Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/42B2FED482DE11ED8CD57B4CC4F9AE02.roa
File: 42B2FED482DE11ED8CD57B4CC4F9AE02.roa (raw, json)
Hash identifier: euZ++946eur4+VCnE48ySIOUro6jp2vyI9frb3HkJDI=
Subject key identifier: 01:80:B5:E5:BC:2F:DB:CE:34:0D:26:91:76:CB:E1:4B:B4:60:BB:50
Certificate issuer: /CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Certificate serial: 5C
Authority key identifier: 74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/42B2FED482DE11ED8CD57B4CC4F9AE02.roa
Signing time: Fri 23 Dec 2022 16:24:23 +0000
ROA not before: Fri 23 Dec 2022 16:24:23 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138998
IP address blocks: 103.7.4.0/24 maxlen: 24
2400:ac20::/32 maxlen: 32
2400:ac20:1000::/36 maxlen: 36
2400:ac20:1000::/40 maxlen: 40
2400:ac20:1001::/48 maxlen: 48
2400:ac20:1002::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92 (0x5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Validity
Not Before: Dec 23 16:24:23 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63a5d637-f9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7a:46:9f:00:16:b0:98:d0:74:ad:4c:fd:98:
38:7f:7f:96:ab:a9:5e:d8:ab:4e:5a:73:9f:cf:f0:
e4:8d:4c:10:2e:bf:38:52:c9:44:03:87:fb:4f:cb:
f4:70:0d:71:18:3f:83:92:62:74:c7:08:6d:da:75:
3a:30:e8:de:35:19:9e:82:b1:be:95:41:cd:cc:35:
05:7e:75:1c:5c:36:73:67:3f:ce:32:ce:da:bd:0a:
f8:fe:55:9a:75:7e:73:b3:da:a0:8c:14:1a:3c:9f:
c7:fe:56:9a:6b:53:70:88:d9:92:04:97:6b:91:47:
ba:2c:bb:45:93:9e:43:0c:48:28:ee:6a:a6:86:00:
82:85:27:19:cd:a5:a1:9d:ba:13:61:f9:51:36:76:
bb:02:6e:49:3a:e0:b1:07:f1:24:15:e4:d4:c1:dd:
1f:3f:71:5e:f5:e5:ee:e9:87:d9:c1:61:3f:82:98:
af:1e:3c:d0:01:66:d2:ae:15:f5:6f:c4:c6:1f:0f:
0a:21:b5:35:2e:a4:5a:fe:ca:17:43:12:5a:49:51:
77:8e:e2:44:11:1b:52:d7:de:38:74:05:7e:13:31:
7f:d4:c0:2b:f2:8f:c2:88:a2:e1:50:e1:b2:07:30:
5e:dc:2f:23:aa:4e:16:b1:94:dc:36:52:33:0f:d6:
b7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:80:B5:E5:BC:2F:DB:CE:34:0D:26:91:76:CB:E1:4B:B4:60:BB:50
X509v3 Authority Key Identifier:
keyid:74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/dK62Py8dqVfWWCCWT_ed8PWTgAw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/42B2FED482DE11ED8CD57B4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.4.0/24
IPv6:
2400:ac20::/32
Signature Algorithm: sha256WithRSAEncryption
75:31:b6:48:61:c1:45:76:01:28:a8:00:0f:e5:ed:ff:2f:a1:
a8:e1:50:11:79:57:aa:c8:18:64:96:33:d7:95:ae:08:93:67:
af:2a:20:9e:37:ef:d2:90:d0:12:be:0e:57:dc:aa:02:bb:5e:
eb:cc:88:e2:2a:e8:44:e6:df:f9:f9:f2:09:e0:e1:82:41:92:
2d:b6:d7:2e:ba:fc:22:05:34:6c:cc:ef:d7:0c:26:bb:07:ef:
40:2e:42:40:72:da:02:5b:37:77:3d:db:e7:7a:4a:c5:e3:21:
60:28:50:1c:db:ed:e3:72:16:ca:91:d2:ae:84:36:b8:5f:6a:
a4:e6:54:8b:d3:48:45:7a:e3:d3:ad:64:42:a1:84:dd:87:75:
29:7d:67:e1:c1:2e:84:74:b0:0e:b6:10:fa:8a:8f:c5:bd:dd:
ac:18:68:4d:d4:18:78:60:e9:de:b0:79:89:bc:22:76:d2:5e:
b5:07:a1:83:6b:50:78:e2:6d:63:45:ec:a2:79:35:ed:44:b6:
71:c5:3d:20:80:62:e9:5b:16:7f:2e:2f:25:f3:eb:e4:f8:20:
99:56:db:cb:22:d6:f6:2c:4b:b1:97:85:80:a3:19:c2:d2:cb:
8d:fc:0d:58:a2:50:94:98:42:8c:6d:a9:a4:ce:44:5b:7c:fb:
ab:36:e8:b1
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NjYxQzExMC8GA1UEBRMoNzRBRUI2M0YyRjFEQTk1N0Q2NTgyMDk2NEZGNzlERjBG
NTkzODAwQzAeFw0yMjEyMjMxNjI0MjNaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYTVkNjM3LWY5ZGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZekafABawmNB0rUz9mDh/f5arqV7Yq05ac5/P8OSNTBAuvzhSyUQDh/tPy/Rw
DXEYP4OSYnTHCG3adTow6N41GZ6Csb6VQc3MNQV+dRxcNnNnP84yztq9Cvj+VZp1
fnOz2qCMFBo8n8f+VpprU3CI2ZIEl2uRR7osu0WTnkMMSCjuaqaGAIKFJxnNpaGd
uhNh+VE2drsCbkk64LEH8SQV5NTB3R8/cV715e7ph9nBYT+CmK8ePNABZtKuFfVv
xMYfDwohtTUupFr+yhdDElpJUXeO4kQRG1LX3jh0BX4TMX/UwCvyj8KIouFQ4bIH
MF7cLyOqThaxlNw2UjMP1re3AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUAYC15bwv
2840DSaRdsvhS7Rgu1AwHwYDVR0jBBgwFoAUdK62Py8dqVfWWCCWT/ed8PWTgAww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2NjFDLzc3MENCRTI0MzZB
NjExRUQ4RkMxNzAyQ0M0RjlBRTAyL2RLNjJQeThkcVZmV1dDQ1dUX2VkOFBXVGdB
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZEs2MlB5OGRxVmZXV0NDV1RfZWQ4UFdUZ0F3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NjYxQy83NzBDQkUyNDM2QTYxMUVEOEZDMTcwMkNDNEY5QUUwMi80MkIyRkVENDgy
REUxMUVEOENENTdCNENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAGcHBDANBAIAAjAHAwUAJACsIDANBgkqhkiG9w0BAQsFAAOC
AQEAdTG2SGHBRXYBKKgAD+Xt/y+hqOFQEXlXqsgYZJYz15WuCJNnryognjfv0pDQ
Er4OV9yqArte68yI4iroRObf+fnyCeDhgkGSLbbXLrr8IgU0bMzv1wwmuwfvQC5C
QHLaAls3dz3b53pKxeMhYChQHNvt43IWypHSroQ2uF9qpOZUi9NIRXrj061kQqGE
3Yd1KX1n4cEuhHSwDrYQ+oqPxb3drBhoTdQYeGDp3rB5ibwidtJetQehg2tQeOJt
Y0Xsonk17US2ccU9IIBi6VsWfy4vJfPr5PggmVbbyyLW9ixLsZeFgKMZwtLLjfwN
WKJQlJhCjG2ppM5EW3z7qzbosQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org