Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/5C7C009639B211EEB880CC6AC4F9AE02.roa
File: 5C7C009639B211EEB880CC6AC4F9AE02.roa (raw, json)
Hash identifier: bLs/nUziAUHPViusyl6Bn08SW8PxU1FuqMqViJ8K3aw=
Subject key identifier: 34:F3:EC:3B:E6:A8:F9:D6:32:C7:FC:21:E6:6F:81:E8:48:0C:F9:84
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 038F
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/5C7C009639B211EEB880CC6AC4F9AE02.roa
Signing time: Sun 13 Aug 2023 08:21:12 +0000
ROA not before: Sun 13 Aug 2023 08:21:12 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 197450
IP address blocks: 103.101.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911 (0x38f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Aug 13 08:21:12 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64d89277-7845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8f:25:7e:d5:d9:9b:c2:9c:d7:80:c7:fc:e5:
22:a0:05:1b:32:86:13:86:24:11:a1:1e:dc:eb:c1:
ff:b0:7d:72:a3:64:b4:ae:e6:9a:6d:2f:17:06:cb:
3a:2b:fb:74:b2:aa:4d:ed:94:9d:0b:24:fb:bc:64:
3e:f9:0b:34:93:11:a4:22:b2:53:e5:f5:91:4b:a7:
e7:d1:19:a0:1f:0c:4e:2d:be:a8:b8:50:fa:93:d4:
bf:b9:9b:51:49:1e:f5:4d:c3:6b:c6:8a:08:cc:f9:
47:28:7b:de:be:6c:2d:cf:14:8e:5c:b0:9c:d8:85:
8e:eb:9e:6c:d8:3e:89:c4:6d:48:49:1f:78:ef:81:
4f:5d:51:e0:d4:e6:3f:29:7a:00:f0:03:0b:d9:4a:
1d:08:fc:b7:81:fd:c3:ce:b5:4b:e5:02:e7:61:1b:
9e:fb:8c:c6:f0:f6:82:37:65:b5:69:3f:8f:d8:3c:
61:75:9f:3f:3c:45:c6:30:09:20:69:6e:5e:17:7c:
8e:a2:7e:42:61:13:df:8b:5b:eb:82:00:85:c2:d2:
75:b2:23:df:d4:dd:72:3e:8b:b7:6b:01:3c:18:86:
a4:37:ef:8c:0e:12:43:33:e5:78:28:d8:6a:d1:d0:
39:7e:0b:e1:bd:f7:d2:88:37:e7:0b:da:bc:b9:fa:
59:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F3:EC:3B:E6:A8:F9:D6:32:C7:FC:21:E6:6F:81:E8:48:0C:F9:84
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/5C7C009639B211EEB880CC6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.84.0/24
Signature Algorithm: sha256WithRSAEncryption
98:a0:18:6e:e9:95:9e:e2:e3:46:21:7f:90:10:f6:be:ce:80:
53:92:96:f4:50:50:15:dc:f1:ce:34:64:cf:1c:96:0d:a1:29:
00:da:d1:de:04:ef:49:03:03:0e:32:e0:ba:96:e2:57:1b:6f:
71:2c:6e:cc:d7:9a:74:11:fb:25:5d:ec:aa:8a:5f:2e:d9:66:
f7:95:f7:37:40:0f:7d:ac:e6:ed:b1:e4:f0:38:9e:19:b2:6b:
6c:69:fe:b8:93:c6:d0:0a:1a:c1:cc:ae:69:33:8a:74:a7:ac:
8f:89:71:48:77:65:c3:ed:a4:5c:67:60:00:04:30:94:92:66:
29:a4:f2:a3:9f:b1:a9:a0:f5:d6:1a:b6:01:80:8d:54:2f:13:
c3:c5:50:07:be:f7:37:de:8d:e8:38:0d:9f:7e:da:70:6e:57:
b5:48:18:93:6b:46:17:01:0c:f1:77:d7:c5:54:e2:c1:72:93:
f1:81:9e:9a:45:f8:23:35:e1:a8:5b:dc:51:22:7a:2a:b8:cd:
ba:ed:1a:7d:c3:26:c4:0b:a1:fa:02:25:41:cc:fc:a0:06:75:
64:15:60:57:34:b2:bc:e3:57:c4:b1:cb:a6:f5:b2:2e:34:84:
56:e3:b7:06:46:64:b3:f0:1d:04:f4:7a:cc:8c:20:ae:96:6b:
5b:9c:b5:2b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjMwODEzMDgyMTEyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ4OTI3Ny03ODQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyI8lftXZm8Kc14DH/OUioAUbMoYThiQRoR7c68H/sH1yo2S0ruaabS8XBss6
K/t0sqpN7ZSdCyT7vGQ++Qs0kxGkIrJT5fWRS6fn0RmgHwxOLb6ouFD6k9S/uZtR
SR71TcNrxooIzPlHKHvevmwtzxSOXLCc2IWO655s2D6JxG1ISR9474FPXVHg1OY/
KXoA8AML2UodCPy3gf3DzrVL5QLnYRue+4zG8PaCN2W1aT+P2DxhdZ8/PEXGMAkg
aW5eF3yOon5CYRPfi1vrggCFwtJ1siPf1N1yPou3awE8GIakN++MDhJDM+V4KNhq
0dA5fgvhvffSiDfnC9q8ufpZuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDTz7Dvm
qPnWMsf8IeZvgehIDPmEMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvNUM3QzAwOTYz
OUIyMTFFRUI4ODBDQzZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZVQwDQYJKoZIhvcNAQELBQADggEBAJigGG7plZ7i40Yh
f5AQ9r7OgFOSlvRQUBXc8c40ZM8clg2hKQDa0d4E70kDAw4y4LqW4lcbb3EsbszX
mnQR+yVd7KqKXy7ZZveV9zdAD32s5u2x5PA4nhmya2xp/riTxtAKGsHMrmkzinSn
rI+JcUh3ZcPtpFxnYAAEMJSSZimk8qOfsamg9dYatgGAjVQvE8PFUAe+9zfejeg4
DZ9+2nBuV7VIGJNrRhcBDPF318VU4sFyk/GBnppF+CM14ahb3FEieiq4zbrtGn3D
JsQLofoCJUHM/KAGdWQVYFc0srzjV8Sxy6b1si40hFbjtwZGZLPwHQT0esyMIK6W
a1uctSs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org