Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B202/4D41CF92409E11EDB352EE5EC4F9AE02/AC8B24F040A111ED8128EB4EC4F9AE02.roa
File: AC8B24F040A111ED8128EB4EC4F9AE02.roa (raw, json)
Hash identifier: cPyiBlyvTGkBNhM9wzkeHj0RaZP5TRzfBF8eaN+zqm4=
Subject key identifier: FB:F2:7B:0B:DF:30:C9:D0:D9:8A:83:D9:E4:E6:CC:75:03:57:48:6A
Certificate issuer: /CN=A915B202/serialNumber=8CBE9DD59934C9AD205FCE6AF8EF4DB801F1D3EB
Certificate serial: 02
Authority key identifier: 8C:BE:9D:D5:99:34:C9:AD:20:5F:CE:6A:F8:EF:4D:B8:01:F1:D3:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jL6d1Zk0ya0gX85q-O9NuAHx0-s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B202/4D41CF92409E11EDB352EE5EC4F9AE02/AC8B24F040A111ED8128EB4EC4F9AE02.roa
Signing time: Fri 30 Sep 2022 09:24:25 +0000
ROA not before: Fri 30 Sep 2022 09:24:25 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 14618
IP address blocks: 103.15.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B202/serialNumber=8CBE9DD59934C9AD205FCE6AF8EF4DB801F1D3EB
Validity
Not Before: Sep 30 09:24:25 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6336b5c9-9087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:01:61:ff:3a:5e:19:1c:03:bd:85:9d:c5:8c:
98:f2:5b:8d:c6:79:06:1e:b1:d7:db:f4:b8:3d:ec:
b9:1c:89:d3:03:6c:39:34:fc:29:eb:36:64:6b:28:
84:d0:fa:e2:ae:a2:ff:e7:ec:cf:76:e0:84:a8:76:
37:af:85:76:07:fd:e3:4c:42:d7:a4:fb:37:dc:1b:
78:d5:49:75:76:be:12:02:86:2a:d5:50:d0:a9:c7:
be:3f:28:a7:e3:96:c7:e0:ef:68:91:0f:cc:31:f2:
3f:f8:9c:80:e4:9e:06:05:35:ed:af:27:5d:80:e3:
68:6c:b2:ce:3a:d9:ef:53:55:b7:57:cf:2f:4e:24:
00:35:2b:52:4c:d2:34:cb:99:77:89:25:38:55:16:
57:08:0e:0c:c0:af:d5:71:81:47:76:5a:54:a3:de:
e1:85:79:62:34:59:04:1c:0d:9d:29:f4:49:3f:e4:
ac:d5:d8:2f:77:93:9b:f2:3b:99:c5:0e:94:88:5d:
fa:63:c6:82:3b:96:cc:54:9f:2a:5b:4e:29:ff:a9:
92:53:d1:ce:0a:e7:72:cf:57:e0:ea:2b:2b:72:5d:
f4:a2:4b:11:54:c3:9f:3b:36:c2:83:02:68:95:2f:
61:13:97:c3:38:d7:b1:da:8a:f9:98:b1:e6:1f:e2:
91:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F2:7B:0B:DF:30:C9:D0:D9:8A:83:D9:E4:E6:CC:75:03:57:48:6A
X509v3 Authority Key Identifier:
keyid:8C:BE:9D:D5:99:34:C9:AD:20:5F:CE:6A:F8:EF:4D:B8:01:F1:D3:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B202/4D41CF92409E11EDB352EE5EC4F9AE02/jL6d1Zk0ya0gX85q-O9NuAHx0-s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jL6d1Zk0ya0gX85q-O9NuAHx0-s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B202/4D41CF92409E11EDB352EE5EC4F9AE02/AC8B24F040A111ED8128EB4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.15.220.0/24
