Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/BD2A5F2CC7EA11EC9190F382C4F9AE02.roa
File: BD2A5F2CC7EA11EC9190F382C4F9AE02.roa (raw, json)
Hash identifier: ss3oikggDzPj3e+Cz0Hgx9clVgXESFLgT5Je2DIQh94=
Subject key identifier: 64:54:9C:57:EB:C6:21:38:CF:3A:39:88:D5:C5:6C:03:49:8B:87:A5
Certificate issuer: /CN=A917CEE3/serialNumber=30E0803DEBA600AC9A92644C96F78A8E885D7C50
Certificate serial: 033B
Authority key identifier: 30:E0:80:3D:EB:A6:00:AC:9A:92:64:4C:96:F7:8A:8E:88:5D:7C:50
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOCAPeumAKyakmRMlveKjohdfFA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/BD2A5F2CC7EA11EC9190F382C4F9AE02.roa
Signing time: Sun 02 Oct 2022 03:22:26 +0000
ROA not before: Sun 02 Oct 2022 03:22:26 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 135567
IP address blocks: 103.123.112.0/24 maxlen: 24
103.123.113.0/24 maxlen: 24
103.123.114.0/24 maxlen: 24
103.123.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 827 (0x33b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917CEE3/serialNumber=30E0803DEBA600AC9A92644C96F78A8E885D7C50
Validity
Not Before: Oct 2 03:22:26 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=633903f2-572e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c0:19:8e:cf:f5:38:c1:54:10:8c:3d:fe:81:
70:9a:5e:04:88:90:69:ba:40:7e:56:c5:d7:fa:af:
19:e2:5b:e1:0b:7d:3d:7b:38:6c:46:b1:fd:ee:f4:
fa:d4:d4:41:39:be:e9:7e:81:4f:5c:67:56:1e:0e:
24:35:29:93:65:7d:1c:4e:05:1a:5e:47:e5:e5:30:
95:e6:31:19:9d:9f:2f:30:dd:16:fa:50:18:63:24:
14:f9:1d:df:58:a1:00:0e:f3:0c:4d:56:90:00:f9:
71:5b:4d:4c:e3:4c:ab:f6:d4:21:96:b8:73:a2:f6:
60:9d:4c:44:e1:e9:c9:35:e4:bd:d4:ee:c7:6c:82:
59:c6:21:2b:e8:9e:d1:0a:01:36:19:e4:f5:88:58:
09:f8:fc:88:a4:c9:88:f9:e2:7d:8f:55:57:5f:88:
36:0d:0e:b3:c6:91:ba:fc:eb:c3:28:20:cb:2a:27:
31:41:25:d8:a0:e3:15:a3:2d:f1:2e:76:ad:63:e7:
41:6c:f3:ae:b0:12:d7:c9:82:e5:8f:19:10:97:f4:
f1:e6:c6:15:13:96:57:7a:b9:98:0d:75:82:1d:1b:
f9:ed:e7:fd:dc:1c:fd:76:06:05:76:e0:86:c6:0b:
36:37:0c:0f:56:7f:4a:ba:9e:79:52:ca:ca:d9:98:
64:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:54:9C:57:EB:C6:21:38:CF:3A:39:88:D5:C5:6C:03:49:8B:87:A5
X509v3 Authority Key Identifier:
keyid:30:E0:80:3D:EB:A6:00:AC:9A:92:64:4C:96:F7:8A:8E:88:5D:7C:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/MOCAPeumAKyakmRMlveKjohdfFA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOCAPeumAKyakmRMlveKjohdfFA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CEE3/9A77AA2A059411EC9F646854C4F9AE02/BD2A5F2CC7EA11EC9190F382C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.112.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:78:a3:72:c6:49:29:5c:13:fa:99:40:b8:83:29:4b:0d:c1:
