Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/1958C344166211EEB346CA33C4F9AE02.roa
File: 1958C344166211EEB346CA33C4F9AE02.roa (raw, json)
Hash identifier: p0lv5G5tMLWb76tmR5cytJRLVAHKWWlY0o1/L3bkbEQ=
Subject key identifier: 7C:EF:33:DE:82:70:89:C5:F7:95:49:3E:F3:97:56:7A:06:6B:2A:67
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 0373
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/1958C344166211EEB346CA33C4F9AE02.roa
Signing time: Wed 05 Jul 2023 19:11:04 +0000
ROA not before: Wed 05 Jul 2023 19:11:04 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 30938
IP address blocks: 103.101.85.0/24 maxlen: 24
103.101.86.0/24 maxlen: 24
103.101.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 883 (0x373)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Jul 5 19:11:04 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64a5c048-b2c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:29:93:94:b4:6f:c5:7b:aa:53:5d:60:3a:39:
1c:99:86:24:73:1f:5d:74:29:eb:b9:64:ee:7d:ec:
00:7b:b5:17:62:58:23:73:9f:35:0d:5e:8a:72:5a:
7a:34:a5:5a:0c:12:6e:d5:be:5b:78:ab:1e:17:1c:
40:9f:a4:14:15:4f:fa:8a:d0:2e:eb:35:36:92:d8:
9e:ea:e8:bf:64:e4:a0:12:76:77:7b:c4:80:fe:56:
d4:52:1d:6c:93:99:fa:75:a0:31:d8:ea:be:87:6c:
5b:19:85:39:ec:51:33:c7:da:09:11:9f:84:8b:87:
9f:3a:87:0e:29:f6:25:5c:2b:d5:78:ee:42:28:33:
66:73:aa:9a:99:23:68:59:64:4e:47:77:11:04:63:
64:8d:34:a6:76:48:de:ff:fa:cc:78:1e:a0:58:15:
35:cc:8b:be:66:9e:1a:32:16:c5:d9:03:bb:16:ed:
d9:44:5d:d0:2a:b4:64:9e:b8:ff:c1:02:7b:d8:fa:
72:f6:6c:75:e9:22:74:f5:eb:8a:bf:5b:22:cc:3a:
1f:f9:f4:04:ee:66:42:5b:7c:56:56:13:65:94:a9:
11:46:fc:aa:50:e8:15:b3:e2:81:43:bb:f1:35:63:
93:5f:76:90:02:85:c1:67:65:ff:8e:70:31:36:28:
7c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EF:33:DE:82:70:89:C5:F7:95:49:3E:F3:97:56:7A:06:6B:2A:67
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/1958C344166211EEB346CA33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.85.0-103.101.87.255
Signature Algorithm: sha256WithRSAEncryption
d3:2c:52:62:a3:cd:bb:f4:10:70:e9:a6:bf:9f:c2:ff:05:48:
45:50:82:75:67:6f:95:f3:af:57:27:7b:dd:c9:6a:46:06:ff:
8d:20:6c:5a:af:aa:0c:5a:67:d8:25:e5:26:7a:14:53:46:7a:
4f:7d:f5:ef:c0:ad:01:8f:dd:b0:7c:c1:5d:f0:c4:64:0a:0e:
4c:16:f9:8f:ea:d3:52:8b:c3:e2:5f:24:f5:86:2c:bf:2c:9d:
e5:a7:c3:2b:46:75:8c:71:84:b5:9d:35:f4:b2:61:71:e2:a3:
30:52:bf:94:a8:ff:55:cf:42:db:10:1e:a1:32:c8:b0:19:85:
9f:21:05:13:68:5e:f9:02:5b:7c:0c:e2:ce:e1:60:33:a3:a8:
09:67:2a:d8:3c:0e:5d:3f:20:cb:77:60:20:07:2b:cc:f9:64:
18:38:ed:08:be:b9:27:a6:10:4b:09:ff:87:ab:03:07:c5:49:
05:38:64:96:93:12:7b:84:54:f3:28:e5:20:c9:0c:c1:ba:6b:
e3:31:be:1c:79:ff:02:53:f1:22:b8:3d:75:e9:b7:2f:c8:86:
53:cf:68:04:36:e7:e7:bd:ef:aa:71:7d:bf:a6:ac:28:c8:d7:
07:11:d2:79:07:f2:b5:db:d6:9a:40:9b:ac:6f:ab:13:64:a5:
40:96:45:36
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICA3MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjMwNzA1MTkxMTA0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE1YzA0OC1iMmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzymTlLRvxXuqU11gOjkcmYYkcx9ddCnruWTufewAe7UXYlgjc581DV6Kclp6
NKVaDBJu1b5beKseFxxAn6QUFU/6itAu6zU2ktie6ui/ZOSgEnZ3e8SA/lbUUh1s
k5n6daAx2Oq+h2xbGYU57FEzx9oJEZ+Ei4efOocOKfYlXCvVeO5CKDNmc6qamSNo
WWROR3cRBGNkjTSmdkje//rMeB6gWBU1zIu+Zp4aMhbF2QO7Fu3ZRF3QKrRknrj/
wQJ72Ppy9mx16SJ09euKv1sizDof+fQE7mZCW3xWVhNllKkRRvyqUOgVs+KBQ7vx
NWOTX3aQAoXBZ2X/jnAxNih8HwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFHzvM96C
cInF95VJPvOXVnoGaypnMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvMTk1OEMzNDQx
NjYyMTFFRUIzNDZDQTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdlVQMEA2dlUDANBgkqhkiG9w0BAQsFAAOCAQEA0yxS
YqPNu/QQcOmmv5/C/wVIRVCCdWdvlfOvVyd73clqRgb/jSBsWq+qDFpn2CXlJnoU
U0Z6T33178CtAY/dsHzBXfDEZAoOTBb5j+rTUovD4l8k9YYsvyyd5afDK0Z1jHGE
tZ019LJhceKjMFK/lKj/Vc9C2xAeoTLIsBmFnyEFE2he+QJbfAzizuFgM6OoCWcq
2DwOXT8gy3dgIAcrzPlkGDjtCL65J6YQSwn/h6sDB8VJBThklpMSe4RU8yjlIMkM
wbpr4zG+HHn/AlPxIrg9dem3L8iGU89oBDbn573vqnF9v6asKMjXBxHSeQfytdvW
mkCbrG+rE2SlQJZFNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org