Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DFFA/058AB360D0F411EA89F8110FC4F9AE02/BDB0F5D21E8A11EC9B002456C4F9AE02.roa
File: BDB0F5D21E8A11EC9B002456C4F9AE02.roa (raw, json)
Hash identifier: RARSZnwY62xSIaWsQWvn+dHKM0Nzd1aiHTHnskT8R+M=
Subject key identifier: 38:04:76:EF:F0:2F:8C:DB:30:49:7C:F0:3B:14:CB:45:C5:4D:85:B3
Certificate issuer: /CN=A919DFFA/serialNumber=83F1FFE9D334E87FF4CD7558DDEF352FE6DF2069
Certificate serial: 06BE
Authority key identifier: 83:F1:FF:E9:D3:34:E8:7F:F4:CD:75:58:DD:EF:35:2F:E6:DF:20:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g_H_6dM06H_0zXVY3e81L-bfIGk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DFFA/058AB360D0F411EA89F8110FC4F9AE02/BDB0F5D21E8A11EC9B002456C4F9AE02.roa
Signing time: Tue 02 May 2023 23:40:06 +0000
ROA not before: Tue 02 May 2023 23:40:06 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 147050
IP address blocks: 103.149.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1726 (0x6be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DFFA/serialNumber=83F1FFE9D334E87FF4CD7558DDEF352FE6DF2069
Validity
Not Before: May 2 23:40:06 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64519f56-5ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e7:bd:c2:89:40:65:5f:2a:e4:13:2f:fb:8a:
d7:b5:b7:ad:e1:40:ec:02:d2:fd:76:b6:9a:67:ab:
b6:7b:ff:15:1d:1a:ea:06:72:90:2b:88:8f:89:8c:
b5:b7:96:54:28:98:c2:c4:57:de:0b:4c:cf:0d:c1:
3b:0e:d0:8c:ab:9b:61:4c:40:fd:40:4c:b7:75:7a:
46:8e:f2:56:da:c0:f4:5e:5e:48:ac:e7:23:67:f3:
b2:f3:ad:c6:93:e4:7b:d0:75:f0:e9:bf:c2:26:da:
94:4d:51:16:57:5e:a6:8d:0e:cd:f6:d9:39:e4:d4:
6b:7e:0c:a8:62:df:9c:22:dd:d9:78:74:78:b1:bb:
0f:f3:1d:cd:59:e1:7e:63:41:f6:9f:3a:dc:bb:45:
4f:c0:1c:b8:e4:f0:73:25:8f:6f:3a:0b:2d:23:fb:
2f:b4:1b:e2:64:bb:14:c4:7c:ca:42:7c:14:45:e5:
ef:cb:a2:4e:5a:10:67:c0:a8:40:ad:ad:4b:d3:17:
34:40:71:da:ac:cd:12:a1:18:5a:6a:02:85:b0:5f:
3a:58:83:b3:7a:ba:7f:62:25:dc:93:28:c8:92:1c:
b1:de:e8:83:a2:bc:91:02:06:3b:0c:57:de:20:0d:
a7:dd:71:f8:f0:a0:ec:cc:ca:d7:45:b5:bb:bd:68:
ab:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:04:76:EF:F0:2F:8C:DB:30:49:7C:F0:3B:14:CB:45:C5:4D:85:B3
X509v3 Authority Key Identifier:
keyid:83:F1:FF:E9:D3:34:E8:7F:F4:CD:75:58:DD:EF:35:2F:E6:DF:20:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DFFA/058AB360D0F411EA89F8110FC4F9AE02/g_H_6dM06H_0zXVY3e81L-bfIGk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g_H_6dM06H_0zXVY3e81L-bfIGk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DFFA/058AB360D0F411EA89F8110FC4F9AE02/BDB0F5D21E8A11EC9B002456C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.130.0/24
