Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919CF42/7A6ABFCC4CC611E8BEF03D75C4F9AE02/AD3E8BBC721A11EDB6DD0875C4F9AE02.roa
File: AD3E8BBC721A11EDB6DD0875C4F9AE02.roa (raw, json)
Hash identifier: 7SHIZ3qfR2W7Zt4tQA5QsqCkEtl9UydFubgefrNf+AM=
Subject key identifier: 08:60:EA:F5:FE:E6:49:28:F5:EF:95:97:C3:BA:E9:11:0B:CD:C8:47
Certificate issuer: /CN=A919CF42/serialNumber=3F556BC0251033BCE572FC6C8AB760ACC4970593
Certificate serial: 1352
Authority key identifier: 3F:55:6B:C0:25:10:33:BC:E5:72:FC:6C:8A:B7:60:AC:C4:97:05:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P1VrwCUQM7zlcvxsirdgrMSXBZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919CF42/7A6ABFCC4CC611E8BEF03D75C4F9AE02/AD3E8BBC721A11EDB6DD0875C4F9AE02.roa
Signing time: Mon 16 Jan 2023 13:44:17 +0000
ROA not before: Mon 16 Jan 2023 13:44:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140867
IP address blocks: 103.100.141.0/24 maxlen: 24
103.113.45.0/24 maxlen: 24
103.113.46.0/23 maxlen: 24
2402:b740:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4946 (0x1352)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919CF42/serialNumber=3F556BC0251033BCE572FC6C8AB760ACC4970593
Validity
Not Before: Jan 16 13:44:17 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c554b1-fb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:1b:99:d7:3c:29:65:a6:ed:d2:f5:b8:af:8d:
40:50:7e:c0:33:f8:0f:16:c0:00:68:31:8b:f1:80:
9a:a7:81:40:be:81:90:d6:b8:99:08:27:77:d7:36:
f3:f0:f0:db:75:25:a5:b3:ff:c0:d0:0a:90:45:5d:
fe:b8:7e:8f:55:7c:ca:2a:b7:33:fe:e8:8d:ce:35:
cd:68:ea:83:2e:c3:45:a2:5c:d4:2c:fd:3e:5e:be:
6e:b3:35:04:e3:03:f3:f1:0b:56:e5:95:a2:0f:e0:
3d:42:54:85:f6:0a:2b:55:22:65:75:52:5f:4a:f8:
33:37:67:58:76:2a:7f:de:87:e7:84:2b:8d:23:c2:
e5:7b:52:e3:d4:3c:b1:dc:b2:e5:38:19:14:7f:01:
6d:c0:6b:a3:8d:b8:05:6b:3b:84:3e:03:ba:66:e1:
c1:ca:4b:3e:51:77:77:98:7b:21:fc:7b:3f:24:45:
2e:34:99:e0:83:0e:4a:40:68:69:40:09:2f:b7:24:
1b:c2:e6:ff:50:30:e2:3a:a1:7f:d4:4c:d2:09:52:
b3:e8:1f:90:e9:e6:a7:c6:fc:eb:a7:49:eb:00:f1:
99:37:b6:e8:76:b5:33:17:68:70:58:38:e7:9f:4c:
c7:c9:d6:bc:ec:03:8a:17:49:1d:4f:e9:ca:11:e1:
16:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:60:EA:F5:FE:E6:49:28:F5:EF:95:97:C3:BA:E9:11:0B:CD:C8:47
X509v3 Authority Key Identifier:
keyid:3F:55:6B:C0:25:10:33:BC:E5:72:FC:6C:8A:B7:60:AC:C4:97:05:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919CF42/7A6ABFCC4CC611E8BEF03D75C4F9AE02/P1VrwCUQM7zlcvxsirdgrMSXBZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P1VrwCUQM7zlcvxsirdgrMSXBZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919CF42/7A6ABFCC4CC611E8BEF03D75C4F9AE02/AD3E8BBC721A11EDB6DD0875C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.141.0/24
