Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914AD92/330D08E0AE9E11EC9E483D73C4F9AE02/AFBD773E45FC11EEACF55E79C4F9AE02.roa
File: AFBD773E45FC11EEACF55E79C4F9AE02.roa (raw, json)
Hash identifier: MIB6LOnfgtsCgFKIggNmvlUHJclRQIapW8MUN34I+AU=
Subject key identifier: 66:C6:E0:84:0E:8B:07:D4:70:3B:AF:C6:F1:DE:EC:16:B5:00:03:0E
Certificate issuer: /CN=A914AD92/serialNumber=EAEE59BA6A7C7049058C56597CC745C61EC5A0A9
Certificate serial: 05
Authority key identifier: EA:EE:59:BA:6A:7C:70:49:05:8C:56:59:7C:C7:45:C6:1E:C5:A0:A9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6u5Zump8cEkFjFZZfMdFxh7FoKk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914AD92/330D08E0AE9E11EC9E483D73C4F9AE02/AFBD773E45FC11EEACF55E79C4F9AE02.roa
Signing time: Tue 29 Aug 2023 19:09:32 +0000
ROA not before: Tue 29 Aug 2023 19:09:32 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 149653
IP address blocks: 103.184.172.0/23 maxlen: 23
103.184.172.0/24 maxlen: 24
103.184.173.0/24 maxlen: 24
2001:df0:9240::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914AD92/serialNumber=EAEE59BA6A7C7049058C56597CC745C61EC5A0A9
Validity
Not Before: Aug 29 19:09:32 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64ee426c-8ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:22:87:fc:36:be:e2:ef:89:de:98:31:65:
35:9e:65:03:5a:11:5c:3d:4b:ea:73:ec:0e:65:08:
50:ff:05:7e:24:85:6d:9a:66:39:c9:64:7a:19:78:
60:1d:0a:27:18:62:86:05:83:eb:aa:4f:9e:22:fc:
b7:42:6e:07:83:ed:30:84:b6:f5:c6:42:7a:d6:9a:
26:ac:75:ef:20:da:2e:34:9d:86:71:6c:df:6e:ed:
19:c7:0d:55:40:49:71:56:b5:ba:e2:7a:b0:f3:98:
a6:66:9e:16:d4:52:e4:9d:b4:39:93:b6:93:e3:13:
af:9b:74:4c:27:14:1a:5f:72:81:ad:8c:48:84:af:
99:89:1e:2c:6a:ee:62:a6:47:35:13:f4:94:2a:a8:
14:cc:31:3b:4d:1a:e2:c0:33:78:a4:95:4d:9b:cc:
85:34:9f:7c:4d:7d:c3:46:87:c8:ff:bf:73:0d:2a:
7c:ed:b3:08:13:4a:64:e7:f7:ff:e2:f1:df:fd:c1:
7e:9b:ea:da:fe:ed:47:92:f3:3b:9f:94:10:6b:a2:
52:58:4a:de:86:45:bd:31:4b:0e:5d:25:ea:2e:3e:
9b:a1:52:a9:3a:62:0e:d6:09:21:ab:e8:42:28:e5:
d9:32:d0:8c:af:b9:12:da:16:6f:96:57:9a:a0:96:
d5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C6:E0:84:0E:8B:07:D4:70:3B:AF:C6:F1:DE:EC:16:B5:00:03:0E
X509v3 Authority Key Identifier:
keyid:EA:EE:59:BA:6A:7C:70:49:05:8C:56:59:7C:C7:45:C6:1E:C5:A0:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914AD92/330D08E0AE9E11EC9E483D73C4F9AE02/6u5Zump8cEkFjFZZfMdFxh7FoKk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6u5Zump8cEkFjFZZfMdFxh7FoKk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AD92/330D08E0AE9E11EC9E483D73C4F9AE02/AFBD773E45FC11EEACF55E79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.184.172.0/23
