Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/4D8B0354F43911EB996EF71CC4F9AE02.roa
File: 4D8B0354F43911EB996EF71CC4F9AE02.roa (raw, json)
Hash identifier: zjBkVQ6kFhLxcb4iUMav0wvakIfHNi9BncbJx8tZDVM=
Subject key identifier: 88:C0:4D:FC:B9:1E:33:AE:A9:23:EB:2A:92:33:1D:EF:71:3E:41:71
Certificate issuer: /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
Certificate serial: 034B
Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/4D8B0354F43911EB996EF71CC4F9AE02.roa
Signing time: Sat 01 Oct 2022 03:02:22 +0000
ROA not before: Sat 01 Oct 2022 03:02:22 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 142605
IP address blocks: 103.170.204.0/23 maxlen: 23
103.170.204.0/24 maxlen: 24
103.170.205.0/24 maxlen: 24
2001:df7:2780::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 843 (0x34b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
Validity
Not Before: Oct 1 03:02:22 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6337adbd-9936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fc:4b:fc:3b:22:a9:e4:ff:13:4f:51:94:f7:
3e:11:49:d3:39:c3:8d:d2:f2:28:ae:f2:27:1e:9d:
d6:60:30:bf:29:1f:fe:25:9c:1c:51:3c:f5:3e:54:
19:0a:59:a1:4b:08:23:d9:29:46:e9:7b:0e:d9:5d:
74:7e:8c:7a:b7:96:35:19:66:ef:6d:a0:31:75:39:
d4:c6:1c:1d:36:44:76:8b:3d:aa:72:dc:65:15:2a:
1b:42:f1:57:73:c2:cd:a1:fc:87:27:95:8a:5c:2a:
d6:d5:79:59:5d:6b:21:c1:0c:14:86:c5:ab:ed:57:
eb:e1:75:05:df:53:38:10:bd:21:04:e6:77:42:fb:
01:eb:cd:99:2b:f1:51:8d:d1:73:53:ee:7f:ba:54:
33:99:2c:5d:ab:7f:25:51:fb:ca:39:c8:a2:dc:01:
62:b7:fa:01:c1:29:c4:49:3b:78:af:fb:7c:a2:e7:
a7:11:3c:83:de:af:d0:f5:b3:f3:8a:f3:11:f2:97:
12:99:da:a9:f1:0c:13:14:54:3a:c6:65:c3:cd:ca:
81:8a:6f:03:60:c8:a7:5b:6d:0a:1c:fe:01:31:07:
ba:b0:a0:3c:1e:e2:1e:c7:06:5d:46:ff:7a:ab:e1:
9e:65:f8:d2:4c:27:68:d0:f9:7b:68:71:74:4d:1b:
6e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C0:4D:FC:B9:1E:33:AE:A9:23:EB:2A:92:33:1D:EF:71:3E:41:71
X509v3 Authority Key Identifier:
keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/4D8B0354F43911EB996EF71CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.204.0/23
IPv6:
2001:df7:2780::/48
Signature Algorithm: sha256WithRSAEncryption
6e:c7:47:9a:70:52:76:53:6a:fb:10:e2:32:3f:df:6b:29:a4:
39:f4:d5:91:20:4e:cb:61:65:dd:04:76:6d:81:8b:03:a2:c4:
38:1a:26:d3:65:4e:dd:af:04:74:59:35:47:96:38:52:72:a0:
f7:60:3a:00:93:2d:42:ad:85:38:76:13:3b:12:11:e3:45:f5:
3c:fd:74:88:38:ad:f9:21:8d:d4:7c:2d:81:17:de:02:de:e2:
05:e0:87:25:9b:21:38:af:2d:a2:69:57:1a:73:66:0b:e8:3e:
41:11:1f:82:73:1c:0d:b1:60:3c:70:9e:0a:ba:63:77:37:06:
e6:92:3d:37:b7:81:cb:a0:98:ef:a6:2d:a6:2c:21:c9:94:80:
3e:53:1b:08:92:84:a0:55:ab:03:90:c6:91:75:76:2e:2c:3f:
48:95:5f:a5:d4:1f:55:e8:f5:65:bf:ea:4d:8d:8b:ca:63:fd:
08:35:2f:2c:3f:23:fc:7e:d4:e2:fb:35:eb:17:ac:75:9a:46:
fd:b5:ee:c3:5a:25:98:08:32:f9:58:82:c7:f1:49:60:5b:d0:
ac:b9:d4:7a:43:d5:6c:23:69:c9:e0:e3:51:7c:27:3c:2b:07:
93:5f:e4:04:65:bd:c4:64:7f:24:d4:98:47:66:79:a8:2c:bc:
76:b6:70:7f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG
NkFFQzIxNzIwHhcNMjIxMDAxMDMwMjIyWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM3YWRiZC05OTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoPxL/DsiqeT/E09RlPc+EUnTOcON0vIorvInHp3WYDC/KR/+JZwcUTz1PlQZ
ClmhSwgj2SlG6XsO2V10fox6t5Y1GWbvbaAxdTnUxhwdNkR2iz2qctxlFSobQvFX
c8LNofyHJ5WKXCrW1XlZXWshwQwUhsWr7Vfr4XUF31M4EL0hBOZ3QvsB682ZK/FR
jdFzU+5/ulQzmSxdq38lUfvKOcii3AFit/oBwSnESTt4r/t8ouenETyD3q/Q9bPz
ivMR8pcSmdqp8QwTFFQ6xmXDzcqBim8DYMinW20KHP4BMQe6sKA8HuIexwZdRv96
q+GeZfjSTCdo0Pl7aHF0TRtuVQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIjATfy5
HjOuqSPrKpIzHe9xPkFxMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0
MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY3QTEvOTFFOEUyODRGNDM3MTFFQkI1RDU2OTFDQzRGOUFFMDIvNEQ4QjAzNTRG
NDM5MTFFQjk5NkVGNzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnqswwDwQCAAIwCQMHACABDfcngDANBgkqhkiG9w0BAQsF
AAOCAQEAbsdHmnBSdlNq+xDiMj/faymkOfTVkSBOy2Fl3QR2bYGLA6LEOBom02VO
3a8EdFk1R5Y4UnKg92A6AJMtQq2FOHYTOxIR40X1PP10iDit+SGN1HwtgRfeAt7i
BeCHJZshOK8tomlXGnNmC+g+QREfgnMcDbFgPHCeCrpjdzcG5pI9N7eBy6CY76Yt
piwhyZSAPlMbCJKEoFWrA5DGkXV2Liw/SJVfpdQfVej1Zb/qTY2LymP9CDUvLD8j
/H7U4vs16xesdZpG/bXuw1olmAgy+ViCx/FJYFvQrLnUekPVbCNpyeDjUXwnPCsH
k1/kBGW9xGR/JNSYR2Z5qCy8drZwfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org