Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D963/90E80BC897E211EB9B39D531C4F9AE02/DFEDC51897E311EBBBAEA032C4F9AE02.roa
File: DFEDC51897E311EBBBAEA032C4F9AE02.roa (raw, json)
Hash identifier: YIUh+ffN3qhgFwXP0JyKn7b5x3nCgHIDhLQmmfpUalI=
Subject key identifier: 64:63:4D:43:2C:99:20:85:D4:4B:A0:F9:9C:12:7B:D8:F6:14:0C:AD
Certificate issuer: /CN=A915D963/serialNumber=40C5BD3DE952B92E95921A4FD6DF7DB07B4A2921
Certificate serial: 04C3
Authority key identifier: 40:C5:BD:3D:E9:52:B9:2E:95:92:1A:4F:D6:DF:7D:B0:7B:4A:29:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QMW9PelSuS6VkhpP1t99sHtKKSE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D963/90E80BC897E211EB9B39D531C4F9AE02/DFEDC51897E311EBBBAEA032C4F9AE02.roa
Signing time: Sat 03 Jun 2023 02:09:27 +0000
ROA not before: Sat 03 Jun 2023 02:09:27 +0000
ROA not after: Sun 01 Oct 2023 00:00:00 +0000
asID: 142044
IP address blocks: 103.81.55.0/24 maxlen: 24
103.165.161.0/24 maxlen: 24
2001:df6:6d80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1219 (0x4c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D963/serialNumber=40C5BD3DE952B92E95921A4FD6DF7DB07B4A2921
Validity
Not Before: Jun 3 02:09:27 2023 GMT
Not After : Oct 1 00:00:00 2023 GMT
Subject: CN=647aa0d7-4e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c3:7b:7e:58:8e:63:07:f3:f1:97:2f:ed:20:
f9:85:51:f9:3b:6f:53:ab:08:12:4d:38:e6:d6:7d:
09:40:eb:0c:eb:cb:09:96:ad:5a:c7:89:cd:a5:c5:
6f:60:03:ed:a9:d5:35:ca:c6:ff:2c:3e:bd:52:93:
fc:b0:ee:e7:ce:fd:b7:d2:d1:b4:e2:da:9b:35:b3:
d8:fc:1c:6b:a1:1b:a8:f7:84:f5:d0:ab:dd:5a:36:
88:21:7d:d9:f6:30:f4:d5:14:a3:80:cb:1b:50:d2:
49:eb:e0:4f:20:b2:65:24:a3:cf:82:de:5d:eb:04:
04:73:34:f2:72:a2:23:3e:0e:a1:91:9d:93:05:f8:
44:85:6c:ee:b0:37:63:68:6f:42:66:a1:2c:51:c6:
4a:24:0f:70:7c:9d:d8:9f:85:38:17:aa:7a:f4:81:
64:a5:70:14:05:2b:67:1a:7c:8e:f8:c1:6d:98:1d:
b4:ff:13:46:fb:ee:8e:74:65:6f:f8:14:29:96:6c:
c2:8f:50:43:15:fa:5f:27:05:c1:f1:01:f3:1b:4c:
26:e0:37:1f:c3:30:63:64:a0:d6:83:14:0d:27:86:
d2:f9:53:23:08:3d:14:d2:86:22:6b:74:4e:3b:8d:
a6:ae:7f:3f:be:06:fc:a3:b1:38:c5:d0:9e:38:fc:
19:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:63:4D:43:2C:99:20:85:D4:4B:A0:F9:9C:12:7B:D8:F6:14:0C:AD
X509v3 Authority Key Identifier:
keyid:40:C5:BD:3D:E9:52:B9:2E:95:92:1A:4F:D6:DF:7D:B0:7B:4A:29:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D963/90E80BC897E211EB9B39D531C4F9AE02/QMW9PelSuS6VkhpP1t99sHtKKSE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QMW9PelSuS6VkhpP1t99sHtKKSE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D963/90E80BC897E211EB9B39D531C4F9AE02/DFEDC51897E311EBBBAEA032C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.55.0/24
