Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/1B798A48509511EDB71A4D62C4F9AE02.roa
File: 1B798A48509511EDB71A4D62C4F9AE02.roa (raw, json)
Hash identifier: 0gULI1x6sTK/D76lskdRGw9bpyYYcnELp7EnavRF9u8=
Subject key identifier: DF:05:BC:0D:E2:14:04:EC:DD:58:E5:1A:25:E0:07:96:6A:18:95:D0
Certificate issuer: /CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Certificate serial: 37
Authority key identifier: 74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/1B798A48509511EDB71A4D62C4F9AE02.roa
Signing time: Thu 20 Oct 2022 16:54:26 +0000
ROA not before: Thu 20 Oct 2022 16:54:26 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138998
IP address blocks: 103.7.4.0/24 maxlen: 24
2400:ac20::/32 maxlen: 32
2400:ac20:1000::/36 maxlen: 36
2400:ac20:1000::/40 maxlen: 40
2400:ac20:1001::/48 maxlen: 48
2400:ac20:1002::/48 maxlen: 48
2400:ac20:2000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55 (0x37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Validity
Not Before: Oct 20 16:54:26 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63517d42-356a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8c:f5:e0:f0:b9:18:5a:0b:b8:60:58:fa:bd:
07:59:82:66:d9:9d:79:b5:48:cd:94:22:d2:d5:f3:
5e:04:5c:72:8d:56:c2:15:64:8d:46:fc:c4:2c:a4:
ca:d2:2f:c9:ba:3c:47:c6:9a:aa:e0:22:46:02:35:
ed:ab:e9:5b:b1:95:d1:d2:d7:b2:07:1c:64:c9:48:
4b:3c:07:1a:5e:15:cf:7a:88:f0:6c:3a:1b:72:b5:
2c:f5:15:c3:38:a9:ea:9d:ea:c8:d4:c8:1a:9c:12:
28:fe:41:34:bf:8a:a7:6f:4d:fd:f8:52:64:47:75:
9a:0a:61:c6:46:f0:47:81:e0:36:f8:56:39:c5:01:
1a:90:dd:b7:31:20:40:11:bc:7d:49:8c:dd:99:e5:
36:df:9d:24:ab:52:a0:2b:97:15:1c:c1:31:1e:0f:
1d:99:73:67:65:74:c3:af:11:75:f9:a2:6c:78:bd:
fc:00:fc:f4:de:22:c0:b8:f2:aa:09:85:dd:a2:4e:
a4:ba:c4:af:b0:25:61:30:6e:23:12:78:7d:68:a6:
cd:3d:35:85:2b:c3:73:28:f4:15:c9:45:79:fb:ea:
fb:46:06:b9:34:7f:12:c6:51:d0:14:d3:d3:0a:ab:
4d:a4:ff:aa:ec:cb:80:3d:60:b9:62:c3:e4:79:9a:
12:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:05:BC:0D:E2:14:04:EC:DD:58:E5:1A:25:E0:07:96:6A:18:95:D0
X509v3 Authority Key Identifier:
keyid:74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/dK62Py8dqVfWWCCWT_ed8PWTgAw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/1B798A48509511EDB71A4D62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.4.0/24
IPv6:
2400:ac20::/32
Signature Algorithm: sha256WithRSAEncryption
