Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/8478B84E81CC11ED8CD65045C4F9AE02.roa
File: 8478B84E81CC11ED8CD65045C4F9AE02.roa (raw, json)
Hash identifier: F3sEHlZVL1LV9FHkOmhI+R68PYt1mYc5gvxRvMyL4n4=
Subject key identifier: 35:CF:E2:B2:3F:99:42:60:A5:6C:0B:3F:91:63:07:16:ED:A1:D8:8A
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: 1D
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/8478B84E81CC11ED8CD65045C4F9AE02.roa
Signing time: Wed 01 Feb 2023 06:55:58 +0000
ROA not before: Wed 01 Feb 2023 06:55:58 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 134475
IP address blocks: 103.73.34.0/24 maxlen: 24
103.73.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Feb 1 06:55:58 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63da0cfd-f655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7c:b8:d6:92:f6:23:5a:02:ad:4b:c5:bd:83:
ce:83:93:9f:c1:c1:8b:3f:63:98:f2:24:c0:ec:a2:
e7:42:52:c9:37:6a:9f:74:98:ae:3c:51:6b:33:74:
a0:04:b7:49:35:91:32:51:4e:96:06:fa:49:e5:3c:
9a:c6:1c:5f:c1:8d:7e:3d:8f:f0:d1:78:4e:38:26:
47:e4:9e:dc:83:bf:d5:3e:27:56:be:c2:87:0a:97:
8b:61:43:6b:e6:b7:e5:11:11:5a:65:5a:2f:d6:e4:
75:3d:14:13:56:af:53:83:11:25:72:1a:6d:10:d1:
b6:4e:92:e2:cd:16:91:ab:d3:9b:2b:16:92:7a:9e:
b6:67:f8:11:58:cf:2d:b9:28:f0:fe:4c:c3:6c:07:
82:d1:56:92:ab:8e:80:62:f9:ce:ef:e2:e2:3f:37:
4d:41:f5:94:c2:6a:6f:9e:77:d8:92:a8:c2:7d:36:
7d:ce:69:87:a9:d5:86:93:9d:95:07:49:ff:6a:09:
59:b9:11:5e:08:10:ce:fa:ad:ce:a8:cd:db:97:50:
bb:74:39:ff:67:7a:d8:61:e9:a6:a7:40:0d:cc:a1:
72:ff:8b:d0:24:1e:23:dd:2d:34:d4:73:83:14:91:
e2:b3:f5:3c:09:30:d8:b6:02:50:58:0e:00:84:c1:
e2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CF:E2:B2:3F:99:42:60:A5:6C:0B:3F:91:63:07:16:ED:A1:D8:8A
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/8478B84E81CC11ED8CD65045C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.34.0/23
Signature Algorithm: sha256WithRSAEncryption
46:06:4b:da:c6:3e:30:d1:84:08:7c:e2:71:37:0b:22:50:43:
08:76:27:1c:0f:14:47:e2:21:3a:1c:18:04:48:8c:71:76:4a:
30:f7:6d:81:bb:d2:99:d0:e0:65:9b:bd:08:9e:0a:38:4b:99:
af:96:c3:ef:f4:8b:47:6f:fd:02:44:07:53:91:be:44:8f:f2:
8d:da:55:f0:d9:b5:62:ba:69:28:9b:58:66:5b:a1:ff:bc:98:
2f:9a:24:ca:88:ba:93:15:2e:39:e5:03:76:0a:ab:f6:ce:82:
1b:9c:3d:ab:49:da:70:15:d2:82:09:38:cf:68:28:41:ed:93:
8f:c1:09:6f:93:6f:69:61:da:d8:4e:c8:68:4a:12:51:00:e2:
6d:c4:a8:1f:bb:d7:0d:75:47:b4:bb:0f:d6:a5:11:fb:c8:e0:
9d:db:42:b5:59:79:2c:8a:85:be:d2:76:48:fc:bd:e7:7d:7e:
8c:a5:3d:20:2c:e2:86:56:d7:5c:cb:f7:48:93:82:d3:b6:f2:
a0:b3:68:df:49:1c:de:32:9e:f3:16:e3:25:a4:d2:94:2c:e1:
5f:78:12:95:f5:cd:77:f9:37:57:3f:a9:4e:16:c4:38:1e:7b:
d4:1f:71:6d:d3:62:50:23:c4:1f:70:66:a0:8f:46:9a:24:24:
34:9b:b8:72
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RUMwODExMC8GA1UEBRMoRDFCOEU2NzE5NzM1NTkwMjBGODcwM0QxN0RDRDg5MjY5
MkU2NDBBMjAeFw0yMzAyMDEwNjU1NThaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZGEwY2ZkLWY2NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8fLjWkvYjWgKtS8W9g86Dk5/BwYs/Y5jyJMDsoudCUsk3ap90mK48UWszdKAE
t0k1kTJRTpYG+knlPJrGHF/BjX49j/DReE44JkfkntyDv9U+J1a+wocKl4thQ2vm
t+UREVplWi/W5HU9FBNWr1ODESVyGm0Q0bZOkuLNFpGr05srFpJ6nrZn+BFYzy25
KPD+TMNsB4LRVpKrjoBi+c7v4uI/N01B9ZTCam+ed9iSqMJ9Nn3OaYep1YaTnZUH
Sf9qCVm5EV4IEM76rc6ozduXULt0Of9nethh6aanQA3MoXL/i9AkHiPdLTTUc4MU
keKz9TwJMNi2AlBYDgCEweI1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNc/isj+Z
QmClbAs/kWMHFu2h2IowHwYDVR0jBBgwFoAU0bjmcZc1WQIPhwPRfc2JJpLmQKIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRFQzA4LzgxMkEyQzU4N0Qz
QjExRUQ5OEJGOUU0OEM0RjlBRTAyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFL
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMGJqbWNaYzFXUUlQaHdQUmZjMkpKcExtUUtJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RUMwOC84MTJBMkM1ODdEM0IxMUVEOThCRjlFNDhDNEY5QUUwMi84NDc4Qjg0RTgx
Q0MxMUVEOENENjUwNDVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdJIjANBgkqhkiG9w0BAQsFAAOCAQEARgZL2sY+MNGECHzi
cTcLIlBDCHYnHA8UR+IhOhwYBEiMcXZKMPdtgbvSmdDgZZu9CJ4KOEuZr5bD7/SL
R2/9AkQHU5G+RI/yjdpV8Nm1YrppKJtYZluh/7yYL5okyoi6kxUuOeUDdgqr9s6C
G5w9q0nacBXSggk4z2goQe2Tj8EJb5NvaWHa2E7IaEoSUQDibcSoH7vXDXVHtLsP
1qUR+8jgndtCtVl5LIqFvtJ2SPy9531+jKU9ICzihlbXXMv3SJOC07byoLNo30kc
3jKe8xbjJaTSlCzhX3gSlfXNd/k3Vz+pThbEOB571B9xbdNiUCPEH3BmoI9GmiQk
NJu4cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:59 2024 by rpki-client on console-ams.rpki-client.org