Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/A4FA56F08B7111EDADF51C55C4F9AE02.roa
File: A4FA56F08B7111EDADF51C55C4F9AE02.roa (raw, json)
Hash identifier: 4C+FOzCn1p+FdFesHkXc2jaM9rnZcy5TeyRIJnbaeE0=
Subject key identifier: F1:85:B1:88:B1:CE:04:F3:7A:10:96:14:AB:91:84:B5:72:A4:73:BE
Certificate issuer: /CN=A912918B/serialNumber=DD61C22A95B28EFDE378312A759FACAFEE406C18
Certificate serial: 064F
Authority key identifier: DD:61:C2:2A:95:B2:8E:FD:E3:78:31:2A:75:9F:AC:AF:EE:40:6C:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/A4FA56F08B7111EDADF51C55C4F9AE02.roa
Signing time: Mon 13 Mar 2023 06:49:50 +0000
ROA not before: Mon 13 Mar 2023 06:49:50 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141154
IP address blocks: 103.155.98.0/23 maxlen: 23
103.155.98.0/24 maxlen: 24
103.155.99.0/24 maxlen: 24
2001:df4:c080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1615 (0x64f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912918B/serialNumber=DD61C22A95B28EFDE378312A759FACAFEE406C18
Validity
Not Before: Mar 13 06:49:50 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=640ec78d-e8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:aa:6c:60:c0:de:90:92:39:78:77:ad:bb:b1:
d3:1d:aa:fb:87:61:4d:9b:c0:49:3d:95:ea:f4:42:
08:dd:16:0b:5e:ca:a6:39:09:ae:35:65:c7:b4:e1:
73:54:57:01:42:aa:f4:a2:6f:1a:bb:e8:7c:b3:23:
fe:a0:bc:70:36:9f:f2:74:5d:cf:c1:cb:10:c4:78:
e5:9d:86:c8:21:dd:ac:36:9c:6a:cd:3d:99:4d:d6:
e3:28:69:bd:03:de:b7:30:06:74:31:00:8a:f5:64:
65:73:6f:3b:83:f9:38:9b:dd:30:0e:74:13:8f:f2:
83:06:c7:c1:c8:91:e7:a5:3f:17:99:61:69:15:90:
e4:1c:18:3d:51:64:eb:5d:48:2a:a8:91:e2:8a:04:
c5:87:c7:c5:e3:69:f3:e0:ea:1f:84:7f:23:2b:ff:
b6:e3:70:45:63:65:8d:da:39:d8:56:1d:0f:20:51:
32:20:98:b9:4f:af:90:bf:7c:d0:6d:8f:e9:62:13:
35:8f:b0:d5:7a:73:27:0d:7d:4b:32:be:12:9c:14:
01:eb:30:3f:77:97:b0:c8:be:1e:06:d8:72:83:d0:
c0:ab:6c:33:8f:f8:04:c2:34:a2:91:fa:2b:be:16:
40:5b:d2:26:cb:1a:8d:a8:00:d5:c6:cf:82:96:28:
7b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:85:B1:88:B1:CE:04:F3:7A:10:96:14:AB:91:84:B5:72:A4:73:BE
X509v3 Authority Key Identifier:
keyid:DD:61:C2:2A:95:B2:8E:FD:E3:78:31:2A:75:9F:AC:AF:EE:40:6C:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/A4FA56F08B7111EDADF51C55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.98.0/23
IPv6:
2001:df4:c080::/48
Signature Algorithm: sha256WithRSAEncryption
