Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/8BF9D3E68FE311EB89767C78C4F9AE02.roa
File: 8BF9D3E68FE311EB89767C78C4F9AE02.roa (raw, json)
Hash identifier: JUDf6RGIofyY9SLxM8mVjygHk5ON8v8/SJC/sHEcR1Q=
Subject key identifier: CF:56:A5:1E:18:4F:1B:3E:B3:3D:60:5D:DC:FE:0E:D5:82:2F:58:3B
Certificate issuer: /CN=A917CBD7/serialNumber=E9923BAC0F5C58CABEB93286CA20266F1F6EFB14
Certificate serial: 08B5
Authority key identifier: E9:92:3B:AC:0F:5C:58:CA:BE:B9:32:86:CA:20:26:6F:1F:6E:FB:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6ZI7rA9cWMq-uTKGyiAmbx9u-xQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/8BF9D3E68FE311EB89767C78C4F9AE02.roa
Signing time: Tue 10 Jan 2023 21:57:49 +0000
ROA not before: Tue 10 Jan 2023 21:57:49 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 138492
IP address blocks: 103.127.0.0/24 maxlen: 24
103.127.1.0/24 maxlen: 24
103.127.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2229 (0x8b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917CBD7/serialNumber=E9923BAC0F5C58CABEB93286CA20266F1F6EFB14
Validity
Not Before: Jan 10 21:57:49 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63bddf5d-e131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:19:27:a8:da:f7:5f:1b:bc:26:cd:21:ab:a0:
1a:81:1d:3b:b2:a8:11:c4:aa:e0:32:24:49:9c:cc:
4a:18:56:35:8a:61:a1:46:e7:75:e6:de:92:40:38:
fe:cf:f4:51:c4:e2:74:ff:60:95:64:1d:c7:63:b1:
68:ca:71:d4:5a:e6:f1:7b:e5:41:95:e8:1d:16:67:
01:97:d7:34:de:de:2b:69:62:25:05:a0:29:9f:1d:
cf:15:38:c5:f7:a4:4d:d1:5e:fe:78:cf:07:9f:84:
64:2b:09:a4:70:fd:0c:3f:c3:f1:0a:28:3d:fb:90:
1a:38:5e:ef:21:f2:5c:ab:fd:95:04:f0:38:54:f8:
fa:13:fa:30:08:48:06:2d:ee:db:b0:80:db:45:ae:
6c:32:40:a3:96:20:94:69:4c:f8:bb:84:d7:c6:db:
03:45:e0:20:99:6d:fb:a2:52:42:f4:1a:71:79:a4:
fd:86:b8:40:b3:75:8f:9c:47:e8:16:34:f3:60:5a:
4c:a5:84:e3:c3:34:23:54:6b:0f:d3:36:a7:73:a7:
4a:b9:99:09:ab:c8:5c:76:ed:3e:b3:8c:80:51:4a:
f3:5e:e3:6e:2a:9f:1a:09:36:fc:37:9e:6f:85:96:
79:71:4f:6f:81:16:45:82:d2:28:4d:79:7b:e0:42:
08:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:56:A5:1E:18:4F:1B:3E:B3:3D:60:5D:DC:FE:0E:D5:82:2F:58:3B
X509v3 Authority Key Identifier:
keyid:E9:92:3B:AC:0F:5C:58:CA:BE:B9:32:86:CA:20:26:6F:1F:6E:FB:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/6ZI7rA9cWMq-uTKGyiAmbx9u-xQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6ZI7rA9cWMq-uTKGyiAmbx9u-xQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/8BF9D3E68FE311EB89767C78C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.0.0-103.127.2.255
