Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/854335F4695111ECAD5B1E1BC4F9AE02.roa
File: 854335F4695111ECAD5B1E1BC4F9AE02.roa (raw, json)
Hash identifier: IJmAsCLOylDwGmBBQxVk0iU7ovMbdaI1m3p3Euyje8s=
Subject key identifier: BF:EB:02:D6:6E:9A:F9:CF:52:AF:2F:8D:42:B0:B4:16:E6:90:E8:43
Certificate issuer: /CN=A912918B/serialNumber=DD61C22A95B28EFDE378312A759FACAFEE406C18
Certificate serial: 0624
Authority key identifier: DD:61:C2:2A:95:B2:8E:FD:E3:78:31:2A:75:9F:AC:AF:EE:40:6C:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/854335F4695111ECAD5B1E1BC4F9AE02.roa
Signing time: Tue 03 Jan 2023 11:18:56 +0000
ROA not before: Tue 03 Jan 2023 11:18:56 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141154
IP address blocks: 103.155.98.0/24 maxlen: 24
103.155.99.0/24 maxlen: 24
2001:df4:c080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1572 (0x624)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912918B/serialNumber=DD61C22A95B28EFDE378312A759FACAFEE406C18
Validity
Not Before: Jan 3 11:18:56 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63b40f20-a88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:01:9e:b7:d0:4c:d2:b1:0c:61:51:32:a1:92:
36:79:d4:8f:a7:a4:9c:47:56:a5:74:f7:85:d1:05:
f1:15:7b:fe:90:3e:e3:1c:d3:29:55:18:dd:cc:4d:
36:fa:48:2c:f2:0b:d3:95:4a:7a:c9:07:3f:bc:b9:
0d:2e:bf:d7:9c:39:b2:a7:b6:25:11:d6:f3:30:f9:
de:10:6f:cb:73:9e:31:0b:bd:67:ac:fd:d2:a2:47:
d0:3b:c9:e5:48:f4:15:9a:1c:1b:c6:2f:6e:a6:92:
31:76:89:0c:8b:d5:bd:b4:f8:1f:d8:ef:60:7d:6b:
b0:4e:d2:58:9e:01:36:58:19:1a:28:1a:08:c3:8b:
5c:2b:b7:09:52:1b:a8:50:4d:ca:93:98:b6:10:58:
1d:6c:3b:06:7c:57:ef:de:68:53:80:d3:a9:f8:ce:
e9:02:0a:7f:25:84:96:51:3b:93:7c:5c:7f:63:13:
6f:0b:70:45:f7:4c:01:31:d5:84:4f:58:c5:03:57:
5a:ce:14:7b:fb:1e:6d:87:f7:1b:b0:63:21:7b:dd:
aa:e2:6a:76:de:a4:00:93:8a:80:4e:ac:45:e6:96:
36:70:b7:89:65:85:28:50:5c:46:2b:98:ee:04:12:
09:c4:b5:ff:92:96:41:96:5b:c8:21:56:7d:75:05:
a3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:EB:02:D6:6E:9A:F9:CF:52:AF:2F:8D:42:B0:B4:16:E6:90:E8:43
X509v3 Authority Key Identifier:
keyid:DD:61:C2:2A:95:B2:8E:FD:E3:78:31:2A:75:9F:AC:AF:EE:40:6C:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/854335F4695111ECAD5B1E1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.98.0/23
IPv6:
2001:df4:c080::/48
Signature Algorithm: sha256WithRSAEncryption
