Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E726/6DBFA38A52D911EA827DD082C4F9AE02/84B2050C5ADB11EE8F91BA76C4F9AE02.roa
File: 84B2050C5ADB11EE8F91BA76C4F9AE02.roa (raw, json)
Hash identifier: /ukiCUmUOh3iI2qDSPn8C1E0mouCzTcNDesYg5/KSW4=
Subject key identifier: 19:F8:52:B9:63:8A:2C:53:1A:3C:9F:52:8E:A3:D8:89:24:F7:25:40
Certificate issuer: /CN=A917E726/serialNumber=D74AC1B8A3335243FCB2F9905BC51DBDCB0E236D
Certificate serial: 098C
Authority key identifier: D7:4A:C1:B8:A3:33:52:43:FC:B2:F9:90:5B:C5:1D:BD:CB:0E:23:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/10rBuKMzUkP8svmQW8UdvcsOI20.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E726/6DBFA38A52D911EA827DD082C4F9AE02/84B2050C5ADB11EE8F91BA76C4F9AE02.roa
Signing time: Sun 24 Sep 2023 13:08:57 +0000
ROA not before: Sun 24 Sep 2023 13:08:57 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 140213
IP address blocks: 103.148.172.0/23 maxlen: 23
103.148.173.0/24 maxlen: 24
2001:df2:df80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2444 (0x98c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E726/serialNumber=D74AC1B8A3335243FCB2F9905BC51DBDCB0E236D
Validity
Not Before: Sep 24 13:08:57 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=651034e8-9040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:b3:ef:da:b3:c1:45:d5:0a:3f:6e:a7:03:
a7:90:26:fc:ba:b2:c5:34:93:8a:fd:66:45:8b:6c:
27:99:f4:d5:17:68:80:07:7b:70:c5:85:07:8b:c6:
79:52:d4:01:64:35:f5:3e:9d:37:de:8b:c9:23:32:
88:ff:83:05:08:34:86:47:1f:de:03:44:6a:b9:99:
f7:bf:f1:e9:99:90:74:d7:fd:f4:ac:9c:f9:72:65:
31:86:18:1a:83:a3:c4:f8:2d:f8:67:1b:02:84:25:
d4:7e:75:19:d7:32:df:c0:e4:0c:6a:9d:dc:1b:40:
62:59:eb:f7:9e:19:b2:69:84:05:9f:55:3b:99:49:
35:40:f0:8f:16:13:68:84:14:7f:eb:0e:18:43:a9:
37:72:01:d6:46:41:8d:0c:48:0a:9f:27:d4:d7:0f:
bf:0e:2e:2d:75:0b:48:af:70:ba:63:72:b6:0f:6f:
3b:a1:ea:5e:c1:9a:9f:e2:2c:f2:a7:d3:00:79:36:
2a:8c:05:fc:01:f7:37:11:c9:62:5a:6b:51:07:f6:
50:43:4c:99:ac:d7:db:3f:82:89:e8:1d:0e:af:14:
a0:52:33:e4:6c:6e:36:45:c1:a7:da:7c:ef:62:3c:
cb:4d:1a:27:3f:22:41:f3:56:a5:59:01:64:59:91:
f5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F8:52:B9:63:8A:2C:53:1A:3C:9F:52:8E:A3:D8:89:24:F7:25:40
X509v3 Authority Key Identifier:
keyid:D7:4A:C1:B8:A3:33:52:43:FC:B2:F9:90:5B:C5:1D:BD:CB:0E:23:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E726/6DBFA38A52D911EA827DD082C4F9AE02/10rBuKMzUkP8svmQW8UdvcsOI20.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/10rBuKMzUkP8svmQW8UdvcsOI20.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E726/6DBFA38A52D911EA827DD082C4F9AE02/84B2050C5ADB11EE8F91BA76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.172.0/23
