Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EF21/EADBB412018311ECB5641629C4F9AE02/24CB23A8018711ECB5029E74C4F9AE02.roa
File: 24CB23A8018711ECB5029E74C4F9AE02.roa (raw, json)
Hash identifier: pDxV+HQl70F3qKWYcIRwzbw+YtB5lbfbNMcKMfQsJ0k=
Subject key identifier: 9D:A6:10:F6:06:63:D8:EF:9F:C8:62:80:D5:BA:DF:30:A3:67:D4:14
Certificate issuer: /CN=A914EF21/serialNumber=8C2F74A7AD2BD0F5EFB1064E4B90986D76CC1785
Certificate serial: 03C9
Authority key identifier: 8C:2F:74:A7:AD:2B:D0:F5:EF:B1:06:4E:4B:90:98:6D:76:CC:17:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jC90p60r0PXvsQZOS5CYbXbMF4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EF21/EADBB412018311ECB5641629C4F9AE02/24CB23A8018711ECB5029E74C4F9AE02.roa
Signing time: Tue 01 Aug 2023 01:42:15 +0000
ROA not before: Tue 01 Aug 2023 01:42:15 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 139060
IP address blocks: 103.139.20.0/24 maxlen: 24
103.139.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 969 (0x3c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EF21/serialNumber=8C2F74A7AD2BD0F5EFB1064E4B90986D76CC1785
Validity
Not Before: Aug 1 01:42:15 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64c862f6-e22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b3:06:8b:91:a8:83:58:18:70:0f:98:a9:0f:
8d:b7:71:44:27:58:a6:62:b1:a9:d7:20:8a:89:e8:
b5:9f:f6:b8:65:e0:0f:6e:b7:2a:52:72:98:f7:52:
70:a3:76:3d:df:80:58:3a:6d:05:b7:85:3e:00:ff:
1c:ea:0d:59:a2:25:65:e8:e1:9e:85:b6:8a:64:3b:
f2:37:ca:90:76:58:84:6a:b9:b8:59:60:70:f7:c4:
95:e4:8d:7b:0d:c2:70:94:91:b5:09:02:35:a1:bf:
e3:a1:3b:8d:4c:0c:c3:fc:2a:2d:a3:e6:47:a4:04:
6e:38:d5:63:0c:15:90:34:5a:e5:60:2d:d9:b8:9d:
07:19:b2:a3:08:77:8e:05:44:93:98:b9:e8:38:71:
dd:ba:af:ab:59:11:be:3e:e2:85:2f:74:e8:85:28:
71:76:0e:31:ca:9e:09:5e:e9:4f:78:a4:a3:19:24:
9c:89:0e:36:ff:6d:ea:42:f7:bb:fd:b3:81:f7:e6:
2a:8c:23:73:6a:28:a7:14:a7:5f:07:48:43:f0:3d:
5a:ed:9b:3a:28:18:03:9a:45:97:b1:be:00:98:6b:
25:02:1a:0a:63:20:94:c0:35:3e:c0:2a:67:93:54:
59:93:00:b2:44:a2:ed:ea:73:f5:81:b3:5c:39:3e:
39:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A6:10:F6:06:63:D8:EF:9F:C8:62:80:D5:BA:DF:30:A3:67:D4:14
X509v3 Authority Key Identifier:
keyid:8C:2F:74:A7:AD:2B:D0:F5:EF:B1:06:4E:4B:90:98:6D:76:CC:17:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EF21/EADBB412018311ECB5641629C4F9AE02/jC90p60r0PXvsQZOS5CYbXbMF4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jC90p60r0PXvsQZOS5CYbXbMF4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EF21/EADBB412018311ECB5641629C4F9AE02/24CB23A8018711ECB5029E74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.20.0/23
