Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/3F7C72B2142A11EE81123B18C4F9AE02.roa
File: 3F7C72B2142A11EE81123B18C4F9AE02.roa (raw, json)
Hash identifier: YtGDpyZ1vovJyVyTu/TVCBGG28EKCTJscuSn7QwO4oU=
Subject key identifier: DE:4A:FF:3A:70:95:E8:B4:BE:FA:06:26:47:8D:CE:9A:09:C3:87:4B
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: 70
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/3F7C72B2142A11EE81123B18C4F9AE02.roa
Signing time: Mon 26 Jun 2023 14:03:38 +0000
ROA not before: Mon 26 Jun 2023 14:03:38 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 13951
IP address blocks: 103.73.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112 (0x70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Jun 26 14:03:38 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64999aba-9e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3d:3b:b6:33:00:ac:94:39:c0:e6:2c:50:72:
51:67:3c:dd:a9:a7:ab:16:30:e2:ae:58:39:8f:bb:
c7:0f:71:f5:2b:f1:7c:c5:36:47:ba:82:d2:6c:ff:
e0:c0:df:f3:fa:47:de:b7:08:30:6d:ef:38:71:0a:
b0:56:73:c1:4c:ea:11:f7:47:9c:15:23:a5:dd:96:
ef:f5:a5:77:d1:80:c3:9b:0d:f5:ab:2e:d7:d8:72:
a2:f6:e7:f9:58:cf:f4:86:47:84:19:cb:dd:91:76:
c9:5e:57:6e:30:cc:38:50:8b:1d:7b:d2:4c:6c:f4:
41:eb:ad:26:02:34:bb:a2:d9:b6:5a:33:3b:ca:79:
8c:d7:f8:c5:3a:9b:88:3d:e0:bc:39:e0:0f:28:aa:
e0:5a:15:34:e1:b4:29:95:73:d5:08:99:c3:7f:2c:
40:1d:75:94:00:f0:15:03:c9:d6:32:da:be:34:65:
91:02:94:90:0e:62:cc:1a:6d:0f:2d:a0:19:f1:bb:
5f:3a:0f:b2:db:1c:1b:05:8d:c2:a3:9d:1e:67:70:
07:e7:0a:7e:8b:11:77:b9:e0:3f:be:ff:0f:09:a7:
69:ee:e4:ac:f7:8c:16:db:41:5a:a6:70:cf:00:67:
06:1c:55:74:c7:ac:80:08:06:7a:2a:32:f1:2f:96:
02:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4A:FF:3A:70:95:E8:B4:BE:FA:06:26:47:8D:CE:9A:09:C3:87:4B
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/3F7C72B2142A11EE81123B18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.35.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:68:65:47:0f:8d:47:18:dc:de:01:43:03:05:21:a6:52:49:
49:36:12:46:3a:af:da:63:12:af:c5:ca:84:b3:63:5c:07:91:
b2:ad:77:c3:a7:b2:c1:3d:19:a9:0c:e1:1a:1c:d6:12:b4:f9:
44:57:dc:65:a3:bd:8a:b4:14:cc:83:be:fd:e2:7a:c7:66:46:
df:cb:f6:80:0a:82:5b:1b:2c:7e:87:e2:ae:10:0b:4f:a1:66:
25:24:f6:32:fb:b9:70:5d:a2:d7:05:99:59:29:dc:58:c7:39:
17:0d:0d:a2:02:d7:eb:03:e6:57:30:df:ff:97:7f:28:a2:3d:
dc:52:3f:f4:df:55:fe:ab:db:da:2a:b4:65:95:3d:a7:3e:54:
27:ca:be:9b:79:cf:92:a5:02:16:29:4e:d4:2a:2d:c9:3c:1d:
7c:d3:11:49:64:7b:f7:59:fd:73:e3:26:02:00:16:69:44:85:
67:cd:79:8a:e8:40:98:64:09:93:3b:f0:eb:32:7f:50:3e:36:
97:43:f4:c8:b9:39:45:2f:ee:28:d6:71:04:6a:7f:4a:d2:ac:
61:5a:84:75:38:63:fd:e2:cb:4c:bb:4a:1c:1e:d7:c6:be:f5:
98:92:b2:56:31:bf:b5:c4:d7:f1:85:24:d0:bb:54:ea:82:3d:
f8:89:50:a1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RUMwODExMC8GA1UEBRMoRDFCOEU2NzE5NzM1NTkwMjBGODcwM0QxN0RDRDg5MjY5
MkU2NDBBMjAeFw0yMzA2MjYxNDAzMzhaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OTk5YWJhLTllMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAPTu2MwCslDnA5ixQclFnPN2pp6sWMOKuWDmPu8cPcfUr8XzFNke6gtJs/+DA
3/P6R963CDBt7zhxCrBWc8FM6hH3R5wVI6Xdlu/1pXfRgMObDfWrLtfYcqL25/lY
z/SGR4QZy92RdsleV24wzDhQix170kxs9EHrrSYCNLui2bZaMzvKeYzX+MU6m4g9
4Lw54A8oquBaFTThtCmVc9UImcN/LEAddZQA8BUDydYy2r40ZZEClJAOYswabQ8t
oBnxu186D7LbHBsFjcKjnR5ncAfnCn6LEXe54D++/w8Jp2nu5Kz3jBbbQVqmcM8A
ZwYcVXTHrIAIBnoqMvEvlgKPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3kr/OnCV
6LS++gYmR43OmgnDh0swHwYDVR0jBBgwFoAU0bjmcZc1WQIPhwPRfc2JJpLmQKIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRFQzA4LzgxMkEyQzU4N0Qz
QjExRUQ5OEJGOUU0OEM0RjlBRTAyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFL
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMGJqbWNaYzFXUUlQaHdQUmZjMkpKcExtUUtJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RUMwOC84MTJBMkM1ODdEM0IxMUVEOThCRjlFNDhDNEY5QUUwMi8zRjdDNzJCMjE0
MkExMUVFODExMjNCMThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdJIzANBgkqhkiG9w0BAQsFAAOCAQEALWhlRw+NRxjc3gFD
AwUhplJJSTYSRjqv2mMSr8XKhLNjXAeRsq13w6eywT0ZqQzhGhzWErT5RFfcZaO9
irQUzIO+/eJ6x2ZG38v2gAqCWxssfofirhALT6FmJST2Mvu5cF2i1wWZWSncWMc5
Fw0NogLX6wPmVzDf/5d/KKI93FI/9N9V/qvb2iq0ZZU9pz5UJ8q+m3nPkqUCFilO
1CotyTwdfNMRSWR791n9c+MmAgAWaUSFZ815iuhAmGQJkzvw6zJ/UD42l0P0yLk5
RS/uKNZxBGp/StKsYVqEdThj/eLLTLtKHB7Xxr71mJKyVjG/tcTX8YUk0LtU6oI9
+IlQoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org