Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/59D1EC4A611C11ECA2FEF613C4F9AE02.roa
File: 59D1EC4A611C11ECA2FEF613C4F9AE02.roa (raw, json)
Hash identifier: Bne6554igwSJNsXgHsCxWHqkMkhRnUNLYP07zHEkSAA=
Subject key identifier: 41:17:FA:47:A6:B2:9D:9D:5D:B5:B7:89:43:B3:6A:1C:6B:CF:2F:DB
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 0535
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/59D1EC4A611C11ECA2FEF613C4F9AE02.roa
Signing time: Sun 19 Dec 2021 22:38:14 +0000
ROA not before: Sun 19 Dec 2021 22:38:14 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 0
IP address blocks: 103.21.0.0/24 maxlen: 24
103.21.1.0/24 maxlen: 24
103.21.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1333 (0x535)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Dec 19 22:38:14 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=61bfb455-1dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f3:13:b3:d6:13:96:2a:81:c2:a5:78:3e:13:
4f:74:1f:11:be:61:83:eb:79:e4:c9:85:f9:ef:c3:
7f:89:ea:98:6d:43:e6:e5:5f:e6:6c:c5:fa:0b:02:
b8:ab:98:91:ef:2b:1c:23:d7:46:80:c3:3a:94:21:
41:b7:5c:c5:02:b8:c2:e6:71:d2:5e:13:16:f3:af:
8d:68:73:52:a6:06:19:36:53:15:8a:2a:12:f1:15:
a4:b8:51:19:c2:e6:d5:34:13:74:3a:91:85:11:b0:
b3:da:82:70:da:59:23:87:57:5e:6c:f3:bf:6d:b3:
b8:24:41:10:95:9c:9f:a9:aa:bc:59:db:c2:94:0a:
b2:58:b4:7e:40:99:23:f5:ba:bf:2f:c9:97:56:11:
0b:a4:e4:6a:2c:22:48:34:1c:2c:24:81:19:aa:59:
15:05:a7:46:5e:6a:0d:ef:15:62:86:58:5f:9a:14:
ff:e0:e2:29:0d:e1:84:2f:d1:3b:8b:08:a0:5f:4f:
bb:2e:a8:00:d7:a8:32:de:cb:fc:28:f6:39:c6:8a:
3d:1c:3e:0e:82:28:af:b7:03:54:0c:b9:b3:39:47:
2b:ac:44:32:16:65:fa:11:63:f6:e4:62:ed:57:0a:
e8:6f:27:20:f1:7b:b4:d7:71:37:5d:d0:f5:46:28:
6d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:17:FA:47:A6:B2:9D:9D:5D:B5:B7:89:43:B3:6A:1C:6B:CF:2F:DB
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/59D1EC4A611C11ECA2FEF613C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.0.0/23
103.21.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:bc:44:f1:1c:e9:9e:d2:0a:4b:31:b5:b8:4d:8e:96:58:c6:
d8:0f:a8:0d:73:af:7a:bb:78:9b:2d:e5:ea:a4:94:c6:57:38:
8e:5d:b8:bd:fc:3c:1c:d9:8c:a0:91:70:6a:a4:6a:16:9e:94:
e9:a0:f4:d8:ff:c4:42:e7:e0:a2:b7:36:cb:51:96:db:c8:6f:
d9:ec:99:ba:94:b7:7a:4c:ff:ca:e0:d2:a5:f3:04:ba:78:f9:
ab:f2:70:e1:81:97:3d:fb:56:7d:b5:ff:1f:53:2f:f3:f0:a5:
8c:00:66:0c:02:04:1e:77:06:59:a2:d8:12:ae:ca:af:54:54:
08:88:31:9b:db:82:db:13:cb:7e:4b:4c:0f:18:3a:35:72:b1:
d1:c3:54:ab:a1:f9:7b:cf:44:58:f1:58:8a:ea:c2:cd:46:04:
d8:0f:ad:3f:b5:b1:04:9c:6f:11:da:46:2c:28:14:64:a2:70:
c0:bb:08:6a:a7:5c:a1:ac:a8:a4:0c:2a:50:7f:b4:eb:56:2a:
35:06:4e:ec:31:de:a3:d7:64:89:d4:25:0a:29:29:5b:26:8e:
ff:d2:50:ca:4e:55:bb:89:e5:87:4e:76:8c:d2:72:d8:b3:e6:
72:66:e6:c0:f7:eb:fe:df:12:d9:07:ac:c8:21:48:b3:11:cd:
fe:47:34:23
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjExMjE5MjIzODE0WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWJmYjQ1NS0xZGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5vMTs9YTliqBwqV4PhNPdB8RvmGD63nkyYX578N/ieqYbUPm5V/mbMX6CwK4
q5iR7yscI9dGgMM6lCFBt1zFArjC5nHSXhMW86+NaHNSpgYZNlMViioS8RWkuFEZ
wubVNBN0OpGFEbCz2oJw2lkjh1debPO/bbO4JEEQlZyfqaq8WdvClAqyWLR+QJkj
9bq/L8mXVhELpORqLCJINBwsJIEZqlkVBadGXmoN7xVihlhfmhT/4OIpDeGEL9E7
iwigX0+7LqgA16gy3sv8KPY5xoo9HD4OgiivtwNUDLmzOUcrrEQyFmX6EWP25GLt
Vwrobycg8Xu013E3XdD1RihtxwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEEX+kem
sp2dXbW3iUOzahxrzy/bMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvNTlEMUVDNEE2
MTFDMTFFQ0EyRkVGNjEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnFQADBABnFQMwDQYJKoZIhvcNAQELBQADggEBAHq8RPEc
6Z7SCksxtbhNjpZYxtgPqA1zr3q7eJst5eqklMZXOI5duL38PBzZjKCRcGqkahae
lOmg9Nj/xELn4KK3NstRltvIb9nsmbqUt3pM/8rg0qXzBLp4+avycOGBlz37Vn21
/x9TL/PwpYwAZgwCBB53Blmi2BKuyq9UVAiIMZvbgtsTy35LTA8YOjVysdHDVKuh
+XvPRFjxWIrqws1GBNgPrT+1sQScbxHaRiwoFGSicMC7CGqnXKGsqKQMKlB/tOtW
KjUGTuwx3qPXZInUJQopKVsmjv/SUMpOVbuJ5YdOdozSctiz5nJm5sD36/7fEtkH
rMghSLMRzf5HNCM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org