IPv6:
2001:df0:9240::/48
Signature Algorithm: sha256WithRSAEncryption
2e:35:14:73:82:c1:00:c9:2a:8e:c9:0d:9f:ee:0d:32:e8:d4:
85:1b:db:cb:4b:cb:9c:95:20:c9:f6:bd:f0:b0:12:29:42:77:
07:a3:9e:dd:41:fc:c2:2e:84:70:9f:d6:df:ba:db:89:cd:6d:
ee:17:88:b2:e7:89:ce:bf:0a:3e:f3:84:ec:ab:4f:7a:1b:78:
bd:c4:64:b4:db:fd:70:95:02:5e:82:7e:a8:9d:07:ba:50:f2:
30:14:fa:e7:5e:07:e5:10:c7:df:5a:a2:b1:68:0b:4a:c7:38:
9a:e3:46:18:46:8c:f3:dd:f8:c8:d8:fc:39:8a:6a:e6:3e:51:
13:9c:14:fd:8e:ee:16:af:8f:1e:5d:01:a0:80:68:9c:1d:ac:
ed:41:53:5d:91:c4:17:ca:0e:00:23:a2:ca:49:09:43:86:b1:
3a:ce:16:60:05:7d:93:53:b2:66:f8:b6:09:54:a5:a9:16:0e:
03:92:83:ee:f4:58:aa:da:6e:99:c9:8d:7c:57:ac:b1:7e:03:
5e:47:4a:cd:f1:2a:99:7d:80:ec:ac:f6:19:e0:cf:01:b3:f0:
1c:fc:a1:29:74:56:db:42:a1:be:e1:62:8b:d7:1f:01:b1:ee:
61:3a:be:5c:c7:eb:e5:61:bf:ee:3c:f3:d6:67:c2:4f:ee:01:
8e:f5:7e:9e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QUQ5MjExMC8GA1UEBRMoRUFFRTU5QkE2QTdDNzA0OTA1OEM1NjU5N0NDNzQ1QzYx
RUM1QTBBOTAeFw0yMzA4MjkxOTA5MzJaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZWU0MjZjLThiYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC61CKH/Da+4u+J3pgxZTWeZQNaEVw9S+pz7A5lCFD/BX4khW2aZjnJZHoZeGAd
CicYYoYFg+uqT54i/LdCbgeD7TCEtvXGQnrWmiasde8g2i40nYZxbN9u7RnHDVVA
SXFWtbrierDzmKZmnhbUUuSdtDmTtpPjE6+bdEwnFBpfcoGtjEiEr5mJHixq7mKm
RzUT9JQqqBTMMTtNGuLAM3iklU2bzIU0n3xNfcNGh8j/v3MNKnztswgTSmTn9//i
8d/9wX6b6tr+7UeS8zuflBBrolJYSt6GRb0xSw5dJeouPpuhUqk6Yg7WCSGr6EIo
5dky0IyvuRLaFm+WV5qgltWpAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUZsbghA6L
B9RwO6/G8d7sFrUAAw4wHwYDVR0jBBgwFoAU6u5Zump8cEkFjFZZfMdFxh7FoKkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRBRDkyLzMzMEQwOEUwQUU5
RTExRUM5RTQ4M0Q3M0M0RjlBRTAyLzZ1NVp1bXA4Y0VrRmpGWlpmTWRGeGg3Rm9L
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNnU1WnVtcDhjRWtGakZaWmZNZEZ4aDdGb0trLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QUQ5Mi8zMzBEMDhFMEFFOUUxMUVDOUU0ODNENzNDNEY5QUUwMi9BRkJENzczRTQ1
RkMxMUVFQUNGNTVFNzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe4rDAPBAIAAjAJAwcAIAEN8JJAMA0GCSqGSIb3DQEBCwUA
A4IBAQAuNRRzgsEAySqOyQ2f7g0y6NSFG9vLS8uclSDJ9r3wsBIpQncHo57dQfzC
LoRwn9bfutuJzW3uF4iy54nOvwo+84Tsq096G3i9xGS02/1wlQJegn6onQe6UPIw
FPrnXgflEMffWqKxaAtKxzia40YYRozz3fjI2Pw5imrmPlETnBT9ju4Wr48eXQGg
gGicHaztQVNdkcQXyg4AI6LKSQlDhrE6zhZgBX2TU7Jm+LYJVKWpFg4DkoPu9Fiq
2m6ZyY18V6yxfgNeR0rN8SqZfYDsrPYZ4M8Bs/Ac/KEpdFbbQqG+4WKL1x8Bse5h
Or5cx+vlYb/uPPPWZ8JP7gGO9X6e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org