44:8d:ae:6e:14:cb:f1:15:69:2d:b6:16:cd:6c:67:5d:28:37:
ae:23:27:54:79:fd:9a:cf:bd:c9:d4:58:cd:cc:1c:0a:c9:d7:
56:5b:99:3d:14:0a:6a:81:8f:ae:78:fb:2d:f6:cb:cd:17:2c:
02:83:57:47:ff:3b:46:df:0b:fd:b1:c4:a4:fb:8c:28:8f:14:
21:e8:01:bd:8c:98:38:15:d2:be:5e:e3:d8:97:e7:0d:fd:ce:
5a:a6:a8:1d:b3:72:96:f0:bc:17:b3:74:47:0c:cf:0f:d2:cb:
c8:6a:cc:74:b9:9c:34:2c:69:04:5f:97:56:6d:6f:d0:25:56:
d0:9d:21:a1:1a:84:a5:07:e2:57:ce:0a:02:e5:7b:21:91:ef:
27:62:3d:37:04:d2:f6:77:4e:99:9f:75:76:2f:51:3f:be:f9:
f8:11:81:31:d1:d1:1b:18:4a:8f:08:cb:55:cf:17:65:ce:e1:
c0:12:d5:3e:eb:a8:5c:44:6d:dc:85:f7:52:52:3e:d1:4c:e1:
86:08:28:41:bf:ec:24:5a:8a:34:91:55:f3:f0:23:20:05:41:
f5:dd:08:d8:0c:35:63:cf:32:02:84:99:fd:ba:37:95:55:55:
a8:7e:43:6e:ce:46:d0:7f:e9:86:7a:72:b6:d4:84:96:97:d4:
d6:af:f7:42
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NjYxQzExMC8GA1UEBRMoNzRBRUI2M0YyRjFEQTk1N0Q2NTgyMDk2NEZGNzlERjBG
NTkzODAwQzAeFw0yMjEwMjAxNjU0MjZaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNTE3ZDQyLTM1NmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0jPXg8LkYWgu4YFj6vQdZgmbZnXm1SM2UItLV814EXHKNVsIVZI1G/MQspMrS
L8m6PEfGmqrgIkYCNe2r6VuxldHS17IHHGTJSEs8BxpeFc96iPBsOhtytSz1FcM4
qeqd6sjUyBqcEij+QTS/iqdvTf34UmRHdZoKYcZG8EeB4Db4VjnFARqQ3bcxIEAR
vH1JjN2Z5TbfnSSrUqArlxUcwTEeDx2Zc2dldMOvEXX5omx4vfwA/PTeIsC48qoJ
hd2iTqS6xK+wJWEwbiMSeH1ops09NYUrw3Mo9BXJRXn76vtGBrk0fxLGUdAU09MK
q02k/6rsy4A9YLliw+R5mhLtAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU3wW8DeIU
BOzdWOUaJeAHlmoYldAwHwYDVR0jBBgwFoAUdK62Py8dqVfWWCCWT/ed8PWTgAww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2NjFDLzc3MENCRTI0MzZB
NjExRUQ4RkMxNzAyQ0M0RjlBRTAyL2RLNjJQeThkcVZmV1dDQ1dUX2VkOFBXVGdB
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZEs2MlB5OGRxVmZXV0NDV1RfZWQ4UFdUZ0F3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NjYxQy83NzBDQkUyNDM2QTYxMUVEOEZDMTcwMkNDNEY5QUUwMi8xQjc5OEE0ODUw
OTUxMUVEQjcxQTRENjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAGcHBDANBAIAAjAHAwUAJACsIDANBgkqhkiG9w0BAQsFAAOC
AQEARI2ubhTL8RVpLbYWzWxnXSg3riMnVHn9ms+9ydRYzcwcCsnXVluZPRQKaoGP
rnj7LfbLzRcsAoNXR/87Rt8L/bHEpPuMKI8UIegBvYyYOBXSvl7j2JfnDf3OWqao
HbNylvC8F7N0RwzPD9LLyGrMdLmcNCxpBF+XVm1v0CVW0J0hoRqEpQfiV84KAuV7
IZHvJ2I9NwTS9ndOmZ91di9RP775+BGBMdHRGxhKjwjLVc8XZc7hwBLVPuuoXERt
3IX3UlI+0UzhhggoQb/sJFqKNJFV8/AjIAVB9d0I2Aw1Y88yAoSZ/bo3lVVVqH5D
bs5G0H/phnpyttSElpfU1q/3Qg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org