Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/8B1B0A52675F11EEB9810727C4F9AE02.roa
File: 8B1B0A52675F11EEB9810727C4F9AE02.roa (raw, json)
Hash identifier: NkLYeWuM5mrwBU/ccs8zABmW6+7oNAh7RmL1nNQuwZI=
Subject key identifier: 98:40:1A:A6:74:8E:CC:74:D3:D6:9A:45:12:2F:F6:1C:F7:CF:04:61
Certificate issuer: /CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Certificate serial: 0428
Authority key identifier: 45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/8B1B0A52675F11EEB9810727C4F9AE02.roa
Signing time: Tue 10 Oct 2023 11:24:15 +0000
ROA not before: Tue 10 Oct 2023 11:24:15 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 203963
IP address blocks: 103.31.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1064 (0x428)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Validity
Not Before: Oct 10 11:24:15 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6525345f-3af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d5:c0:16:a4:8e:89:82:10:cf:06:b1:70:be:
ac:3e:3c:35:8d:57:7d:ae:cf:52:45:ac:d4:5d:aa:
bb:f9:7f:85:3e:1a:e7:8d:e3:f1:6d:c9:2d:b0:b3:
82:7a:c0:2b:a7:4f:80:a3:14:e8:fe:5d:cd:3e:0d:
79:32:4c:f5:6b:94:69:61:7b:c1:73:33:36:ca:38:
8a:b3:3f:c6:a6:82:e2:0b:72:93:b1:ab:75:2c:60:
a5:04:0b:e2:96:1b:84:79:3a:76:d3:e6:dd:d3:d6:
99:fb:b1:a3:57:74:5c:cb:fc:9f:dd:28:3a:7d:1d:
80:0a:6e:d5:de:71:e0:fa:9f:e5:4d:3d:01:e8:8e:
0a:4d:fd:b0:1c:7a:09:47:fa:d1:ce:93:9c:79:16:
d6:90:bc:f3:64:2a:c2:64:8c:a0:84:69:04:03:fa:
e8:a9:28:d6:be:85:a1:36:6d:c0:a3:b3:ab:18:d0:
89:eb:28:04:cf:53:16:bb:6a:e9:11:94:c5:2f:ce:
e5:69:9e:38:dc:67:a4:0a:2d:6c:f8:cc:5a:38:23:
ac:3c:0e:f3:90:d1:6e:97:2b:02:76:52:1e:a0:b9:
79:3e:0d:df:2b:d1:70:72:83:72:73:67:99:68:63:
d9:7c:c8:f5:15:e0:fa:b6:0f:aa:be:33:25:0f:63:
72:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:40:1A:A6:74:8E:CC:74:D3:D6:9A:45:12:2F:F6:1C:F7:CF:04:61
X509v3 Authority Key Identifier:
keyid:45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/RS-rvfCd335V_Q-dvd1CePRPuIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/8B1B0A52675F11EEB9810727C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.209.0/24
Signature Algorithm: sha256WithRSAEncryption
20:1d:f5:ed:d0:69:d9:5a:23:18:56:24:2c:71:b0:0d:ef:8c:
bf:b8:fb:ff:eb:04:55:ec:99:86:02:56:c7:af:38:b6:06:9e:
cb:bf:a7:3d:3d:3d:0f:59:2c:fe:66:77:2f:26:5d:e8:5b:7b:
d8:e6:6a:70:5c:04:91:cd:71:ae:d9:b2:31:0c:62:8f:93:2a:
2f:c6:98:bb:08:37:e1:e7:8a:53:62:f5:83:81:35:3d:db:9a:
73:37:39:52:d1:19:03:b2:68:db:f3:20:8e:ab:8e:5a:0f:db:
61:7f:40:b6:b3:e3:f5:bf:06:71:4b:a7:14:8b:95:93:01:82:
80:64:55:c8:6f:bb:eb:dd:b1:8d:b0:21:ad:7a:fd:8f:a2:cf:
7e:b4:21:f7:b6:1c:11:d5:c5:7f:29:21:bb:37:8a:cb:49:4f:
d4:d7:6a:65:0b:09:05:0f:80:85:7d:a9:04:b7:b1:4d:88:e1:
b1:7d:c0:a3:fa:9e:e9:f2:3b:a2:1f:72:5e:fa:37:97:cf:b0:
fd:91:89:11:32:32:c2:85:b1:71:80:03:74:9c:06:f9:92:79:
f0:67:3c:07:12:c9:2d:8b:b7:22:88:bf:04:b5:56:b1:d4:77:
71:77:6d:a4:59:78:1e:00:31:8f:bc:ef:8f:e2:73:a2:01:d4:
2d:6f:b1:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBCgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U1REMxMTAvBgNVBAUTKDQ1MkZBQkJERjA5RERGN0U1NUZEMEY5REJEREQ0Mjc4
RjQ0RkI4ODEwHhcNMjMxMDEwMTEyNDE1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI1MzQ1Zi0zYWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3dXAFqSOiYIQzwaxcL6sPjw1jVd9rs9SRazUXaq7+X+FPhrnjePxbcktsLOC
esArp0+AoxTo/l3NPg15Mkz1a5RpYXvBczM2yjiKsz/GpoLiC3KTsat1LGClBAvi
lhuEeTp20+bd09aZ+7GjV3Rcy/yf3Sg6fR2ACm7V3nHg+p/lTT0B6I4KTf2wHHoJ
R/rRzpOceRbWkLzzZCrCZIyghGkEA/roqSjWvoWhNm3Ao7OrGNCJ6ygEz1MWu2rp
EZTFL87laZ443GekCi1s+MxaOCOsPA7zkNFulysCdlIeoLl5Pg3fK9FwcoNyc2eZ
aGPZfMj1FeD6tg+qvjMlD2NyxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJhAGqZ0
jsx009aaRRIv9hz3zwRhMB8GA1UdIwQYMBaAFEUvq73wnd9+Vf0Pnb3dQnj0T7iB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTVEQy9CQkUyQjUwMkY4
RUIxMUVCQkVGNUFBMzdDNEY5QUUwMi9SUy1ydmZDZDMzNVZfUS1kdmQxQ2VQUlB1
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTLXJ2ZkNkMzM1Vl9RLWR2ZDFDZVBSUHVJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U1REMvQkJFMkI1MDJGOEVCMTFFQkJFRjVBQTM3QzRGOUFFMDIvOEIxQjBBNTI2
NzVGMTFFRUI5ODEwNzI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnH9EwDQYJKoZIhvcNAQELBQADggEBACAd9e3QadlaIxhW
JCxxsA3vjL+4+//rBFXsmYYCVsevOLYGnsu/pz09PQ9ZLP5mdy8mXehbe9jmanBc
BJHNca7ZsjEMYo+TKi/GmLsIN+HnilNi9YOBNT3bmnM3OVLRGQOyaNvzII6rjloP
22F/QLaz4/W/BnFLpxSLlZMBgoBkVchvu+vdsY2wIa16/Y+iz360Ife2HBHVxX8p
Ibs3istJT9TXamULCQUPgIV9qQS3sU2I4bF9wKP6nunyO6Ifcl76N5fPsP2RiREy
MsKFsXGAA3ScBvmSefBnPAcSyS2LtyKIvwS1VrHUd3F3baRZeB4AMY+874/ic6IB
1C1vsZI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org