Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/A334AC4895EC11EBA27A4787C4F9AE02.roa
File: A334AC4895EC11EBA27A4787C4F9AE02.roa (raw, json)
Hash identifier: +XcwxDw6ahxXpkGdYBaWrkvzjxqYxKtSeLaQOYscKNQ=
Subject key identifier: 04:2C:B4:E9:3D:2D:E0:D8:BB:31:6F:5E:6C:50:31:DB:5C:A3:28:2F
Certificate issuer: /CN=A917CBD7/serialNumber=E9923BAC0F5C58CABEB93286CA20266F1F6EFB14
Certificate serial: 08B6
Authority key identifier: E9:92:3B:AC:0F:5C:58:CA:BE:B9:32:86:CA:20:26:6F:1F:6E:FB:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6ZI7rA9cWMq-uTKGyiAmbx9u-xQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/A334AC4895EC11EBA27A4787C4F9AE02.roa
Signing time: Tue 10 Jan 2023 21:57:50 +0000
ROA not before: Tue 10 Jan 2023 21:57:50 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 139282
IP address blocks: 103.127.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2230 (0x8b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917CBD7/serialNumber=E9923BAC0F5C58CABEB93286CA20266F1F6EFB14
Validity
Not Before: Jan 10 21:57:50 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63bddf5e-426f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2e:48:9b:96:34:2e:8a:14:40:16:0d:b7:c5:
4e:d5:37:12:f2:e1:2b:25:ee:e9:4d:2a:d1:7e:a1:
ea:e5:a2:bc:6c:c5:09:7d:79:60:2a:55:00:b8:fb:
f6:9b:be:18:de:1a:47:2b:ec:55:00:97:a8:c1:54:
ee:26:dd:d5:62:16:63:0d:d7:9f:85:f9:a4:9c:5f:
e6:7a:2e:f2:55:a6:7c:b7:3d:f4:93:19:16:b0:ac:
3f:6a:af:74:33:79:82:29:0f:e4:10:33:4c:0f:96:
54:40:ab:57:98:b9:5b:dd:6e:33:78:15:4e:75:46:
6e:d9:9c:41:71:8a:8b:03:50:2d:a5:20:db:dd:67:
e0:b0:67:89:bc:ab:77:08:cf:94:33:6e:23:ff:4b:
f6:8f:39:d1:bd:1b:cd:8f:84:c1:cd:d9:f1:b7:bb:
e9:a2:f3:27:e5:b6:d5:6b:9a:e6:e0:2b:74:41:6f:
3b:ac:77:8b:dd:0e:6c:45:a9:96:82:19:f8:ce:44:
2a:88:34:5f:28:8f:8d:f9:73:43:26:c0:ea:0c:68:
2c:5a:2f:54:8e:63:0d:05:86:d8:79:02:a3:81:61:
56:cc:73:53:91:c6:c4:56:9c:cd:93:b8:00:8a:83:
c2:2c:fb:d0:f8:d2:fb:6b:ad:a8:12:e3:e9:f7:88:
5f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2C:B4:E9:3D:2D:E0:D8:BB:31:6F:5E:6C:50:31:DB:5C:A3:28:2F
X509v3 Authority Key Identifier:
keyid:E9:92:3B:AC:0F:5C:58:CA:BE:B9:32:86:CA:20:26:6F:1F:6E:FB:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/6ZI7rA9cWMq-uTKGyiAmbx9u-xQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6ZI7rA9cWMq-uTKGyiAmbx9u-xQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CBD7/1923BF68642811EAA7041D48C4F9AE02/A334AC4895EC11EBA27A4787C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b4:74:32:9a:d7:70:a2:b5:cb:f7:e3:35:98:3a:ac:b0:47:
