Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/4F045DB8D91911EDBA0DC768C4F9AE02.roa
File: 4F045DB8D91911EDBA0DC768C4F9AE02.roa (raw, json)
Hash identifier: tCBHti21cUX63iaG2qU5U/knugUNVqz5vYkyB5AlhzQ=
Subject key identifier: B3:4C:AF:E0:F1:2E:E7:56:FE:FE:42:29:4A:7E:D2:93:5C:86:A1:B2
Certificate issuer: /CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Certificate serial: 043D
Authority key identifier: 03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/4F045DB8D91911EDBA0DC768C4F9AE02.roa
Signing time: Wed 12 Apr 2023 10:03:44 +0000
ROA not before: Wed 12 Apr 2023 10:03:44 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 212238
IP address blocks: 103.79.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1085 (0x43d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D8D9/serialNumber=031C9C26E5BAB1B01AF18A0BB1B970AB5773456B
Validity
Not Before: Apr 12 10:03:44 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64368200-d0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:61:5f:80:79:ca:8a:d8:c7:cb:55:5b:04:37:
61:fe:80:9f:29:a4:3b:7c:79:64:f8:c7:48:14:dd:
6f:af:1d:b5:97:17:61:ff:88:a6:fc:46:2b:3a:c0:
f4:ea:cf:79:f6:84:e2:50:5f:8a:7b:be:af:1d:13:
fc:e6:61:bc:26:be:70:a6:3f:37:36:48:8f:8e:0e:
64:1f:fc:7d:81:d5:d9:78:0d:c8:3f:36:e9:7c:f4:
c1:34:a3:1f:9a:57:2a:4e:b9:24:1a:2a:fc:93:81:
3d:5a:d8:6d:2b:4f:dd:46:43:02:d4:c8:e3:0d:e4:
36:f5:44:bb:cb:06:f9:95:22:68:4f:35:19:48:d3:
48:d3:19:fa:1d:c9:61:21:6d:93:d6:db:2d:80:72:
b0:27:e1:c9:cc:62:af:6c:7e:50:4a:ab:5b:58:32:
ab:8f:6b:15:82:0c:44:21:4b:73:76:41:94:1f:9a:
8d:30:04:7c:2c:11:a6:05:2b:82:f7:49:34:4b:68:
e1:a4:0a:ff:42:5a:c1:d8:91:22:92:7c:59:e2:0b:
d5:c8:7d:41:e5:64:b7:85:e5:5f:dc:6d:92:71:06:
39:6d:10:d1:75:e2:ae:60:cb:36:d7:ad:ee:8c:1c:
21:32:7f:35:c7:c1:71:48:d5:7e:ab:3c:75:7f:fb:
49:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:4C:AF:E0:F1:2E:E7:56:FE:FE:42:29:4A:7E:D2:93:5C:86:A1:B2
X509v3 Authority Key Identifier:
keyid:03:1C:9C:26:E5:BA:B1:B0:1A:F1:8A:0B:B1:B9:70:AB:57:73:45:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/AxycJuW6sbAa8YoLsblwq1dzRWs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AxycJuW6sbAa8YoLsblwq1dzRWs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D8D9/5483BFB6C8FB11EBBA5BAE51C4F9AE02/4F045DB8D91911EDBA0DC768C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.16.0/22
Signature Algorithm: sha256WithRSAEncryption
