Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/D829D4E84FDD11EEA95D453BC4F9AE02.roa
File: D829D4E84FDD11EEA95D453BC4F9AE02.roa (raw, json)
Hash identifier: 8JCESJXW5NyMPMlC4dJ4NcN1VkiE1t0w8b03j4dqaEk=
Subject key identifier: 6B:74:DA:A7:D5:ED:9D:D6:07:E2:B1:8F:CB:8C:CD:17:E9:EB:3F:6D
Certificate issuer: /CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Certificate serial: 05EA
Authority key identifier: D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/D829D4E84FDD11EEA95D453BC4F9AE02.roa
Signing time: Sun 10 Sep 2023 13:27:53 +0000
ROA not before: Sun 10 Sep 2023 13:27:53 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150744
IP address blocks: 103.159.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1514 (0x5ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Validity
Not Before: Sep 10 13:27:53 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64fdc459-3fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c7:c9:97:8c:f6:4f:b0:11:f0:73:14:ba:72:
79:6d:01:b0:88:fe:79:14:ac:7a:78:a8:fe:eb:7f:
aa:5c:af:8f:49:11:9e:31:62:46:18:a5:11:be:2b:
8f:a6:58:17:28:76:07:c8:da:d9:9f:8b:fc:d6:1d:
3e:ad:83:15:a6:8e:e4:f6:de:26:be:82:d7:90:d4:
15:94:48:bd:a7:d5:55:29:a4:07:89:0b:8d:fe:9b:
73:25:87:45:86:24:9c:87:ff:49:f0:3a:ff:b8:c5:
72:03:fb:71:2c:71:cd:f4:7f:62:2e:df:76:64:bd:
5b:4a:f1:9a:25:65:c1:1e:45:48:bb:0e:2b:fc:54:
28:77:de:0d:fd:f5:3b:34:e9:e7:06:c7:2e:43:da:
32:95:70:98:60:26:44:67:d8:85:32:5f:fe:06:35:
9c:03:1c:2c:63:4c:c7:fc:06:5c:42:7a:5b:e4:cf:
32:e5:7c:b9:14:de:9b:4c:22:a6:2b:07:9f:94:c4:
be:55:35:77:e4:c4:f6:24:56:be:05:67:3e:f1:32:
e0:f2:c6:b9:0c:cc:44:94:2e:95:5c:0f:fc:f7:08:
3e:f2:f1:f1:a1:25:3b:ee:94:e4:00:e3:fb:a9:56:
2d:eb:4a:74:d8:b8:f9:94:e2:18:13:68:e7:7a:2c:
a0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:74:DA:A7:D5:ED:9D:D6:07:E2:B1:8F:CB:8C:CD:17:E9:EB:3F:6D
X509v3 Authority Key Identifier:
keyid:D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/D829D4E84FDD11EEA95D453BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.171.0/24
Signature Algorithm: sha256WithRSAEncryption
12:46:e5:ac:b6:96:b8:68:05:22:3a:97:31:50:d1:c3:0c:95:
05:cf:0f:66:fc:4b:bf:44:51:4a:88:a7:1c:9c:49:d5:2f:a5:
57:aa:ea:9f:44:1e:d2:17:6f:32:60:35:cc:f4:03:4d:ac:1c:
7e:31:a6:93:64:90:b4:9f:8b:5a:3f:64:53:67:6e:ec:9c:2f:
79:dc:c0:8d:b7:3d:30:8e:b9:2e:ad:e4:99:56:58:1c:db:d8:
b3:69:28:82:92:4f:1e:8a:be:8a:35:43:54:8e:88:94:87:ad:
7b:fd:98:ca:a6:0a:9d:7b:8b:7e:9f:77:cd:6f:52:3b:07:3d:
ae:0a:66:f4:ae:80:9d:28:2d:f3:ba:e8:c1:2e:1f:b7:64:2b:
43:d1:a0:f5:31:d1:3d:9b:83:1e:49:78:77:0a:ec:d9:9f:92:
bb:da:8d:e7:2f:cd:1c:22:af:9c:b7:a6:47:c8:2b:c9:41:86:
bc:34:ad:49:55:c7:b1:71:5e:75:cb:41:26:57:68:9a:cf:72:
56:4c:2c:ca:41:f7:8e:00:52:fa:72:95:0b:83:03:0b:c1:4d:
03:00:c7:e1:1e:da:f3:f0:7d:0b:76:d4:f6:68:fb:63:49:fb:
c3:1f:9f:47:81:c0:18:b3:d3:23:d7:e7:af:3e:a8:1c:2d:5b:
86:fc:41:dd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBeowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ4NUUxMTAvBgNVBAUTKEQ0NTgwNTFGNkRBOTUyMjk3NDc1QjQ4NEJEREQwRkJC
RTM0OTBFNzAwHhcNMjMwOTEwMTMyNzUzWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZkYzQ1OS0zZmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8fJl4z2T7AR8HMUunJ5bQGwiP55FKx6eKj+63+qXK+PSRGeMWJGGKURviuP
plgXKHYHyNrZn4v81h0+rYMVpo7k9t4mvoLXkNQVlEi9p9VVKaQHiQuN/ptzJYdF
hiSch/9J8Dr/uMVyA/txLHHN9H9iLt92ZL1bSvGaJWXBHkVIuw4r/FQod94N/fU7
NOnnBscuQ9oylXCYYCZEZ9iFMl/+BjWcAxwsY0zH/AZcQnpb5M8y5Xy5FN6bTCKm
KweflMS+VTV35MT2JFa+BWc+8TLg8sa5DMxElC6VXA/89wg+8vHxoSU77pTkAOP7
qVYt60p02Lj5lOIYE2jneiyg2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGt02qfV
7Z3WB+Kxj8uMzRfp6z9tMB8GA1UdIwQYMBaAFNRYBR9tqVIpdHW0hL3dD7vjSQ5w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDg1RS83M0VGOTA5QzNC
QjUxMUVCQjREMTM3N0RDNEY5QUUwMi8xRmdGSDIycFVpbDBkYlNFdmQwUHUtTkpE
bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFGZ0ZIMjJwVWlsMGRiU0V2ZDBQdS1OSkRuQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ4NUUvNzNFRjkwOUMzQkI1MTFFQkI0RDEzNzdEQzRGOUFFMDIvRDgyOUQ0RTg0
RkREMTFFRUE5NUQ0NTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn6swDQYJKoZIhvcNAQELBQADggEBABJG5ay2lrhoBSI6
lzFQ0cMMlQXPD2b8S79EUUqIpxycSdUvpVeq6p9EHtIXbzJgNcz0A02sHH4xppNk
kLSfi1o/ZFNnbuycL3ncwI23PTCOuS6t5JlWWBzb2LNpKIKSTx6Kvoo1Q1SOiJSH
rXv9mMqmCp17i36fd81vUjsHPa4KZvSugJ0oLfO66MEuH7dkK0PRoPUx0T2bgx5J
eHcK7NmfkrvajecvzRwir5y3pkfIK8lBhrw0rUlVx7FxXnXLQSZXaJrPclZMLMpB
944AUvpylQuDAwvBTQMAx+Ee2vPwfQt21PZo+2NJ+8Mfn0eBwBiz0yPX568+qBwt
W4b8Qd0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org