Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/9C3901F4C5F411EB8A6F1525C4F9AE02.roa
File: 9C3901F4C5F411EB8A6F1525C4F9AE02.roa (raw, json)
Hash identifier: L7Cw3iKHMBzoKkQ9pooicCgc183Ao3cTa7/T0RuVDus=
Subject key identifier: 8A:0B:C9:20:5D:03:AB:C5:A6:04:3A:39:75:8B:C1:55:34:72:B0:80
Certificate issuer: /CN=A9144EC5/serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628
Certificate serial: 0339
Authority key identifier: 58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/9C3901F4C5F411EB8A6F1525C4F9AE02.roa
Signing time: Wed 20 Jul 2022 14:12:10 +0000
ROA not before: Wed 20 Jul 2022 14:12:10 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 134382
IP address blocks: 103.166.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 825 (0x339)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9144EC5/serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628
Validity
Not Before: Jul 20 14:12:10 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62d80d3a-15f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:29:af:2a:66:c8:5f:1a:4b:10:2a:53:7a:d5:
a9:18:f5:27:85:f4:7d:3e:60:59:a5:38:21:80:17:
79:18:6b:47:d3:1e:7d:ea:9b:2e:70:02:26:8b:5d:
50:fc:d0:22:f9:a1:5b:7e:f6:07:d4:4e:69:9d:39:
65:4a:ca:d2:d7:94:57:1d:07:e4:ad:3b:27:08:b3:
30:4e:07:5f:4f:fd:13:75:f4:77:67:51:8e:30:cf:
34:49:24:1e:5c:31:29:1d:e8:67:2f:63:5b:bc:85:
fb:ba:aa:59:7b:a7:5c:fd:be:6f:5a:95:e1:5e:9d:
33:2d:e7:6e:96:a2:e6:23:13:6c:ef:56:ef:4c:0a:
eb:f7:00:c7:e2:40:03:33:f8:5e:a7:02:4a:33:2e:
45:70:46:88:8e:2f:9b:b4:7e:46:8f:9b:90:13:77:
af:72:6c:be:c7:af:87:87:b0:87:73:75:ab:c9:81:
3b:3b:04:b6:55:e1:6e:a1:3c:d9:41:72:9f:61:d8:
b1:fb:36:35:1a:10:69:b4:84:e5:3b:e3:c1:ec:97:
69:1d:1f:74:03:38:51:21:46:1d:32:84:45:25:09:
8f:b1:af:38:6b:8f:ad:d6:34:b7:61:25:15:d2:b7:
18:97:16:84:0e:5c:3f:eb:d5:bb:c7:dd:3b:fc:96:
da:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0B:C9:20:5D:03:AB:C5:A6:04:3A:39:75:8B:C1:55:34:72:B0:80
X509v3 Authority Key Identifier:
keyid:58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/9C3901F4C5F411EB8A6F1525C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.252.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ca:b7:20:a8:70:6a:39:26:e7:84:8f:88:a9:49:0f:6f:30:
5c:ad:34:00:44:ed:62:75:e5:fa:6d:76:c4:36:54:ec:9a:ca:
ba:f4:e7:aa:4d:29:1e:71:c3:ca:48:36:12:b0:2e:7c:5a:97:
32:cb:ca:28:31:7e:4c:6e:44:1f:45:e7:32:00:3a:a2:8d:6f:
a1:7e:03:19:c2:32:29:7f:80:fc:4e:15:ea:74:71:81:c1:aa:
b2:26:d2:2c:20:6b:c3:dc:b3:6d:55:e5:f0:08:14:70:d5:b7:
32:07:10:62:88:6e:d6:9f:5e:a8:cc:de:bf:a4:61:d7:6d:80:
66:e7:2b:2e:78:3d:ae:c4:0c:6c:5c:e2:29:5c:4a:35:df:79:
23:62:74:48:3b:bc:f9:4e:eb:ce:64:72:53:1c:8c:f7:46:45:
01:98:44:66:5a:2c:80:0f:2d:92:5f:15:3f:ce:74:e9:47:79:
9f:c9:f7:e6:d6:7f:6a:61:6b:a6:13:94:37:bc:e7:6a:b0:f7:
2d:dc:1e:91:0f:d0:c7:69:7a:67:00:3e:5e:3a:cb:c7:dc:15:
c6:4b:2e:43:05:72:4e:af:d4:ed:74:e5:ed:18:cb:3f:9f:5a:
a9:f1:a4:61:4d:b0:0a:c0:47:38:29:b8:ee:3a:9c:20:a8:f1:
cd:e3:77:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAzkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDRFQzUxMTAvBgNVBAUTKDU4MDdFNzE1MUQ1QUM3Qjc0QkYyMkM5OTA5MkJEMkU5
MkVBNjA2MjgwHhcNMjIwNzIwMTQxMjEwWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmQ4MGQzYS0xNWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApSmvKmbIXxpLECpTetWpGPUnhfR9PmBZpTghgBd5GGtH0x596psucAImi11Q
/NAi+aFbfvYH1E5pnTllSsrS15RXHQfkrTsnCLMwTgdfT/0TdfR3Z1GOMM80SSQe
XDEpHehnL2NbvIX7uqpZe6dc/b5vWpXhXp0zLedulqLmIxNs71bvTArr9wDH4kAD
M/hepwJKMy5FcEaIji+btH5Gj5uQE3evcmy+x6+Hh7CHc3WryYE7OwS2VeFuoTzZ
QXKfYdix+zY1GhBptITlO+PB7JdpHR90AzhRIUYdMoRFJQmPsa84a4+t1jS3YSUV
0rcYlxaEDlw/69W7x907/JbavQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIoLySBd
A6vFpgQ6OXWLwVU0crCAMB8GA1UdIwQYMBaAFFgH5xUdWse3S/IsmQkr0ukupgYo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEVDNS80MzlFM0MyOEM1
MTExMUVCOTE2NDBDODdDNEY5QUUwMi9XQWZuRlIxYXg3ZEw4aXlaQ1N2UzZTNm1C
aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dBZm5GUjFheDdkTDhpeVpDU3ZTNlM2bUJpZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDRFQzUvNDM5RTNDMjhDNTExMTFFQjkxNjQwQzg3QzRGOUFFMDIvOUMzOTAxRjRD
NUY0MTFFQjhBNkYxNTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpvwwDQYJKoZIhvcNAQELBQADggEBAFbKtyCocGo5JueE
j4ipSQ9vMFytNABE7WJ15fptdsQ2VOyayrr056pNKR5xw8pINhKwLnxalzLLyigx
fkxuRB9F5zIAOqKNb6F+AxnCMil/gPxOFep0cYHBqrIm0iwga8Pcs21V5fAIFHDV
tzIHEGKIbtafXqjM3r+kYddtgGbnKy54Pa7EDGxc4ilcSjXfeSNidEg7vPlO685k
clMcjPdGRQGYRGZaLIAPLZJfFT/OdOlHeZ/J9+bWf2pha6YTlDe852qw9y3cHpEP
0MdpemcAPl46y8fcFcZLLkMFck6v1O105e0Yyz+fWqnxpGFNsArARzgpuO46nCCo
8c3jd7I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org