IPv6:
2001:df2:df80::/48
Signature Algorithm: sha256WithRSAEncryption
7d:08:5a:ac:48:ea:4f:96:82:92:49:8e:85:7a:83:d7:30:a8:
2f:af:2c:a3:83:04:1f:a2:49:86:d0:09:6d:b5:06:b7:ce:0e:
80:5f:a0:83:08:ed:c8:4c:b8:ae:96:f3:cd:63:f3:8d:00:3e:
43:46:e0:52:17:f9:0b:dc:de:ae:d3:bc:4f:42:17:2f:be:a8:
41:0e:d0:01:8a:e2:15:24:f9:2b:f9:21:ab:8a:18:88:1b:f9:
dd:3f:40:1a:1c:59:3d:c1:74:a1:f1:05:4f:2a:c5:55:8d:8b:
4a:e1:39:a8:5e:fb:47:1a:46:01:e9:b6:82:8d:26:cf:e6:10:
8b:3c:09:f4:98:ed:88:c0:6d:61:a1:3f:a9:be:08:bd:1a:e2:
4a:da:0a:d7:24:aa:a3:25:da:54:87:97:11:6c:e2:e2:48:31:
aa:5c:99:f4:26:34:0c:14:97:83:68:e9:73:58:9b:f3:a6:2a:
19:a5:33:a5:71:e8:8a:01:59:3f:fc:ab:04:0b:62:fb:9d:c1:
9e:03:f9:84:00:be:be:9d:f1:2d:e3:69:bb:78:81:30:bf:d1:
a1:3f:10:7b:a4:4d:04:5e:4a:73:72:c8:81:10:d4:5c:85:69:
58:0e:25:1d:90:4a:ec:c2:8c:63:56:e8:b8:47:65:50:ef:d0:
7e:84:14:13
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U3MjYxMTAvBgNVBAUTKEQ3NEFDMUI4QTMzMzUyNDNGQ0IyRjk5MDVCQzUxREJE
Q0IwRTIzNkQwHhcNMjMwOTI0MTMwODU3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEwMzRlOC05MDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr62z79qzwUXVCj9upwOnkCb8urLFNJOK/WZFi2wnmfTVF2iAB3twxYUHi8Z5
UtQBZDX1Pp033ovJIzKI/4MFCDSGRx/eA0RquZn3v/HpmZB01/30rJz5cmUxhhga
g6PE+C34ZxsChCXUfnUZ1zLfwOQMap3cG0BiWev3nhmyaYQFn1U7mUk1QPCPFhNo
hBR/6w4YQ6k3cgHWRkGNDEgKnyfU1w+/Di4tdQtIr3C6Y3K2D287oepewZqf4izy
p9MAeTYqjAX8Afc3EcliWmtRB/ZQQ0yZrNfbP4KJ6B0OrxSgUjPkbG42RcGn2nzv
YjzLTRonPyJB81alWQFkWZH1aQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBn4Urlj
iixTGjyfUo6j2Ikk9yVAMB8GA1UdIwQYMBaAFNdKwbijM1JD/LL5kFvFHb3LDiNt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTcyNi82REJGQTM4QTUy
RDkxMUVBODI3REQwODJDNEY5QUUwMi8xMHJCdUtNelVrUDhzdm1RVzhVZHZjc09J
MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzEwckJ1S016VWtQOHN2bVFXOFVkdmNzT0kyMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U3MjYvNkRCRkEzOEE1MkQ5MTFFQTgyN0REMDgyQzRGOUFFMDIvODRCMjA1MEM1
QURCMTFFRThGOTFCQTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlKwwDwQCAAIwCQMHACABDfLfgDANBgkqhkiG9w0BAQsF
AAOCAQEAfQharEjqT5aCkkmOhXqD1zCoL68so4MEH6JJhtAJbbUGt84OgF+ggwjt
yEy4rpbzzWPzjQA+Q0bgUhf5C9zertO8T0IXL76oQQ7QAYriFST5K/khq4oYiBv5
3T9AGhxZPcF0ofEFTyrFVY2LSuE5qF77RxpGAem2go0mz+YQizwJ9JjtiMBtYaE/
qb4IvRriStoK1ySqoyXaVIeXEWzi4kgxqlyZ9CY0DBSXg2jpc1ib86YqGaUzpXHo
igFZP/yrBAti+53BngP5hAC+vp3xLeNpu3iBML/RoT8Qe6RNBF5Kc3LIgRDUXIVp
WA4lHZBK7MKMY1bouEdlUO/QfoQUEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org