5f:0e:89:c7:9c:ff:a4:4b:f6:74:57:87:00:69:f7:da:be:67:
17:aa:7b:26:29:dc:a1:2f:0e:e1:a9:79:b6:35:b0:60:57:ba:
0a:7c:ad:56:e5:44:16:83:27:48:7c:f9:8f:7f:b3:de:62:3f:
76:b7:b5:36:52:82:52:ba:e5:43:8c:a1:4a:b0:62:c0:b7:1e:
23:3f:f4:f4:77:02:7c:68:65:d8:42:e9:d6:e0:f9:c9:61:fc:
8a:99:ca:8d:e3:c4:e1:d0:53:28:a3:46:3a:5d:61:99:b9:0d:
2a:c8:f3:d6:0c:fe:af:25:ea:77:71:72:66:0f:11:ff:65:b3:
99:29:31:d3:69:d8:6b:aa:44:8e:dc:f9:68:68:ee:21:cd:c6:
69:f4:84:43:79:5f:da:12:63:25:23:5b:19:13:86:db:b2:99:
fc:04:79:18:1c:57:a6:8e:57:e0:55:e3:54:8f:a3:82:b8:33:
39:a0:10:11:5d:d1:da:fc:c1:08:4f:61:31:d4:e5:cb:d3:8d:
9e:76:c5:a1:cc:dc:21:9f:1c:2d:a9:ca:73:31:f6:e7:9c:f5:
54:09:23:b9:b7:f2:dd:32:45:c1:22:10:7e:d0:4b:87:18:35:
d1:74:5b:d7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCLYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NCRDcxMTAvBgNVBAUTKEU5OTIzQkFDMEY1QzU4Q0FCRUI5MzI4NkNBMjAyNjZG
MUY2RUZCMTQwHhcNMjMwMTEwMjE1NzUwWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JkZGY1ZS00MjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwS5Im5Y0LooUQBYNt8VO1TcS8uErJe7pTSrRfqHq5aK8bMUJfXlgKlUAuPv2
m74Y3hpHK+xVAJeowVTuJt3VYhZjDdefhfmknF/mei7yVaZ8tz30kxkWsKw/aq90
M3mCKQ/kEDNMD5ZUQKtXmLlb3W4zeBVOdUZu2ZxBcYqLA1AtpSDb3WfgsGeJvKt3
CM+UM24j/0v2jznRvRvNj4TBzdnxt7vpovMn5bbVa5rm4Ct0QW87rHeL3Q5sRamW
ghn4zkQqiDRfKI+N+XNDJsDqDGgsWi9UjmMNBYbYeQKjgWFWzHNTkcbEVpzNk7gA
ioPCLPvQ+NL7a62oEuPp94hfjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAQstOk9
LeDYuzFvXmxQMdtcoygvMB8GA1UdIwQYMBaAFOmSO6wPXFjKvrkyhsogJm8fbvsU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0JENy8xOTIzQkY2ODY0
MjgxMUVBQTcwNDFENDhDNEY5QUUwMi82Wkk3ckE5Y1dNcS11VEtHeWlBbWJ4OXUt
eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZaSTdyQTljV01xLXVUS0d5aUFtYng5dS14US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NCRDcvMTkyM0JGNjg2NDI4MTFFQUE3MDQxRDQ4QzRGOUFFMDIvQTMzNEFDNDg5
NUVDMTFFQkEyN0E0Nzg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnfwIwDQYJKoZIhvcNAQELBQADggEBAGy0dDKa13Citcv3
4zWYOqywR18Oicec/6RL9nRXhwBp99q+ZxeqeyYp3KEvDuGpebY1sGBXugp8rVbl
RBaDJ0h8+Y9/s95iP3a3tTZSglK65UOMoUqwYsC3HiM/9PR3AnxoZdhC6dbg+clh
/IqZyo3jxOHQUyijRjpdYZm5DSrI89YM/q8l6ndxcmYPEf9ls5kpMdNp2GuqRI7c
+Who7iHNxmn0hEN5X9oSYyUjWxkThtuymfwEeRgcV6aOV+BV41SPo4K4MzmgEBFd
0dr8wQhPYTHU5cvTjZ52xaHM3CGfHC2pynMx9uec9VQJI7m38t0yRcEiEH7QS4cY
NdF0W9c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org