103.113.45.0-103.113.47.255
IPv6:
2402:b740:8000::/33
Signature Algorithm: sha256WithRSAEncryption
70:ef:06:be:4a:3d:99:56:30:83:76:98:07:af:5f:b0:61:6d:
3a:86:f2:0f:95:9c:27:c4:5a:f0:f4:39:fd:39:fb:9f:0e:01:
32:89:14:a4:23:23:b8:00:0e:01:b4:36:e3:e6:47:04:50:a0:
9c:15:b2:8a:8d:05:f9:06:0e:25:99:4e:5e:2e:3e:22:85:4d:
e9:6d:3c:11:4a:59:68:2e:96:03:65:58:53:ba:12:1f:37:72:
0c:9e:40:10:20:c5:fe:fb:86:a7:63:cd:53:81:da:2e:39:2a:
65:d1:f5:7f:8c:8c:95:24:c4:e8:50:7e:ee:88:b3:b5:f1:f0:
2b:98:ce:23:59:50:85:9f:d8:e1:a9:b9:34:4a:ab:63:8d:9b:
17:a3:2e:1b:c4:29:19:6c:6d:ab:d8:53:5b:f5:42:37:11:0b:
3d:ce:e5:e3:e1:dd:af:7c:8f:b4:27:d2:3b:84:1e:81:37:7a:
62:75:c2:f7:75:65:0a:18:23:24:ce:1a:2d:7e:54:13:5d:48:
cc:9c:70:fa:a1:55:f9:ec:9d:cc:2a:fb:07:22:49:f1:9d:88:
9a:e0:16:a1:35:8f:2b:86:80:c1:9a:55:20:56:fb:56:90:a0:
5e:e7:bb:cd:24:f5:eb:22:8d:4b:a7:aa:c4:d8:46:3b:46:1a:
8f:99:74:37
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICE1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUNGNDIxMTAvBgNVBAUTKDNGNTU2QkMwMjUxMDMzQkNFNTcyRkM2QzhBQjc2MEFD
QzQ5NzA1OTMwHhcNMjMwMTE2MTM0NDE3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M1NTRiMS1mYjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+BuZ1zwpZabt0vW4r41AUH7AM/gPFsAAaDGL8YCap4FAvoGQ1riZCCd31zbz
8PDbdSWls//A0AqQRV3+uH6PVXzKKrcz/uiNzjXNaOqDLsNFolzULP0+Xr5uszUE
4wPz8QtW5ZWiD+A9QlSF9gorVSJldVJfSvgzN2dYdip/3ofnhCuNI8Lle1Lj1Dyx
3LLlOBkUfwFtwGujjbgFazuEPgO6ZuHByks+UXd3mHsh/Hs/JEUuNJnggw5KQGhp
QAkvtyQbwub/UDDiOqF/1EzSCVKz6B+Q6eanxvzrp0nrAPGZN7bodrUzF2hwWDjn
n0zHyda87AOKF0kdT+nKEeEW9QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFAhg6vX+
5kko9e+Vl8O66RELzchHMB8GA1UdIwQYMBaAFD9Va8AlEDO85XL8bIq3YKzElwWT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5Q0Y0Mi83QTZBQkZDQzRD
QzYxMUU4QkVGMDNENzVDNEY5QUUwMi9QMVZyd0NVUU03emxjdnhzaXJkZ3JNU1hC
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1AxVnJ3Q1VRTTd6bGN2eHNpcmRnck1TWEJaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUNGNDIvN0E2QUJGQ0M0Q0M2MTFFOEJFRjAzRDc1QzRGOUFFMDIvQUQzRThCQkM3
MjFBMTFFREI2REQwODc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMBoEAgABMBQDBABnZI0wDAMEAGdxLQMEBGdxIDAOBAIAAjAIAwYHJAK3QIAw
DQYJKoZIhvcNAQELBQADggEBAHDvBr5KPZlWMIN2mAevX7BhbTqG8g+VnCfEWvD0
Of05+58OATKJFKQjI7gADgG0NuPmRwRQoJwVsoqNBfkGDiWZTl4uPiKFTeltPBFK
WWgulgNlWFO6Eh83cgyeQBAgxf77hqdjzVOB2i45KmXR9X+MjJUkxOhQfu6Is7Xx
8CuYziNZUIWf2OGpuTRKq2ONmxejLhvEKRlsbavYU1v1QjcRCz3O5ePh3a98j7Qn
0juEHoE3emJ1wvd1ZQoYIyTOGi1+VBNdSMyccPqhVfnsncwq+wciSfGdiJrgFqE1
jyuGgMGaVSBW+1aQoF7nu80k9esijUunqsTYRjtGGo+ZdDc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org