Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/C12CF03EA6CA11EDA470305DC4F9AE02.roa
File: C12CF03EA6CA11EDA470305DC4F9AE02.roa (raw, json)
Hash identifier: o19zZTDCNwCNTxuVOydD8unFtASCPGw+Zji7J6zm6+I=
Subject key identifier: 24:7C:9C:F7:0D:FE:BB:3B:4D:D8:29:DD:0E:2B:79:1E:FE:AD:4B:81
Certificate issuer: /CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Certificate serial: 30
Authority key identifier: D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/C12CF03EA6CA11EDA470305DC4F9AE02.roa
Signing time: Wed 01 Mar 2023 11:35:40 +0000
ROA not before: Wed 01 Mar 2023 11:35:40 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 134475
IP address blocks: 103.73.34.0/24 maxlen: 24
103.73.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48 (0x30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EC08/serialNumber=D1B8E671973559020F8703D17DCD892692E640A2
Validity
Not Before: Mar 1 11:35:40 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63ff388b-c59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7e:50:60:2d:de:65:0b:18:3c:3d:d4:4f:5d:
0a:cf:0d:56:6e:25:f6:dc:76:63:94:e1:f4:5b:a9:
6e:f7:07:0d:c1:6e:2e:f4:9b:8a:e6:96:2d:42:07:
36:00:13:c6:a9:65:70:00:d3:77:b9:11:3c:1c:de:
38:ac:fb:62:0e:ef:f5:9f:24:ac:86:23:a5:9c:3e:
d0:3a:99:e4:d0:42:53:80:67:02:54:b2:0a:54:c5:
cc:8d:83:fe:b6:4b:e8:4a:b9:fe:45:38:4a:3b:82:
1e:59:cf:a9:d0:2a:fe:73:51:41:f4:36:18:10:20:
ee:22:f3:4b:98:e7:06:cb:db:50:ae:db:e5:9b:39:
64:8f:77:07:78:91:c8:70:b2:99:2e:cd:0b:31:07:
34:6c:85:e7:14:f8:b2:fe:f1:49:2f:b3:5a:ef:88:
b1:81:9f:be:3d:77:a1:ef:ae:6d:9f:7a:a0:59:34:
e7:8f:87:5c:90:93:86:c0:dc:40:87:64:de:9b:c9:
5d:85:ad:da:c5:7f:ad:5a:4f:e7:af:1e:5f:24:19:
86:d8:c3:52:6e:e3:68:a9:b6:17:9f:a9:5b:d2:76:
59:db:39:ef:04:3f:00:ef:a7:ba:bf:bf:20:0d:a9:
9d:23:c2:6f:c0:a1:2b:0c:97:eb:ea:6b:fc:68:8c:
73:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7C:9C:F7:0D:FE:BB:3B:4D:D8:29:DD:0E:2B:79:1E:FE:AD:4B:81
X509v3 Authority Key Identifier:
keyid:D1:B8:E6:71:97:35:59:02:0F:87:03:D1:7D:CD:89:26:92:E6:40:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/0bjmcZc1WQIPhwPRfc2JJpLmQKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0bjmcZc1WQIPhwPRfc2JJpLmQKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EC08/812A2C587D3B11ED98BF9E48C4F9AE02/C12CF03EA6CA11EDA470305DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.34.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:90:50:fa:b8:29:89:4e:4b:29:2e:95:de:7d:78:8c:a8:67:
27:ad:ef:1b:94:99:e4:40:e1:1d:42:86:bd:b7:9a:45:a8:21:
2c:bc:fe:fb:db:b0:0c:e7:27:54:d9:17:65:78:63:90:7a:73:
33:c3:d6:69:62:ca:6d:14:fd:3f:14:5f:94:c8:d2:7c:49:7f:
eb:6f:f5:b4:50:f9:61:b8:af:9b:23:35:84:6e:31:87:fe:6d:
bd:eb:69:89:bb:02:02:55:db:11:8d:dc:9e:60:94:40:9f:8c:
1e:be:f4:83:79:0a:d3:29:6a:52:fd:26:73:52:c4:e6:34:e8:
83:3f:66:ac:0f:a4:7e:56:2f:4d:6b:8c:34:8e:2b:2a:5d:4c:
3a:a6:aa:2e:a1:97:ba:07:84:8e:60:41:9b:9f:21:d8:05:c2:
94:d2:34:58:ff:cb:ae:2b:f1:c2:03:85:20:b0:71:bf:27:03:
6c:8c:67:e7:f4:5d:bf:32:f4:7d:8f:0e:cf:04:fb:93:c8:ab:
4a:22:58:da:6f:81:72:4c:ec:c0:8c:e4:b6:e9:7c:7a:3b:0f:
8e:6d:3c:9e:7b:ce:95:db:8f:6f:6c:14:3e:4f:33:a1:dc:c4:
25:e0:9d:a4:84:55:79:12:7f:b0:eb:2e:db:17:ba:52:fc:66:
24:df:1d:ab
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBMDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RUMwODExMC8GA1UEBRMoRDFCOEU2NzE5NzM1NTkwMjBGODcwM0QxN0RDRDg5MjY5
MkU2NDBBMjAeFw0yMzAzMDExMTM1NDBaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZmYzODhiLWM1OWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsflBgLd5lCxg8PdRPXQrPDVZuJfbcdmOU4fRbqW73Bw3Bbi70m4rmli1CBzYA
E8apZXAA03e5ETwc3jis+2IO7/WfJKyGI6WcPtA6meTQQlOAZwJUsgpUxcyNg/62
S+hKuf5FOEo7gh5Zz6nQKv5zUUH0NhgQIO4i80uY5wbL21Cu2+WbOWSPdwd4kchw
spkuzQsxBzRshecU+LL+8Ukvs1rviLGBn749d6Hvrm2feqBZNOePh1yQk4bA3ECH
ZN6byV2FrdrFf61aT+evHl8kGYbYw1Ju42ipthefqVvSdlnbOe8EPwDvp7q/vyAN
qZ0jwm/AoSsMl+vqa/xojHO/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJHyc9w3+
uztN2CndDit5Hv6tS4EwHwYDVR0jBBgwFoAU0bjmcZc1WQIPhwPRfc2JJpLmQKIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRFQzA4LzgxMkEyQzU4N0Qz
QjExRUQ5OEJGOUU0OEM0RjlBRTAyLzBiam1jWmMxV1FJUGh3UFJmYzJKSnBMbVFL
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMGJqbWNaYzFXUUlQaHdQUmZjMkpKcExtUUtJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RUMwOC84MTJBMkM1ODdEM0IxMUVEOThCRjlFNDhDNEY5QUUwMi9DMTJDRjAzRUE2
Q0ExMUVEQTQ3MDMwNURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdJIjANBgkqhkiG9w0BAQsFAAOCAQEAX5BQ+rgpiU5LKS6V
3n14jKhnJ63vG5SZ5EDhHUKGvbeaRaghLLz++9uwDOcnVNkXZXhjkHpzM8PWaWLK
bRT9PxRflMjSfEl/62/1tFD5YbivmyM1hG4xh/5tvetpibsCAlXbEY3cnmCUQJ+M
Hr70g3kK0ylqUv0mc1LE5jTogz9mrA+kflYvTWuMNI4rKl1MOqaqLqGXugeEjmBB
m58h2AXClNI0WP/LrivxwgOFILBxvycDbIxn5/RdvzL0fY8OzwT7k8irSiJY2m+B
ckzswIzktul8ejsPjm08nnvOlduPb2wUPk8zodzEJeCdpIRVeRJ/sOsu2xe6Uvxm
JN8dqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org