Signature Algorithm: sha256WithRSAEncryption
60:a5:d6:f2:e8:37:7b:4d:0c:1a:15:2a:d2:8e:b2:06:46:52:
ac:e7:0e:b2:9d:35:26:0b:a5:1d:04:38:12:06:ef:95:13:62:
1b:4d:b7:d5:8f:bd:20:e8:c0:f5:32:c8:02:36:f8:0a:91:ee:
70:5b:4f:81:2f:d8:1b:fa:9e:30:25:08:3e:69:ff:76:ce:e8:
9d:b2:e9:45:8a:17:8d:e0:40:7d:fc:f3:52:dd:66:e2:6c:bd:
e1:83:23:d2:29:2c:2c:08:c0:60:ea:cb:c0:b1:26:bc:f3:0d:
2f:ba:d9:9d:d1:ee:86:4f:f7:98:68:5d:26:2a:80:aa:b5:38:
28:5d:2f:49:ce:8b:f1:8f:a9:b7:8c:48:95:bc:b5:8b:eb:6c:
0f:28:0f:61:49:55:66:04:8f:fa:09:63:c2:32:19:d8:be:c8:
cd:54:8a:87:b9:e6:d9:39:58:c8:49:ea:83:f8:c8:5d:a6:cb:
97:36:74:74:5b:fa:59:f4:d3:c1:21:88:13:91:4d:ce:26:f5:
50:ba:65:80:ad:7b:bd:07:22:94:cf:91:f0:dd:45:60:da:b5:
5f:00:1c:7b:99:67:b8:3e:e3:3d:c4:14:3b:0c:a1:7d:5c:0e:
ea:4f:9d:a9:10:44:5d:02:ab:56:a8:d0:62:c1:f7:f7:1d:ff:
e3:19:2f:d1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QjIwMjExMC8GA1UEBRMoOENCRTlERDU5OTM0QzlBRDIwNUZDRTZBRjhFRjREQjgw
MUYxRDNFQjAeFw0yMjA5MzAwOTI0MjVaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMzZiNWM5LTkwODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLAWH/Ol4ZHAO9hZ3FjJjyW43GeQYesdfb9Lg97LkcidMDbDk0/CnrNmRrKITQ
+uKuov/n7M924ISodjevhXYH/eNMQtek+zfcG3jVSXV2vhIChirVUNCpx74/KKfj
lsfg72iRD8wx8j/4nIDkngYFNe2vJ12A42hsss462e9TVbdXzy9OJAA1K1JM0jTL
mXeJJThVFlcIDgzAr9VxgUd2WlSj3uGFeWI0WQQcDZ0p9Ek/5KzV2C93k5vyO5nF
DpSIXfpjxoI7lsxUnypbTin/qZJT0c4K53LPV+DqKytyXfSiSxFUw587NsKDAmiV
L2ETl8M417HaivmYseYf4pFBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+/J7C98w
ydDZioPZ5ObMdQNXSGowHwYDVR0jBBgwFoAUjL6d1Zk0ya0gX85q+O9NuAHx0+sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVCMjAyLzRENDFDRjkyNDA5
RTExRURCMzUyRUU1RUM0RjlBRTAyL2pMNmQxWmsweWEwZ1g4NXEtTzlOdUFIeDAt
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvakw2ZDFaazB5YTBnWDg1cS1POU51QUh4MC1zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QjIwMi80RDQxQ0Y5MjQwOUUxMUVEQjM1MkVFNUVDNEY5QUUwMi9BQzhCMjRGMDQw
QTExMUVEODEyOEVCNEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcP3DANBgkqhkiG9w0BAQsFAAOCAQEAYKXW8ug3e00MGhUq
0o6yBkZSrOcOsp01JgulHQQ4EgbvlRNiG0231Y+9IOjA9TLIAjb4CpHucFtPgS/Y
G/qeMCUIPmn/ds7onbLpRYoXjeBAffzzUt1m4my94YMj0iksLAjAYOrLwLEmvPMN
L7rZndHuhk/3mGhdJiqAqrU4KF0vSc6L8Y+pt4xIlby1i+tsDygPYUlVZgSP+glj
wjIZ2L7IzVSKh7nm2TlYyEnqg/jIXabLlzZ0dFv6WfTTwSGIE5FNzib1ULplgK17
vQcilM+R8N1FYNq1XwAce5lnuD7jPcQUOwyhfVwO6k+dqRBEXQKrVqjQYsH39x3/
4xkv0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org