Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/D48274841F4B11EEAFA55046C4F9AE02.roa
File: D48274841F4B11EEAFA55046C4F9AE02.roa (raw, json)
Hash identifier: H/0e2nawV26OjgOGI+dDXObPQ5MHxSF8aeD3qhJZ6CA=
Subject key identifier: 0B:69:E2:EB:C6:07:F2:94:43:A7:42:87:C9:E8:68:97:07:16:9E:85
Certificate issuer: /CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Certificate serial: 0398
Authority key identifier: 61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/D48274841F4B11EEAFA55046C4F9AE02.roa
Signing time: Sat 26 Aug 2023 18:41:17 +0000
ROA not before: Sat 26 Aug 2023 18:41:17 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 30938
IP address blocks: 103.101.84.0/24 maxlen: 24
103.101.85.0/24 maxlen: 24
103.101.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 920 (0x398)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117373/serialNumber=61841D1EDABF9FF0F6018C611017AF719627A24D
Validity
Not Before: Aug 26 18:41:17 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64ea474d-d17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8e:aa:0a:32:51:52:6a:cc:b6:38:4a:f9:67:
e2:7c:42:0e:58:12:b2:ab:8f:f6:e7:7a:14:cf:d7:
3c:8e:01:88:c4:69:67:a1:64:37:66:83:10:e6:45:
b0:35:4f:f8:69:d7:e4:f5:44:82:ee:c6:d7:85:84:
f4:b8:21:f6:bc:78:8c:99:7d:c1:6a:30:1b:63:5d:
fc:ff:de:7f:7c:77:c7:68:18:b7:c6:72:db:08:48:
20:ad:de:5b:7e:a4:9b:36:1c:4e:89:fb:e5:58:2a:
e7:23:a8:26:dc:92:74:7b:a0:f2:40:b4:20:78:5b:
5f:a3:f9:68:71:78:aa:b2:93:9a:8d:af:2c:07:6a:
6c:e6:5c:f6:08:b8:d4:b2:44:07:61:45:14:71:c3:
16:e1:1f:43:96:b0:65:74:c7:b5:c8:1e:65:fc:55:
23:16:77:18:1f:2e:ec:3b:36:0f:33:eb:aa:c8:0a:
13:81:a7:51:5f:0d:49:b8:80:c6:e1:6f:33:3b:8c:
4c:15:8d:be:8a:cd:f9:89:09:19:a5:78:ae:66:f7:
cd:d7:1b:df:80:e4:b6:15:74:bb:53:92:70:e6:3f:
1c:17:29:82:16:88:94:52:03:d2:28:0e:e4:f1:8c:
77:80:04:31:f1:99:e4:20:51:5a:bd:84:6a:f6:7a:
22:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:69:E2:EB:C6:07:F2:94:43:A7:42:87:C9:E8:68:97:07:16:9E:85
X509v3 Authority Key Identifier:
keyid:61:84:1D:1E:DA:BF:9F:F0:F6:01:8C:61:10:17:AF:71:96:27:A2:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/YYQdHtq_n_D2AYxhEBevcZYnok0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YYQdHtq_n_D2AYxhEBevcZYnok0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117373/BFA9C36223AA11ECA8116B27C4F9AE02/D48274841F4B11EEAFA55046C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.84.0-103.101.86.255
Signature Algorithm: sha256WithRSAEncryption