103.165.161.0/24
IPv6:
2001:df6:6d80::/48
Signature Algorithm: sha256WithRSAEncryption
5c:fe:be:cf:51:e8:fc:cf:3c:c0:95:18:2a:e2:73:74:b3:7f:
ef:d3:69:9d:87:a4:58:73:61:ea:60:32:c4:21:09:fa:f3:e8:
7d:1d:2c:6e:d4:07:ff:27:35:c3:f5:87:71:bb:a7:fc:19:a0:
37:dc:90:9b:27:47:19:9b:50:d7:e4:24:b2:48:98:1f:c4:47:
10:47:c7:b8:ce:15:7e:b9:e6:65:b2:89:51:71:57:04:e7:b0:
1c:61:0e:0d:dc:b0:5f:f1:f9:7c:94:81:f5:db:71:17:dc:18:
f6:b1:ee:86:74:05:e3:21:62:6a:59:51:e0:d7:02:92:ab:3e:
b8:c5:c9:7e:39:f0:b3:b6:4d:83:57:2f:62:3a:ee:53:1f:9c:
02:68:28:d2:b2:45:ed:db:23:b1:bc:b0:5c:df:85:05:d9:5f:
12:e9:a1:f6:02:eb:c8:95:67:5d:f7:3a:9b:10:df:ad:07:99:
5a:6c:e6:d8:22:4e:67:e1:09:95:b7:72:5c:f6:10:a4:bf:11:
0d:5a:ce:07:ed:25:14:c4:f5:12:1c:c8:e5:81:30:a7:64:3c:
cb:a7:27:53:77:06:e8:1e:8f:91:0b:36:52:09:19:f5:b9:d9:
12:f9:4b:f2:9f:63:54:51:f3:90:97:6a:f3:8a:bb:d1:4b:3e:
97:dd:08:a2
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ5NjMxMTAvBgNVBAUTKDQwQzVCRDNERTk1MkI5MkU5NTkyMUE0RkQ2REY3REIw
N0I0QTI5MjEwHhcNMjMwNjAzMDIwOTI3WhcNMjMxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdhYTBkNy00ZThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3MN7fliOYwfz8Zcv7SD5hVH5O29TqwgSTTjm1n0JQOsM68sJlq1ax4nNpcVv
YAPtqdU1ysb/LD69UpP8sO7nzv230tG04tqbNbPY/BxroRuo94T10KvdWjaIIX3Z
9jD01RSjgMsbUNJJ6+BPILJlJKPPgt5d6wQEczTycqIjPg6hkZ2TBfhEhWzusDdj
aG9CZqEsUcZKJA9wfJ3Yn4U4F6p69IFkpXAUBStnGnyO+MFtmB20/xNG++6OdGVv
+BQplmzCj1BDFfpfJwXB8QHzG0wm4DcfwzBjZKDWgxQNJ4bS+VMjCD0U0oYia3RO
O42mrn8/vgb8o7E4xdCeOPwZLwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFGRjTUMs
mSCF1Eug+ZwSe9j2FAytMB8GA1UdIwQYMBaAFEDFvT3pUrkulZIaT9bffbB7Sikh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDk2My85MEU4MEJDODk3
RTIxMUVCOUIzOUQ1MzFDNEY5QUUwMi9RTVc5UGVsU3VTNlZraHBQMXQ5OXNIdEtL
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FNVzlQZWxTdVM2VmtocFAxdDk5c0h0S0tTRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ5NjMvOTBFODBCQzg5N0UyMTFFQjlCMzlENTMxQzRGOUFFMDIvREZFREM1MTg5
N0UzMTFFQkJCQUVBMDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnUTcDBABnpaEwDwQCAAIwCQMHACABDfZtgDANBgkqhkiG
9w0BAQsFAAOCAQEAXP6+z1Ho/M88wJUYKuJzdLN/79NpnYekWHNh6mAyxCEJ+vPo
fR0sbtQH/yc1w/WHcbun/BmgN9yQmydHGZtQ1+QkskiYH8RHEEfHuM4VfrnmZbKJ
UXFXBOewHGEODdywX/H5fJSB9dtxF9wY9rHuhnQF4yFiallR4NcCkqs+uMXJfjnw
s7ZNg1cvYjruUx+cAmgo0rJF7dsjsbywXN+FBdlfEumh9gLryJVnXfc6mxDfrQeZ
Wmzm2CJOZ+EJlbdyXPYQpL8RDVrOB+0lFMT1EhzI5YEwp2Q8y6cnU3cG6B6PkQs2
UgkZ9bnZEvlL8p9jVFHzkJdq84q70Us+l90Iog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org