8c:56:15:13:3e:c7:2b:66:5d:d8:97:9a:5d:d8:be:b9:51:ba:
d7:98:1e:73:cf:68:3e:3d:c6:3e:0d:5c:c2:55:c1:2d:2b:0c:
b9:93:1b:b9:ae:1e:e0:53:02:98:bb:e5:b1:e8:78:40:fe:be:
57:41:05:b6:ba:51:ac:ae:dc:5e:f9:af:e2:59:32:62:68:fe:
bf:df:bd:26:6b:6d:09:15:72:b6:e5:28:2b:4f:f9:5d:d2:1b:
55:87:0f:07:1f:e9:88:5f:62:ec:37:9f:22:47:b5:34:ec:0c:
b3:46:a2:52:a1:b3:18:7d:1d:60:f6:fe:7c:ad:88:66:e0:3a:
b5:fe:8c:d2:ef:c7:2c:41:fd:5a:6e:48:46:44:2b:aa:16:9c:
00:59:e9:35:19:44:82:4e:6a:9c:ca:1b:4e:f5:12:c9:93:b5:
53:29:c6:3f:44:e2:fa:4c:19:68:08:1f:2b:8b:56:4b:3b:24:
54:23:ad:5b:28:b5:db:65:05:3a:a5:f7:44:91:76:58:42:a4:
9b:49:08:f0:76:b3:50:30:ac:f9:75:60:2c:3b:8d:94:c3:7e:
e8:8f:c1:3e:8c:59:24:13:6d:aa:89:bf:4e:28:9f:c3:96:a1:
eb:09:69:8e:bd:d0:1d:d6:46:af:67:5a:2b:7c:a9:7a:d7:cd:
b1:b9:91:cb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjkxOEIxMTAvBgNVBAUTKERENjFDMjJBOTVCMjhFRkRFMzc4MzEyQTc1OUZBQ0FG
RUU0MDZDMTgwHhcNMjMwMzEzMDY0OTUwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBlYzc4ZC1lOGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5apsYMDekJI5eHetu7HTHar7h2FNm8BJPZXq9EII3RYLXsqmOQmuNWXHtOFz
VFcBQqr0om8au+h8syP+oLxwNp/ydF3PwcsQxHjlnYbIId2sNpxqzT2ZTdbjKGm9
A963MAZ0MQCK9WRlc287g/k4m90wDnQTj/KDBsfByJHnpT8XmWFpFZDkHBg9UWTr
XUgqqJHiigTFh8fF42nz4OofhH8jK/+243BFY2WN2jnYVh0PIFEyIJi5T6+Qv3zQ
bY/pYhM1j7DVenMnDX1LMr4SnBQB6zA/d5ewyL4eBthyg9DAq2wzj/gEwjSikfor
vhZAW9ImyxqNqADVxs+Clih7+QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPGFsYix
zgTzehCWFKuRhLVypHO+MB8GA1UdIwQYMBaAFN1hwiqVso7943gxKnWfrK/uQGwY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTE4Qi83RTBDRUVGQUVF
QjUxMUVBQUE0RkFEMzJDNEY5QUUwMi8zV0hDS3BXeWp2M2plREVxZFotc3ItNUFi
QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNXSENLcFd5anYzamVERXFkWi1zci01QWJCZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjkxOEIvN0UwQ0VFRkFFRUI1MTFFQUFBNEZBRDMyQzRGOUFFMDIvQTRGQTU2RjA4
QjcxMTFFREFERjUxQzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnm2IwDwQCAAIwCQMHACABDfTAgDANBgkqhkiG9w0BAQsF
AAOCAQEAjFYVEz7HK2Zd2JeaXdi+uVG615gec89oPj3GPg1cwlXBLSsMuZMbua4e
4FMCmLvlseh4QP6+V0EFtrpRrK7cXvmv4lkyYmj+v9+9JmttCRVytuUoK0/5XdIb
VYcPBx/piF9i7DefIke1NOwMs0aiUqGzGH0dYPb+fK2IZuA6tf6M0u/HLEH9Wm5I
RkQrqhacAFnpNRlEgk5qnMobTvUSyZO1UynGP0Ti+kwZaAgfK4tWSzskVCOtWyi1
22UFOqX3RJF2WEKkm0kI8HazUDCs+XVgLDuNlMN+6I/BPoxZJBNtqom/Tiifw5ah
6wlpjr3QHdZGr2daK3ypetfNsbmRyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org