1d:39:80:0b:ca:d5:e3:a3:23:db:5b:22:37:ae:10:bf:ea:20:
f8:ba:9e:bd:5c:16:4c:e5:3b:a8:0e:32:90:0d:f4:18:ca:fa:
52:74:b3:84:2a:82:8b:63:08:2e:d8:32:7a:ca:d1:2d:12:d8:
fd:28:1b:e0:2f:3e:f2:9d:c9:a3:4f:22:18:d8:97:8b:1d:60:
58:fa:5b:f8:bc:d1:41:9c:df:94:c8:cb:78:7d:a3:2e:c0:dd:
3a:6e:a7:cb:19:76:cd:fd:44:be:12:ba:68:1a:22:36:58:8e:
59:95:67:09:2b:7f:1e:56:b4:3b:79:e8:5d:9e:22:04:19:92:
b3:93:42:87:07:da:a9:8d:3b:c2:ed:1e:6c:71:ed:30:97:55:
fc:38:12:63:a1:af:f1:74:9c:d8:41:32:2b:54:38:d4:db:dd:
b1:d0:70:4f:8d:11:d5:e2:d0:7a:f9:7b:f3:14:6d:40:cf:7b:
c3:9f:df:dd:0d:38:16:d0:d3:3d:2c:12:d3:ca:5a:a1:a7:9c:
e1:ea:ae:e0:7f:b9:2e:a3:c9:d5:9c:73:4a:29:ca:ac:d2:0d:
e5:a4:96:3e:7e:6b:87:26:f3:56:57:be:e6:b6:6e:1d:f4:b3:
cf:41:63:b7:09:79:13:b6:1c:ee:92:c2:6c:73:56:f6:d0:75:
8b:5d:a5:cf
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjkxOEIxMTAvBgNVBAUTKERENjFDMjJBOTVCMjhFRkRFMzc4MzEyQTc1OUZBQ0FG
RUU0MDZDMTgwHhcNMjMwMTAzMTExODU2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I0MGYyMC1hODhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmwGet9BM0rEMYVEyoZI2edSPp6ScR1aldPeF0QXxFXv+kD7jHNMpVRjdzE02
+kgs8gvTlUp6yQc/vLkNLr/XnDmyp7YlEdbzMPneEG/Lc54xC71nrP3SokfQO8nl
SPQVmhwbxi9uppIxdokMi9W9tPgf2O9gfWuwTtJYngE2WBkaKBoIw4tcK7cJUhuo
UE3Kk5i2EFgdbDsGfFfv3mhTgNOp+M7pAgp/JYSWUTuTfFx/YxNvC3BF90wBMdWE
T1jFA1dazhR7+x5th/cbsGMhe92q4mp23qQAk4qATqxF5pY2cLeJZYUoUFxGK5ju
BBIJxLX/kpZBllvIIVZ9dQWjbwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFL/rAtZu
mvnPUq8vjUKwtBbmkOhDMB8GA1UdIwQYMBaAFN1hwiqVso7943gxKnWfrK/uQGwY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTE4Qi83RTBDRUVGQUVF
QjUxMUVBQUE0RkFEMzJDNEY5QUUwMi8zV0hDS3BXeWp2M2plREVxZFotc3ItNUFi
QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNXSENLcFd5anYzamVERXFkWi1zci01QWJCZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjkxOEIvN0UwQ0VFRkFFRUI1MTFFQUFBNEZBRDMyQzRGOUFFMDIvODU0MzM1RjQ2
OTUxMTFFQ0FENUIxRTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnm2IwDwQCAAIwCQMHACABDfTAgDANBgkqhkiG9w0BAQsF
AAOCAQEAHTmAC8rV46Mj21siN64Qv+og+LqevVwWTOU7qA4ykA30GMr6UnSzhCqC
i2MILtgyesrRLRLY/Sgb4C8+8p3Jo08iGNiXix1gWPpb+LzRQZzflMjLeH2jLsDd
Om6nyxl2zf1EvhK6aBoiNliOWZVnCSt/Hla0O3noXZ4iBBmSs5NChwfaqY07wu0e
bHHtMJdV/DgSY6Gv8XSc2EEyK1Q41NvdsdBwT40R1eLQevl78xRtQM97w5/f3Q04
FtDTPSwS08paoaec4equ4H+5LqPJ1ZxzSinKrNIN5aSWPn5rhybzVle+5rZuHfSz
z0Fjtwl5E7Yc7pLCbHNW9tB1i12lzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org