Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/DD4586D0009011EEB4A39C0EC4F9AE02.roa
File: DD4586D0009011EEB4A39C0EC4F9AE02.roa (raw, json)
Hash identifier: FAT2ULrFOStIXcO+L/1THnXKkI4iU0s169RzGsnn0s0=
Subject key identifier: 8B:2E:AE:78:47:E5:61:7C:A5:53:35:23:54:D0:AC:1D:46:4F:A6:69
Certificate issuer: /CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Certificate serial: 05AD
Authority key identifier: D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/DD4586D0009011EEB4A39C0EC4F9AE02.roa
Signing time: Thu 01 Jun 2023 15:27:48 +0000
ROA not before: Thu 01 Jun 2023 15:27:48 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150774
IP address blocks: 103.159.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1453 (0x5ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Validity
Not Before: Jun 1 15:27:48 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6478b8f4-95fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d2:91:aa:14:9b:8f:bf:d0:13:59:a1:79:47:
6c:d5:5c:ad:41:0c:6b:da:90:8f:e6:9e:a1:61:ff:
48:91:93:d3:ae:88:ee:55:1d:3b:9a:9a:ce:31:5f:
c9:da:bc:c7:cc:21:51:fc:a7:9f:da:2a:e6:9a:3a:
78:f4:02:33:63:24:d5:ae:d7:b1:d9:f1:0d:0e:9d:
d8:42:bd:c3:15:8f:13:93:be:df:01:08:9a:13:0c:
1a:fe:f8:86:b7:a6:ed:db:22:71:42:fc:71:f7:e1:
9c:ce:8c:f0:a0:5d:33:27:2c:1a:81:7a:38:ec:6c:
99:e8:78:66:c7:b0:b5:b3:e9:02:90:4e:34:36:b5:
5a:17:e7:a5:27:52:76:6a:f0:d1:44:73:48:89:76:
61:39:cf:3b:b2:fb:d0:a9:04:0b:05:23:c9:a8:b8:
55:28:fb:94:37:37:6e:0b:d1:29:de:f2:e4:83:72:
37:31:cf:93:1a:9e:15:50:85:1c:83:bd:3d:7a:14:
47:0f:84:95:41:ad:54:d2:3e:d1:53:00:9c:25:cd:
f9:10:8d:d4:28:b2:20:b2:fb:27:11:5b:c4:1a:bf:
6d:bc:9a:49:5b:3e:9f:5f:69:45:fe:ed:7d:27:46:
f3:91:7b:f9:e5:d5:90:cc:1c:bd:86:8b:58:16:8b:
23:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2E:AE:78:47:E5:61:7C:A5:53:35:23:54:D0:AC:1D:46:4F:A6:69
X509v3 Authority Key Identifier:
keyid:D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/DD4586D0009011EEB4A39C0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.171.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:72:f0:21:ac:46:21:7c:87:e7:cc:37:1f:37:28:c6:c2:21:
2f:e0:c0:cf:8a:5a:d8:0f:62:4f:56:ae:d1:f3:fb:b1:69:28:
c7:c4:f0:ba:03:49:99:4c:25:1d:eb:e3:26:4e:a0:23:19:1e:
34:ad:89:c8:bd:f1:b8:bb:ea:bb:09:30:0b:80:c3:a5:1b:3a:
3b:10:40:b2:57:fd:90:70:77:56:29:7f:8b:9a:ab:a1:d6:dc:
97:f6:b4:5d:b1:69:b6:c0:92:f9:66:ee:13:1e:b2:8f:fc:45:
4f:64:17:1f:26:be:e9:92:0f:42:f0:06:86:c0:20:56:55:32:
8c:b0:50:6d:1a:e6:92:68:72:db:66:54:06:63:68:39:86:8a:
03:4d:9e:59:75:60:54:b9:b8:6c:f7:40:f7:6b:b4:5c:25:14:
e1:38:33:a5:4f:98:c2:ec:e4:80:aa:79:52:16:02:99:a2:6c:
7f:ae:fd:f4:ed:4c:55:78:a3:18:92:81:4e:35:ad:c0:b5:f5:
4b:f5:ad:68:bd:ed:00:3d:6e:82:76:6b:27:91:25:13:ff:7b:
ca:c2:21:d6:11:b5:00:02:9c:14:78:77:7a:94:9d:25:3a:e7:
c8:e6:3d:d0:91:29:cb:93:01:cc:a5:5c:35:2b:93:f9:42:cd:
3e:fe:4c:03
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ4NUUxMTAvBgNVBAUTKEQ0NTgwNTFGNkRBOTUyMjk3NDc1QjQ4NEJEREQwRkJC
RTM0OTBFNzAwHhcNMjMwNjAxMTUyNzQ4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4YjhmNC05NWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNKRqhSbj7/QE1mheUds1VytQQxr2pCP5p6hYf9IkZPTrojuVR07mprOMV/J
2rzHzCFR/Kef2irmmjp49AIzYyTVrtex2fENDp3YQr3DFY8Tk77fAQiaEwwa/viG
t6bt2yJxQvxx9+GczozwoF0zJywagXo47GyZ6Hhmx7C1s+kCkE40NrVaF+elJ1J2
avDRRHNIiXZhOc87svvQqQQLBSPJqLhVKPuUNzduC9Ep3vLkg3I3Mc+TGp4VUIUc
g709ehRHD4SVQa1U0j7RUwCcJc35EI3UKLIgsvsnEVvEGr9tvJpJWz6fX2lF/u19
J0bzkXv55dWQzBy9hotYFosjEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIsurnhH
5WF8pVM1I1TQrB1GT6ZpMB8GA1UdIwQYMBaAFNRYBR9tqVIpdHW0hL3dD7vjSQ5w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDg1RS83M0VGOTA5QzNC
QjUxMUVCQjREMTM3N0RDNEY5QUUwMi8xRmdGSDIycFVpbDBkYlNFdmQwUHUtTkpE
bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFGZ0ZIMjJwVWlsMGRiU0V2ZDBQdS1OSkRuQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ4NUUvNzNFRjkwOUMzQkI1MTFFQkI0RDEzNzdEQzRGOUFFMDIvREQ0NTg2RDAw
MDkwMTFFRUI0QTM5QzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn6swDQYJKoZIhvcNAQELBQADggEBAG5y8CGsRiF8h+fM
Nx83KMbCIS/gwM+KWtgPYk9WrtHz+7FpKMfE8LoDSZlMJR3r4yZOoCMZHjStici9
8bi76rsJMAuAw6UbOjsQQLJX/ZBwd1Ypf4uaq6HW3Jf2tF2xabbAkvlm7hMeso/8
RU9kFx8mvumSD0LwBobAIFZVMoywUG0a5pJocttmVAZjaDmGigNNnll1YFS5uGz3
QPdrtFwlFOE4M6VPmMLs5ICqeVIWApmibH+u/fTtTFV4oxiSgU41rcC19Uv1rWi9
7QA9boJ2ayeRJRP/e8rCIdYRtQACnBR4d3qUnSU658jmPdCRKcuTAcylXDUrk/lC
zT7+TAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org