Signature Algorithm: sha256WithRSAEncryption
82:37:31:cb:2e:a8:e9:0c:ea:20:ee:2c:85:77:9a:76:8c:c4:
f6:93:d9:06:50:9d:7f:9b:22:f1:ca:d7:2e:09:70:8c:d7:3f:
c6:93:4e:96:c2:2f:92:99:a0:29:44:b0:27:56:fe:e3:94:7f:
24:d1:ff:ba:29:01:ef:81:33:50:23:55:04:3e:c5:fe:d9:16:
2f:34:62:51:da:80:63:f5:76:a6:17:98:23:bd:b5:31:03:ec:
36:76:4c:fa:75:7f:6a:b5:09:81:4c:1a:d4:3a:4d:fd:8c:c0:
bd:1a:6b:eb:f2:d6:56:69:a5:ee:87:7a:60:a3:c5:2c:e0:15:
53:65:a3:02:71:73:bb:e7:87:ef:64:75:4e:a2:92:22:5d:08:
d4:38:49:2d:c8:9c:8b:85:27:73:ea:e2:58:38:c8:bd:88:0b:
93:4e:d1:11:b2:03:66:f9:f5:00:cd:67:01:c3:fd:d8:e3:1c:
56:33:07:43:d0:78:4e:43:40:98:5f:00:a5:83:9a:ac:23:0e:
9a:7a:2b:0c:5e:2b:2c:77:be:bf:37:08:6c:ef:bc:40:7d:d3:
fa:51:be:02:90:2a:c0:ec:87:59:c7:6f:74:6f:33:6d:a1:bf:
5c:57:d6:58:72:a8:68:7e:1b:8c:b4:0a:7a:12:0c:8a:d3:9a:
f0:0a:d6:8a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA8kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVGMjExMTAvBgNVBAUTKDhDMkY3NEE3QUQyQkQwRjVFRkIxMDY0RTRCOTA5ODZE
NzZDQzE3ODUwHhcNMjMwODAxMDE0MjE1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4NjJmNi1lMjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4rMGi5Gog1gYcA+YqQ+Nt3FEJ1imYrGp1yCKiei1n/a4ZeAPbrcqUnKY91Jw
o3Y934BYOm0Ft4U+AP8c6g1ZoiVl6OGehbaKZDvyN8qQdliEarm4WWBw98SV5I17
DcJwlJG1CQI1ob/joTuNTAzD/Coto+ZHpARuONVjDBWQNFrlYC3ZuJ0HGbKjCHeO
BUSTmLnoOHHduq+rWRG+PuKFL3TohShxdg4xyp4JXulPeKSjGSSciQ42/23qQve7
/bOB9+YqjCNzaiinFKdfB0hD8D1a7Zs6KBgDmkWXsb4AmGslAhoKYyCUwDU+wCpn
k1RZkwCyRKLt6nP1gbNcOT45kwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ2mEPYG
Y9jvn8higNW63zCjZ9QUMB8GA1UdIwQYMBaAFIwvdKetK9D177EGTkuQmG12zBeF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUYyMS9FQURCQjQxMjAx
ODMxMUVDQjU2NDE2MjlDNEY5QUUwMi9qQzkwcDYwcjBQWHZzUVpPUzVDWWJYYk1G
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pDOTBwNjByMFBYdnNRWk9TNUNZYlhiTUY0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVGMjEvRUFEQkI0MTIwMTgzMTFFQ0I1NjQxNjI5QzRGOUFFMDIvMjRDQjIzQTgw
MTg3MTFFQ0I1MDI5RTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnixQwDQYJKoZIhvcNAQELBQADggEBAII3McsuqOkM6iDu
LIV3mnaMxPaT2QZQnX+bIvHK1y4JcIzXP8aTTpbCL5KZoClEsCdW/uOUfyTR/7op
Ae+BM1AjVQQ+xf7ZFi80YlHagGP1dqYXmCO9tTED7DZ2TPp1f2q1CYFMGtQ6Tf2M
wL0aa+vy1lZppe6HemCjxSzgFVNlowJxc7vnh+9kdU6ikiJdCNQ4SS3InIuFJ3Pq
4lg4yL2IC5NO0RGyA2b59QDNZwHD/djjHFYzB0PQeE5DQJhfAKWDmqwjDpp6Kwxe
Kyx3vr83CGzvvEB90/pRvgKQKsDsh1nHb3RvM22hv1xX1lhyqGh+G4y0CnoSDIrT
mvAK1oo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org