsoP+P5ecwSrjj
4jk3zJEl6jswdGXnLTKNB9Y/qda+IkDPO6WEP6ZCslDm7l5HmNdsa/5+D3mYHL5C
I+fw2/04oYZQt6vpdBFdeLeAU5Ftnw88HR7L1x+kg/CAn5paVjzsLEsNl+Xw5ddR
4Zk7WQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org