97:3d:f5:f6:e3:eb:fb:53:6d:99:e8:3b:f9:1a:f7:dc:4c:f6:
6c:1a:c0:28:76:a1:87:82:90:9b:31:e4:f2:a1:b9:30:dd:89:
ed:0d:89:6a:12:14:ec:d6:8d:0d:7c:18:a5:3b:4d:bf:15:3f:
a4:2e:7e:cc:ee:cb:00:12:92:30:ac:c2:6d:f1:59:74:0c:e1:
64:bb:ca:34:b4:a7:0d:f6:a3:25:22:ea:1c:d2:9e:23:db:bd:
6c:f0:cf:25:1b:ec:3d:12:10:94:a7:ef:16:bb:09:70:f9:73:
c6:69:5a:fd:c0:b2:81:5b:ab:d1:5f:5e:28:26:47:b2:66:ae:
09:b6:29:da:d2:25:e8:dc:e7:71:f8:58:10:ac:5e:cb:21:ae:
57:99:e6:16:9b:bb:8c:eb:f4:0c:e3:22:6d:f7:61:b0:99:71:
3b:23:f6:40:fc:51:6f:c0:d3:74:c4:d3:4c:05:b4:af:a0:a3:
83:aa:f3:e2:75:6a:90:31:a6:78:09:aa:6c:c4:68:c7:6e:9e:
bd:c6:0f:59:41:7d:37:7b:0b:e1:80:2c:6f:7c:fa:24:e4:b3:
6d:60:e9:6b:14:a9:5d:33:04:66:65:d1:e0:59:4f:64:4f:54:
23:df:d0:2e:ae:b4:ee:d5:47:58:d3:9c:8d:96:08:b1:9a:b0:
6b:96:94:56
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ4RDkxMTAvBgNVBAUTKDAzMUM5QzI2RTVCQUIxQjAxQUYxOEEwQkIxQjk3MEFC
NTc3MzQ1NkIwHhcNMjMwNDEyMTAwMzQ0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM2ODIwMC1kMGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2FfgHnKitjHy1VbBDdh/oCfKaQ7fHlk+MdIFN1vrx21lxdh/4im/EYrOsD0
6s959oTiUF+Ke76vHRP85mG8Jr5wpj83NkiPjg5kH/x9gdXZeA3IPzbpfPTBNKMf
mlcqTrkkGir8k4E9WthtK0/dRkMC1MjjDeQ29US7ywb5lSJoTzUZSNNI0xn6Hclh
IW2T1tstgHKwJ+HJzGKvbH5QSqtbWDKrj2sVggxEIUtzdkGUH5qNMAR8LBGmBSuC
90k0S2jhpAr/QlrB2JEiknxZ4gvVyH1B5WS3heVf3G2ScQY5bRDRdeKuYMs2163u
jBwhMn81x8FxSNV+qzx1f/tJ4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLNMr+Dx
LudW/v5CKUp+0pNchqGyMB8GA1UdIwQYMBaAFAMcnCblurGwGvGKC7G5cKtXc0Vr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDhEOS81NDgzQkZCNkM4
RkIxMUVCQkE1QkFFNTFDNEY5QUUwMi9BeHljSnVXNnNiQWE4WW9Mc2Jsd3ExZHpS
V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0F4eWNKdVc2c2JBYThZb0xzYmx3cTFkelJXcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ4RDkvNTQ4M0JGQjZDOEZCMTFFQkJBNUJBRTUxQzRGOUFFMDIvNEYwNDVEQjhE
OTE5MTFFREJBMERDNzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnTxAwDQYJKoZIhvcNAQELBQADggEBAJc99fbj6/tTbZno
O/ka99xM9mwawCh2oYeCkJsx5PKhuTDdie0NiWoSFOzWjQ18GKU7Tb8VP6Qufszu
ywASkjCswm3xWXQM4WS7yjS0pw32oyUi6hzSniPbvWzwzyUb7D0SEJSn7xa7CXD5
c8ZpWv3AsoFbq9FfXigmR7Jmrgm2KdrSJejc53H4WBCsXsshrleZ5habu4zr9Azj
Im33YbCZcTsj9kD8UW/A03TE00wFtK+go4Oq8+J1apAxpngJqmzEaMdunr3GD1lB
fTd7C+GALG98+iTks21g6WsUqV0zBGZl0eBZT2RPVCPf0C6utO7VR1jTnI2WCLGa
sGuWlFY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org