Signature Algorithm: sha256WithRSAEncryption
09:74:c3:91:28:1f:de:31:ff:57:62:fe:0c:ed:e0:78:4a:ef:
94:28:2d:8a:f2:49:8d:3a:76:6c:d2:25:ad:5d:f4:cf:72:29:
98:b6:59:9a:d3:aa:38:3c:41:92:e8:63:b8:50:3e:1a:b6:b3:
f5:a5:81:0e:86:02:65:83:6d:21:6b:e3:90:a2:2e:e3:68:ab:
42:56:83:b7:82:8a:3d:4f:ed:22:c4:e0:7b:63:9f:89:6d:d1:
be:0d:a8:17:7c:8d:2c:ab:10:e5:9e:d1:ed:e0:66:a3:0d:fd:
07:91:31:3e:44:d5:82:83:94:b2:4d:e4:20:d9:53:c7:05:3c:
d5:12:d7:42:ff:6c:a9:9c:78:6d:55:85:7d:bb:c6:83:a7:ff:
19:46:1c:30:5f:c3:7c:0f:e0:6b:9a:45:47:af:2b:6b:a4:a0:
8c:e7:c1:91:d2:d6:47:ca:c1:0d:ba:2e:81:a9:c4:5f:15:14:
36:4e:2b:cd:d8:88:54:87:ef:b7:84:aa:4a:70:39:39:72:7c:
54:41:ef:8c:c8:90:6d:aa:1a:e5:9e:a7:7d:fa:75:e5:38:50:
d3:ba:f2:d6:05:26:1d:7c:4a:02:81:d9:f6:2b:b3:73:e1:2b:
4d:fd:a0:3b:60:b1:7b:3c:26:dc:de:37:59:e8:d7:f4:4b:10:
41:e9:54:fe
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURGRkExMTAvBgNVBAUTKDgzRjFGRkU5RDMzNEU4N0ZGNENENzU1OERERUYzNTJG
RTZERjIwNjkwHhcNMjMwNTAyMjM0MDA2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUxOWY1Ni01ZWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwee9wolAZV8q5BMv+4rXtbet4UDsAtL9draaZ6u2e/8VHRrqBnKQK4iPiYy1
t5ZUKJjCxFfeC0zPDcE7DtCMq5thTED9QEy3dXpGjvJW2sD0Xl5IrOcjZ/Oy863G
k+R70HXw6b/CJtqUTVEWV16mjQ7N9tk55NRrfgyoYt+cIt3ZeHR4sbsP8x3NWeF+
Y0H2nzrcu0VPwBy45PBzJY9vOgstI/svtBviZLsUxHzKQnwUReXvy6JOWhBnwKhA
ra1L0xc0QHHarM0SoRhaagKFsF86WIOzerp/YiXckyjIkhyx3uiDoryRAgY7DFfe
IA2n3XH48KDszMrXRbW7vWirzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDgEdu/w
L4zbMEl88DsUy0XFTYWzMB8GA1UdIwQYMBaAFIPx/+nTNOh/9M11WN3vNS/m3yBp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REZGQS8wNThBQjM2MEQw
RjQxMUVBODlGODExMEZDNEY5QUUwMi9nX0hfNmRNMDZIXzB6WFZZM2U4MUwtYmZJ
R2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dfSF82ZE0wNkhfMHpYVlkzZTgxTC1iZklHay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURGRkEvMDU4QUIzNjBEMEY0MTFFQTg5RjgxMTBGQzRGOUFFMDIvQkRCMEY1RDIx
RThBMTFFQzlCMDAyNDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlYIwDQYJKoZIhvcNAQELBQADggEBAAl0w5EoH94x/1di
/gzt4HhK75QoLYrySY06dmzSJa1d9M9yKZi2WZrTqjg8QZLoY7hQPhq2s/WlgQ6G
AmWDbSFr45CiLuNoq0JWg7eCij1P7SLE4Htjn4lt0b4NqBd8jSyrEOWe0e3gZqMN
/QeRMT5E1YKDlLJN5CDZU8cFPNUS10L/bKmceG1VhX27xoOn/xlGHDBfw3wP4Gua
RUevK2ukoIznwZHS1kfKwQ26LoGpxF8VFDZOK83YiFSH77eEqkpwOTlyfFRB74zI
kG2qGuWep336deU4UNO68tYFJh18SgKB2fYrs3PhK039oDtgsXs8JtzeN1no1/RL
EEHpVP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org