54:0e:9b:44:fb:66:f7:06:e3:59:2b:93:ae:6f:30:76:6a:3b:
b5:4a:cd:15:77:74:9d:9b:d4:d7:68:8f:ea:a1:51:ee:da:6b:
b2:99:a2:33:69:d0:e2:f2:28:cf:9d:31:b7:da:1f:46:29:58:
d6:3e:2a:18:4e:82:56:8d:cb:27:09:a8:bc:49:78:c9:5b:14:
f5:30:84:f1:d3:cf:47:b0:6b:4e:0b:11:b9:fa:73:1b:f0:df:
11:23:3a:f7:d8:db:e0:ac:94:b9:d1:b8:fc:2f:ff:7a:ac:42:
18:d6:7a:22:27:ce:67:dc:6e:6f:8c:8b:81:b4:ff:01:50:2e:
2e:84:b6:31:b7:86:1c:78:95:c2:81:5e:2b:72:17:c1:1e:38:
91:11:56:d0:9c:7f:60:5f:30:09:60:fd:85:b2:65:13:ba:31:
a8:00:90:ba:f9:30:06:5b:b2:6b:08:e2:ff:ec:82:d8:77:fb:
a8:31:f5:bf:21:ed:ee:b2:4e:fe:a3:5b:fe:7a:b7:3e:17:99:
78:cf:b0:a6:df:01:f5:a4:5d:4e:9e:be:b9:0c:d5:54:0d:12:
8e:b5:6d:89:81:eb:02:12:4a:67:80:a6:14:fe:f0:e0:7c:43:
1d:af:cf:83:d7:d2:a9:e8:c8:3c:f5:eb:f0:5e:67:6f:ec:25:
46:44:7c:18
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICA5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTczNzMxMTAvBgNVBAUTKDYxODQxRDFFREFCRjlGRjBGNjAxOEM2MTEwMTdBRjcx
OTYyN0EyNEQwHhcNMjMwODI2MTg0MTE3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVhNDc0ZC1kMTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvo6qCjJRUmrMtjhK+WfifEIOWBKyq4/253oUz9c8jgGIxGlnoWQ3ZoMQ5kWw
NU/4adfk9USC7sbXhYT0uCH2vHiMmX3BajAbY138/95/fHfHaBi3xnLbCEggrd5b
fqSbNhxOifvlWCrnI6gm3JJ0e6DyQLQgeFtfo/locXiqspOaja8sB2ps5lz2CLjU
skQHYUUUccMW4R9DlrBldMe1yB5l/FUjFncYHy7sOzYPM+uqyAoTgadRXw1JuIDG
4W8zO4xMFY2+is35iQkZpXiuZvfN1xvfgOS2FXS7U5Jw5j8cFymCFoiUUgPSKA7k
8Yx3gAQx8ZnkIFFavYRq9noiIwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFAtp4uvG
B/KUQ6dCh8noaJcHFp6FMB8GA1UdIwQYMBaAFGGEHR7av5/w9gGMYRAXr3GWJ6JN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzM3My9CRkE5QzM2MjIz
QUExMUVDQTgxMTZCMjdDNEY5QUUwMi9ZWVFkSHRxX25fRDJBWXhoRUJldmNaWW5v
azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lZUWRIdHFfbl9EMkFZeGhFQmV2Y1pZbm9rMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTczNzMvQkZBOUMzNjIyM0FBMTFFQ0E4MTE2QjI3QzRGOUFFMDIvRDQ4Mjc0ODQx
RjRCMTFFRUFGQTU1MDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAmdlVAMEAGdlVjANBgkqhkiG9w0BAQsFAAOCAQEAVA6b
RPtm9wbjWSuTrm8wdmo7tUrNFXd0nZvU12iP6qFR7tprspmiM2nQ4vIoz50xt9of
RilY1j4qGE6CVo3LJwmovEl4yVsU9TCE8dPPR7BrTgsRufpzG/DfESM699jb4KyU
udG4/C//eqxCGNZ6IifOZ9xub4yLgbT/AVAuLoS2MbeGHHiVwoFeK3IXwR44kRFW
0Jx/YF8wCWD9hbJlE7oxqACQuvkwBluyawji/+yC2Hf7qDH1vyHt7rJO/qNb/nq3
PheZeM+wpt8B9aRdTp6+uQzVVA0SjrVtiYHrAhJKZ4CmFP7w4HxDHa/Pg9fSqejI
PPXr8F5nb+wlRkR8GA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org