ef:15:44:37:a0:d3:38:27:7c:77:0f:b6:7a:31:35:86:da:df:
f3:2a:1c:1e:50:10:26:e7:a4:c1:e8:82:13:53:ec:87:1d:c8:
2d:35:97:da:f7:e3:c6:88:0f:42:7c:5c:86:73:77:2a:2d:47:
fb:46:99:ab:f8:22:5a:19:b9:b2:d6:97:2c:f0:e7:53:5e:01:
f4:be:89:32:50:da:6c:13:19:0d:a5:2d:4a:31:02:47:34:d2:
37:11:82:83:89:4d:0a:cf:f9:cb:c8:95:2c:de:4a:8e:93:5b:
98:3b:cd:f6:ec:08:a9:96:b4:8b:aa:29:7a:b9:3c:95:df:6d:
de:7d:a4:7f:04:84:df:d0:80:d4:14:3a:1b:bb:4e:a2:69:e2:
1d:33:71:a5:0e:ed:ae:d3:79:31:92:99:31:d4:e8:11:34:e4:
9b:5d:0c:4a:c4:90:3a:83:85:fa:bb:eb:b6:ca:93:d5:1d:7d:
56:49:74:c6:92:62:f8:9b:79:3d:f1:ee:c9:97:90:7f:7a:ea:
28:0f:a2:fe:5c:92:d6:71:a7:1f:c0:ac:6b:0d:95:c4:15:dd:
9a:66:15:1f:69:77:69:24:cb:60:f5:ef:fd:de:3d:07:3a:a2:
ec:44:05:a8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NFRTMxMTAvBgNVBAUTKDMwRTA4MDNERUJBNjAwQUM5QTkyNjQ0Qzk2Rjc4QThF
ODg1RDdDNTAwHhcNMjIxMDAyMDMyMjI2WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM5MDNmMi01NzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn8AZjs/1OMFUEIw9/oFwml4EiJBpukB+VsXX+q8Z4lvhC309ezhsRrH97vT6
1NRBOb7pfoFPXGdWHg4kNSmTZX0cTgUaXkfl5TCV5jEZnZ8vMN0W+lAYYyQU+R3f
WKEADvMMTVaQAPlxW01M40yr9tQhlrhzovZgnUxE4enJNeS91O7HbIJZxiEr6J7R
CgE2GeT1iFgJ+PyIpMmI+eJ9j1VXX4g2DQ6zxpG6/OvDKCDLKicxQSXYoOMVoy3x
LnatY+dBbPOusBLXyYLljxkQl/Tx5sYVE5ZXermYDXWCHRv57ef93Bz9dgYFduCG
xgs2NwwPVn9Kup55UsrK2ZhkOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGRUnFfr
xiE4zzo5iNXFbANJi4elMB8GA1UdIwQYMBaAFDDggD3rpgCsmpJkTJb3io6IXXxQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0VFMy85QTc3QUEyQTA1
OTQxMUVDOUY2NDY4NTRDNEY5QUUwMi9NT0NBUGV1bUFLeWFrbVJNbHZlS2pvaGRm
RkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PQ0FQZXVtQUt5YWttUk1sdmVLam9oZGZGQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NFRTMvOUE3N0FBMkEwNTk0MTFFQzlGNjQ2ODU0QzRGOUFFMDIvQkQyQTVGMkND
N0VBMTFFQzkxOTBGMzgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJne3AwDQYJKoZIhvcNAQELBQADggEBALp4o3LGSSlcE/qZ
QLiDKUsNwe8VRDeg0zgnfHcPtnoxNYba3/MqHB5QECbnpMHoghNT7IcdyC01l9r3
48aID0J8XIZzdyotR/tGmav4IloZubLWlyzw51NeAfS+iTJQ2mwTGQ2lLUoxAkc0
0jcRgoOJTQrP+cvIlSzeSo6TW5g7zfbsCKmWtIuqKXq5PJXfbd59pH8EhN/QgNQU
Ohu7TqJp4h0zcaUO7a7TeTGSmTHU6BE05JtdDErEkDqDhfq767bKk9UdfVZJdMaS
YvibeT3x7smXkH966igPov5cktZxpx/ArGsNlcQV3ZpmFR9pd2kky2D17/3ePQc6
ouxEBag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org