Signature Algorithm: sha256WithRSAEncryption
6e:d1:ea:71:c6:8a:74:27:5b:ab:04:79:c1:ee:d0:9e:b5:24:
52:1c:65:ab:b8:45:c1:02:29:21:a5:6e:25:54:de:f7:97:c0:
8a:9b:93:d6:5c:f7:f8:91:b3:34:ed:a1:7f:f4:e2:69:57:aa:
f1:e1:10:8f:8f:4f:16:94:10:90:1e:6f:90:12:4f:48:6d:fe:
c0:31:46:4c:b5:46:74:44:da:10:13:28:e0:d6:59:e9:f6:9c:
98:e6:0f:8f:03:5d:85:58:b7:d3:ce:61:74:6f:c7:00:b4:77:
56:cd:8a:93:ff:ea:c6:eb:a5:97:22:ca:f3:f2:8a:6c:c8:2f:
ba:8d:80:06:50:d6:e5:30:22:03:50:3a:ea:19:ee:52:54:4e:
d1:e5:48:36:44:ba:4a:3c:98:5e:dd:b4:6a:bb:65:de:8f:49:
52:07:d5:12:01:79:5b:9e:90:c2:d6:32:dc:69:39:61:37:56:
33:95:08:b2:a0:bf:08:34:e5:dd:93:cc:02:6a:f9:3e:02:53:
5e:e7:d0:64:8e:f9:ec:a6:a0:6f:17:5d:30:36:89:a6:13:49:
9e:fd:38:4a:57:52:45:7d:b4:ab:23:f7:c0:49:b5:67:b5:50:
3f:43:2d:93:83:c6:03:0d:44:2b:fe:d7:32:00:e3:c3:50:71:
2a:e7:aa:7f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NCRDcxMTAvBgNVBAUTKEU5OTIzQkFDMEY1QzU4Q0FCRUI5MzI4NkNBMjAyNjZG
MUY2RUZCMTQwHhcNMjMwMTEwMjE1NzQ5WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JkZGY1ZC1lMTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuRknqNr3Xxu8Js0hq6AagR07sqgRxKrgMiRJnMxKGFY1imGhRud15t6SQDj+
z/RRxOJ0/2CVZB3HY7FoynHUWubxe+VBlegdFmcBl9c03t4raWIlBaApnx3PFTjF
96RN0V7+eM8Hn4RkKwmkcP0MP8PxCig9+5AaOF7vIfJcq/2VBPA4VPj6E/owCEgG
Le7bsIDbRa5sMkCjliCUaUz4u4TXxtsDReAgmW37olJC9BpxeaT9hrhAs3WPnEfo
FjTzYFpMpYTjwzQjVGsP0zanc6dKuZkJq8hcdu0+s4yAUUrzXuNuKp8aCTb8N55v
hZZ5cU9vgRZFgtIoTXl74EIIvwIDAQABo4ICnDCCApgwHQYDVR0OBBYEFM9WpR4Y
Txs+sz1gXdz+DtWCL1g7MB8GA1UdIwQYMBaAFOmSO6wPXFjKvrkyhsogJm8fbvsU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0JENy8xOTIzQkY2ODY0
MjgxMUVBQTcwNDFENDhDNEY5QUUwMi82Wkk3ckE5Y1dNcS11VEtHeWlBbWJ4OXUt
eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZaSTdyQTljV01xLXVUS0d5aUFtYng5dS14US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NCRDcvMTkyM0JGNjg2NDI4MTFFQUE3MDQxRDQ4QzRGOUFFMDIvOEJGOUQzRTY4
RkUzMTFFQjg5NzY3Qzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E
FzAVMBMEAgABMA0wCwMDAGd/AwQAZ38CMA0GCSqGSIb3DQEBCwUAA4IBAQBu0epx
xop0J1urBHnB7tCetSRSHGWruEXBAikhpW4lVN73l8CKm5PWXPf4kbM07aF/9OJp
V6rx4RCPj08WlBCQHm+QEk9Ibf7AMUZMtUZ0RNoQEyjg1lnp9pyY5g+PA12FWLfT
zmF0b8cAtHdWzYqT/+rG66WXIsrz8opsyC+6jYAGUNblMCIDUDrqGe5SVE7R5Ug2
RLpKPJhe3bRqu2Xej0lSB9USAXlbnpDC1jLcaTlhN1YzlQiyoL8INOXdk8wCavk+
AlNe59BkjvnspqBvF10wNommE0me/ThKV1JFfbSrI/fASbVntVA/Qy2Tg8YDDUQr
/tcyAOPDUHEq56p/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org