Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0948C44A6C7811EBB9AEA942C4F9AE02.roa
File: 0948C44A6C7811EBB9AEA942C4F9AE02.roa (raw, json)
Hash identifier: mBntCrnuYFJ6O5IhuSfWRG7oJxNq35t75tYRJZBtos4=
Subject key identifier: 01:84:DF:BF:62:30:31:8C:5F:08:92:4D:BC:EC:EB:59:39:7C:84:02
Certificate issuer: /CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Certificate serial: 01BA
Authority key identifier: 24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0948C44A6C7811EBB9AEA942C4F9AE02.roa
Signing time: Tue 24 Aug 2021 18:51:32 +0000
ROA not before: Tue 24 Aug 2021 18:51:32 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 136607
IP address blocks: 103.152.100.0/24 maxlen: 24
103.152.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 442 (0x1ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Validity
Not Before: Aug 24 18:51:32 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=61253fb4-65ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:15:ad:5a:4a:95:7a:b7:66:cd:0a:43:4b:ac:
a3:b7:de:7a:70:6d:df:42:b2:40:d8:40:af:78:7d:
69:0a:1d:07:c3:dd:aa:6a:dc:e2:99:ea:97:87:e3:
59:dc:5e:dd:33:74:14:0d:cf:5a:fd:31:59:03:8b:
af:62:c7:02:08:5d:59:c5:85:d3:52:ba:e7:6b:92:
e5:8f:93:1d:1d:a0:af:52:da:50:27:22:a5:6e:68:
cb:e6:57:d9:a7:41:76:1d:96:1b:4f:0d:ca:7e:a8:
80:97:b2:81:77:c2:09:c5:ba:f8:05:8d:53:1c:a5:
b0:14:0a:a7:38:6a:8d:00:32:be:45:0b:6a:e8:a1:
83:00:dc:9d:b5:e6:bd:10:97:95:8e:2c:ad:22:37:
32:c8:e2:17:eb:a7:d8:b3:b1:bb:78:fd:63:a2:46:
84:bc:b0:70:73:f9:d8:47:44:25:87:ed:18:5e:c2:
66:d3:4f:86:ae:32:91:64:d8:5e:41:c3:fd:7f:4e:
90:9c:00:f9:14:71:50:bb:7f:76:72:a6:aa:86:0c:
5c:fb:c5:e5:37:a1:67:2e:ae:76:d3:9c:04:0b:67:
85:7f:ff:ec:14:9e:c5:6f:a9:bf:2e:02:80:56:7f:
42:c8:3d:ab:6a:c3:24:94:dc:31:8b:0c:92:2e:3f:
f1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:84:DF:BF:62:30:31:8C:5F:08:92:4D:BC:EC:EB:59:39:7C:84:02
X509v3 Authority Key Identifier:
keyid:24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/JG9qS-FbAM_sDcOZpehDn5OckXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/0948C44A6C7811EBB9AEA942C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.100.0/23
Signature Algorithm: sha256WithRSAEncryption
36:e6:1b:9d:09:d9:88:9f:c2:af:9d:05:13:40:03:41:28:49:
fd:a5:b3:7a:f2:29:f9:01:9a:86:77:af:4a:a6:1f:66:95:50:
10:26:61:b3:32:ff:f3:86:32:38:36:60:ad:c5:f8:09:c6:21:
99:d0:63:7b:56:5b:46:4e:ec:59:6d:a1:7c:db:54:e7:01:a3:
c6:74:5d:7c:5c:80:f4:8e:22:b4:37:7f:d1:c6:bd:d9:38:da:
bc:a7:89:37:25:f8:7a:2b:f4:4a:83:4c:94:53:0a:db:f2:7f:
bc:e2:73:ee:fb:96:30:72:6c:ca:9a:40:d5:d2:0a:26:9a:e4:
8b:e0:2f:c5:1b:b7:e2:be:c5:f4:b1:39:29:16:b8:fe:dd:87:
57:36:b8:93:50:c6:8d:98:1d:8e:2b:ad:4d:5b:cf:52:f9:69:
a3:aa:e9:92:17:2d:37:dc:05:df:33:b5:1a:b6:a2:39:14:94:
26:c7:0f:69:50:19:d8:d3:99:f4:c8:af:78:95:f7:f7:4e:34:
aa:72:6f:4d:92:eb:0f:7b:be:5d:7a:83:38:eb:57:52:d8:50:
79:b2:b1:73:ae:58:e0:08:9a:78:09:3a:5e:eb:85:06:74:9d:
57:ee:06:8e:b8:20:ee:f0:2d:16:3e:4a:89:22:3d:00:89:a7:
d6:7c:90:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OUIxMTAvBgNVBAUTKDI0NkY2QTRCRTE1QjAwQ0ZFQzBEQzM5OUE1RTg0MzlG
OTM5QzkxNzQwHhcNMjEwODI0MTg1MTMyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTI1M2ZiNC02NWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0RWtWkqVerdmzQpDS6yjt956cG3fQrJA2ECveH1pCh0Hw92qatzimeqXh+NZ
3F7dM3QUDc9a/TFZA4uvYscCCF1ZxYXTUrrna5Llj5MdHaCvUtpQJyKlbmjL5lfZ
p0F2HZYbTw3KfqiAl7KBd8IJxbr4BY1THKWwFAqnOGqNADK+RQtq6KGDANydtea9
EJeVjiytIjcyyOIX66fYs7G7eP1jokaEvLBwc/nYR0Qlh+0YXsJm00+GrjKRZNhe
QcP9f06QnAD5FHFQu392cqaqhgxc+8XlN6FnLq5205wEC2eFf//sFJ7Fb6m/LgKA
Vn9CyD2rasMklNwxiwySLj/xbQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAGE379i
MDGMXwiSTbzs61k5fIQCMB8GA1UdIwQYMBaAFCRvakvhWwDP7A3DmaXoQ5+TnJF0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5Qi83MzNEQTRFODVC
MzMxMUVCODAwQ0I4MENDNEY5QUUwMi9KRzlxUy1GYkFNX3NEY09acGVoRG41T2Nr
WFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pHOXFTLUZiQU1fc0RjT1pwZWhEbjVPY2tYUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OUIvNzMzREE0RTg1QjMzMTFFQjgwMENCODBDQzRGOUFFMDIvMDk0OEM0NEE2
Qzc4MTFFQkI5QUVBOTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmGQwDQYJKoZIhvcNAQELBQADggEBADbmG50J2Yifwq+d
BRNAA0EoSf2ls3ryKfkBmoZ3r0qmH2aVUBAmYbMy//OGMjg2YK3F+AnGIZnQY3tW
W0ZO7FltoXzbVOcBo8Z0XXxcgPSOIrQ3f9HGvdk42ryniTcl+Hor9EqDTJRTCtvy
f7zic+77ljBybMqaQNXSCiaa5IvgL8Ubt+K+xfSxOSkWuP7dh1c2uJNQxo2YHY4r
rU1bz1L5aaOq6ZIXLTfcBd8ztRq2ojkUlCbHD2lQGdjTmfTIr3iV9/dONKpyb02S
6w97vl16gzjrV1LYUHmysXOuWOAImngJOl7rhQZ0nVfuBo64IO7wLRY+SokiPQCJ
p9Z8kFo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:52 2024 by rpki-client on console-ams.rpki-client.org