Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/A7DBF900C2C611ED86556036C4F9AE02.roa
File: A7DBF900C2C611ED86556036C4F9AE02.roa (raw, json)
Hash identifier: qwwXJC5tletgoGzlphj2hm5a9rEUehMnmhAzZxqAWRE=
Subject key identifier: 32:1D:E7:F1:E6:EC:27:B1:79:85:DE:F6:04:4F:AF:72:BA:14:42:1A
Certificate issuer: /CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
Certificate serial: 09
Authority key identifier: 0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/A7DBF900C2C611ED86556036C4F9AE02.roa
Signing time: Wed 15 Mar 2023 00:16:39 +0000
ROA not before: Wed 15 Mar 2023 00:16:39 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 399471
IP address blocks: 103.71.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116DDB/serialNumber=0C769DA44982F61650362943E6DFEF951B9777FA
Validity
Not Before: Mar 15 00:16:39 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64110e67-a317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c7:23:ce:d2:0d:bf:34:6b:fb:01:8e:b5:a5:
0b:3d:a9:53:1b:41:8b:b4:e7:4d:67:41:1b:91:f8:
7e:6a:2d:37:c9:72:aa:3b:95:07:9f:36:b7:3f:dc:
f0:a8:0e:52:3e:77:1d:92:1b:15:c1:5d:e4:7f:f6:
cc:95:cc:49:1e:44:c8:3e:ef:94:a6:76:a9:a7:da:
f0:93:e7:4e:00:3f:ca:af:07:42:54:58:66:e0:f8:
d6:2d:4f:d2:bc:b1:95:45:e3:5c:db:9d:d5:98:56:
94:7c:43:9a:2a:53:13:ea:ec:e4:b4:23:3a:51:e3:
d1:16:10:3c:e9:53:90:97:e7:d6:a6:e0:13:cf:34:
01:86:7c:99:3f:67:72:fc:6f:28:83:6d:bd:41:50:
b5:e0:c3:69:60:22:5a:1a:9c:66:2b:48:73:36:11:
8d:0e:d4:90:33:d8:22:51:6e:77:60:84:23:e6:44:
ae:01:e9:bc:4b:4f:ca:e8:fb:91:e2:66:14:c0:32:
14:c2:06:e3:1a:ff:c8:54:7b:19:f3:86:5f:64:3a:
a7:4e:a8:1c:01:53:d1:38:4b:4a:d2:aa:f5:f3:de:
0d:ee:94:76:13:6e:12:af:fb:1a:0f:15:b8:ef:86:
cf:f2:7f:24:9c:7c:5f:df:af:5d:03:90:7a:f2:aa:
0b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1D:E7:F1:E6:EC:27:B1:79:85:DE:F6:04:4F:AF:72:BA:14:42:1A
X509v3 Authority Key Identifier:
keyid:0C:76:9D:A4:49:82:F6:16:50:36:29:43:E6:DF:EF:95:1B:97:77:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/DHadpEmC9hZQNilD5t_vlRuXd_o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHadpEmC9hZQNilD5t_vlRuXd_o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116DDB/E1CDCDD2BE1B11EDA61ACD84C4F9AE02/A7DBF900C2C611ED86556036C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.95.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:c0:1b:7d:ec:ae:f7:5c:fb:64:85:c8:3d:cf:53:16:92:65:
10:0d:b7:28:67:3d:08:28:06:5b:a0:96:3d:3a:6b:4c:b1:6a:
0f:36:21:a5:d4:67:e5:23:a9:86:8f:56:1b:7e:47:77:ef:4f:
8e:33:21:c9:e9:bb:38:93:64:30:9d:d2:6b:5f:57:e8:88:ea:
05:60:10:e7:dc:40:5b:64:50:cb:dc:52:4d:a7:49:97:75:e6:
eb:32:bf:14:fc:a8:d6:0e:ee:04:74:8e:46:52:7f:33:f1:a1:
70:79:26:2e:c8:dd:21:3f:64:d5:10:01:f3:d4:11:64:06:34:
6b:5b:4c:79:89:35:f2:49:4f:04:d9:51:32:9c:27:9e:e9:96:
37:8d:c8:1c:4f:af:fe:95:b2:3f:f5:8d:25:7a:a2:a2:89:ff:
7c:9e:c1:ac:c3:ce:e5:fb:80:5b:aa:87:c2:04:a6:5d:f4:8b:
9e:65:60:d8:42:e3:71:91:22:d2:29:a4:4a:fe:79:00:f9:4b:
55:c3:3a:0c:99:12:fa:30:17:bb:dc:9a:99:9e:60:dc:83:94:
40:1e:c1:8f:0f:4b:cf:3d:0c:4a:04:97:f6:85:91:7b:f8:40:
43:6e:d5:df:1a:c5:c2:13:96:36:ce:d2:b7:44:64:fe:fb:c6:
43:bf:8e:4a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
NkREQjExMC8GA1UEBRMoMEM3NjlEQTQ0OTgyRjYxNjUwMzYyOTQzRTZERkVGOTUx
Qjk3NzdGQTAeFw0yMzAzMTUwMDE2MzlaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MTEwZTY3LWEzMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDixyPO0g2/NGv7AY61pQs9qVMbQYu0501nQRuR+H5qLTfJcqo7lQefNrc/3PCo
DlI+dx2SGxXBXeR/9syVzEkeRMg+75Smdqmn2vCT504AP8qvB0JUWGbg+NYtT9K8
sZVF41zbndWYVpR8Q5oqUxPq7OS0IzpR49EWEDzpU5CX59am4BPPNAGGfJk/Z3L8
byiDbb1BULXgw2lgIloanGYrSHM2EY0O1JAz2CJRbndghCPmRK4B6bxLT8ro+5Hi
ZhTAMhTCBuMa/8hUexnzhl9kOqdOqBwBU9E4S0rSqvXz3g3ulHYTbhKv+xoPFbjv
hs/yfyScfF/fr10DkHryqgsLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUMh3n8ebs
J7F5hd72BE+vcroUQhowHwYDVR0jBBgwFoAUDHadpEmC9hZQNilD5t/vlRuXd/ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE2RERCL0UxQ0RDREQyQkUx
QjExRURBNjFBQ0Q4NEM0RjlBRTAyL0RIYWRwRW1DOWhaUU5pbEQ1dF92bFJ1WGRf
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvREhhZHBFbUM5aFpRTmlsRDV0X3ZsUnVYZF9vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NkREQi9FMUNEQ0REMkJFMUIxMUVEQTYxQUNEODRDNEY5QUUwMi9BN0RCRjkwMEMy
QzYxMUVEODY1NTYwMzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdHXzANBgkqhkiG9w0BAQsFAAOCAQEApsAbfeyu91z7ZIXI
Pc9TFpJlEA23KGc9CCgGW6CWPTprTLFqDzYhpdRn5SOpho9WG35Hd+9PjjMhyem7
OJNkMJ3Sa19X6IjqBWAQ59xAW2RQy9xSTadJl3Xm6zK/FPyo1g7uBHSORlJ/M/Gh
cHkmLsjdIT9k1RAB89QRZAY0a1tMeYk18klPBNlRMpwnnumWN43IHE+v/pWyP/WN
JXqioon/fJ7BrMPO5fuAW6qHwgSmXfSLnmVg2ELjcZEi0imkSv55APlLVcM6DJkS
+jAXu9yamZ5g3IOUQB7Bjw9Lzz0MSgSX9oWRe/hAQ27V3xrFwhOWNs7St0Rk/vvG
Q7+OSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org