Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/8F870E98973911EDB1E3C460C4F9AE02.roa
File: 8F870E98973911EDB1E3C460C4F9AE02.roa (raw, json)
Hash identifier: YhQcWNRCW13iIC1wdLSs6gMd4T6ANk+M7BrvdEwBtX8=
Subject key identifier: 95:4C:31:44:C9:A3:B8:BA:93:29:F5:B5:53:47:18:DE:98:4C:E6:55
Certificate issuer: /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial: 23A9
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/8F870E98973911EDB1E3C460C4F9AE02.roa
Signing time: Wed 18 Jan 2023 14:08:20 +0000
ROA not before: Wed 18 Jan 2023 14:08:20 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 4294967272
IP address blocks: 103.138.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9129 (0x23a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Validity
Not Before: Jan 18 14:08:20 2023 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=63c7fd53-9129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:88:50:1c:c7:17:ce:ad:45:b9:f8:38:a8:49:
a8:d2:3e:39:ef:fe:21:db:86:6f:9e:0e:ec:45:6e:
82:37:ac:04:90:06:6e:6d:6a:de:e9:03:20:99:f0:
3e:4f:fc:6b:ea:96:c2:ae:5e:f9:91:20:26:22:8e:
4e:0f:c3:7b:b1:53:b8:03:ba:56:1b:71:a4:8d:c1:
5e:77:e8:04:ff:7e:9c:df:b3:c0:07:87:e1:0d:5e:
9e:52:de:9e:9f:fc:1a:91:20:49:74:29:89:e0:dd:
ea:37:7f:c9:aa:a6:60:da:ae:6c:9a:12:ac:99:a9:
12:f1:a0:71:80:16:e4:74:7b:37:ac:b7:9f:fe:d1:
cd:f1:ec:44:9d:17:12:ce:e7:d1:0e:2e:26:c8:8b:
d3:13:47:8a:d9:68:64:32:a6:12:cb:7f:e1:e3:df:
8c:a2:74:a0:a5:43:18:96:52:79:62:2a:4d:ba:3b:
27:15:50:f2:ca:9c:d7:76:f2:cc:e0:c9:71:83:07:
ff:2f:8d:c3:80:97:1d:ad:66:31:b2:b6:df:84:0e:
eb:16:d8:ed:6f:9e:4c:20:96:ef:7c:0a:ac:8b:6b:
30:57:0c:31:a1:50:a0:50:f5:6b:d5:5b:55:74:15:
b5:bd:f0:51:dc:d2:c1:67:55:4c:f6:b8:a7:8d:7e:
34:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4C:31:44:C9:A3:B8:BA:93:29:F5:B5:53:47:18:DE:98:4C:E6:55
X509v3 Authority Key Identifier:
keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/8F870E98973911EDB1E3C460C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.210.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:66:9e:c7:ad:21:0a:91:67:c2:38:62:57:1f:25:f6:bb:9b:
3f:34:24:a5:10:99:4f:38:5f:da:f6:43:fe:0f:f1:af:06:3f:
3d:d6:16:23:97:19:35:96:62:c6:e6:b8:f8:4f:e9:36:15:8b:
87:bb:92:aa:5a:65:41:04:c1:80:db:88:ec:1d:32:6e:0c:dd:
10:21:57:52:a5:63:30:ab:ba:33:04:6e:12:a3:2f:a7:9b:65:
25:75:81:ce:89:82:e9:c7:4a:84:7c:ee:28:b1:ec:94:49:64:
35:ff:93:16:d1:1e:e0:aa:3d:da:40:b6:42:f0:47:bb:63:8e:
0b:9b:65:20:d6:9b:f6:0c:05:0a:96:76:60:41:69:34:d1:8b:
fb:df:75:5e:1d:9c:5c:a5:64:60:7e:ba:9a:ac:98:6c:b8:19:
c3:b3:e4:93:95:9d:c2:8a:44:27:ee:44:6a:82:36:ba:36:e1:
3f:0f:6b:9b:e2:a7:fc:0f:8a:eb:48:75:89:7b:51:83:57:0f:
d2:1c:e5:04:84:17:17:84:98:e2:76:20:90:59:57:26:23:b8:
2f:e1:db:7a:81:a4:e0:2a:66:88:58:32:59:83:e3:3d:a7:fd:
4f:4e:84:4a:65:d6:a8:0c:92:05:45:10:cd:0b:d1:7a:7d:89:
b9:4e:8c:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICI6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjMwMTE4MTQwODIwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M3ZmQ1My05MTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArohQHMcXzq1Fufg4qEmo0j457/4h24Zvng7sRW6CN6wEkAZubWre6QMgmfA+
T/xr6pbCrl75kSAmIo5OD8N7sVO4A7pWG3GkjcFed+gE/36c37PAB4fhDV6eUt6e
n/wakSBJdCmJ4N3qN3/JqqZg2q5smhKsmakS8aBxgBbkdHs3rLef/tHN8exEnRcS
zufRDi4myIvTE0eK2WhkMqYSy3/h49+MonSgpUMYllJ5YipNujsnFVDyypzXdvLM
4Mlxgwf/L43DgJcdrWYxsrbfhA7rFtjtb55MIJbvfAqsi2swVwwxoVCgUPVr1VtV
dBW1vfBR3NLBZ1VM9rinjX40oQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJVMMUTJ
o7i6kyn1tVNHGN6YTOZVMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvOEY4NzBFOTg5
NzM5MTFFREIxRTNDNDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnitIwDQYJKoZIhvcNAQELBQADggEBAEpmnsetIQqRZ8I4
YlcfJfa7mz80JKUQmU84X9r2Q/4P8a8GPz3WFiOXGTWWYsbmuPhP6TYVi4e7kqpa
ZUEEwYDbiOwdMm4M3RAhV1KlYzCrujMEbhKjL6ebZSV1gc6JgunHSoR87iix7JRJ
ZDX/kxbRHuCqPdpAtkLwR7tjjgubZSDWm/YMBQqWdmBBaTTRi/vfdV4dnFylZGB+
upqsmGy4GcOz5JOVncKKRCfuRGqCNro24T8Pa5vip/wPiutIdYl7UYNXD9Ic5QSE
FxeEmOJ2IJBZVyYjuC/h23qBpOAqZohYMlmD4z2n/U9OhEpl1qgMkgVFEM0L0Xp9
iblOjPw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org