Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911A70E/00083FAC9D5711ED9F989530C4F9AE02/F73E4FEE9D5911EDA23CD234C4F9AE02.roa
File: F73E4FEE9D5911EDA23CD234C4F9AE02.roa (raw, json)
Hash identifier: uw+48xMXjJTq/LodRW9QeiacdChwrrdtEwv0tscjWi0=
Subject key identifier: BD:66:4B:36:5D:F1:D6:77:10:73:1B:B3:D0:DE:50:F3:04:F8:84:5D
Certificate issuer: /CN=A911A70E/serialNumber=D439EED60D319709872474B90706630473B6DE5E
Certificate serial: 0B
Authority key identifier: D4:39:EE:D6:0D:31:97:09:87:24:74:B9:07:06:63:04:73:B6:DE:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Dnu1g0xlwmHJHS5BwZjBHO23l4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911A70E/00083FAC9D5711ED9F989530C4F9AE02/F73E4FEE9D5911EDA23CD234C4F9AE02.roa
Signing time: Mon 30 Jan 2023 02:55:28 +0000
ROA not before: Mon 30 Jan 2023 02:55:28 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 138033
IP address blocks: 103.120.84.0/24 maxlen: 32
103.120.85.0/24 maxlen: 32
103.120.86.0/24 maxlen: 32
103.120.87.0/24 maxlen: 32
2403:5440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911A70E/serialNumber=D439EED60D319709872474B90706630473B6DE5E
Validity
Not Before: Jan 30 02:55:28 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63d7319f-2675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:38:3d:ce:a3:49:0e:cf:d3:d7:ba:f5:94:9a:
f1:49:45:b9:34:01:b5:fd:6e:5a:45:29:22:e7:d4:
82:ec:1e:b5:f7:62:16:04:4b:f9:73:0c:36:14:fc:
34:f1:33:8c:5c:f0:21:e9:b8:60:4d:87:fc:7c:53:
f2:39:99:a6:34:c6:b0:16:ec:8e:b5:98:e5:cd:47:
aa:58:08:62:f0:f5:fe:85:72:61:56:b5:0e:de:ca:
0d:f0:b9:20:a3:d1:93:6d:e8:93:1c:27:1b:67:49:
03:10:d4:5c:71:71:6c:d7:a6:a5:56:2f:61:a6:f6:
64:28:0c:f9:6d:e4:65:60:57:4d:18:63:0b:33:99:
d3:6a:45:07:0d:3c:de:94:de:37:65:0f:bd:fa:f0:
08:c3:c5:fb:dc:18:06:07:57:df:b4:b9:6f:db:87:
98:76:12:cb:5c:d4:9b:99:96:b2:b7:62:15:b1:4b:
0a:e5:9a:a7:69:a7:f3:10:0e:fe:68:a2:32:d8:ea:
28:4d:dc:01:7f:88:cf:54:14:ec:d1:da:b7:2a:17:
86:32:0d:80:e4:51:e8:d2:17:d2:8b:5e:1c:fe:58:
98:83:7a:90:5f:32:bf:6d:8f:58:d8:d6:dc:51:88:
b2:2a:8b:db:fe:01:a1:89:c2:8d:37:19:f2:9e:09:
12:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:66:4B:36:5D:F1:D6:77:10:73:1B:B3:D0:DE:50:F3:04:F8:84:5D
X509v3 Authority Key Identifier:
keyid:D4:39:EE:D6:0D:31:97:09:87:24:74:B9:07:06:63:04:73:B6:DE:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911A70E/00083FAC9D5711ED9F989530C4F9AE02/1Dnu1g0xlwmHJHS5BwZjBHO23l4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Dnu1g0xlwmHJHS5BwZjBHO23l4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911A70E/00083FAC9D5711ED9F989530C4F9AE02/F73E4FEE9D5911EDA23CD234C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.84.0/22
IPv6:
2403:5440::/32
Signature Algorithm: sha256WithRSAEncryption
04:f5:a9:39:2f:0c:b4:31:3f:ea:96:5c:19:c6:1f:83:8b:6d:
5b:e3:c3:f6:6e:0d:c8:4c:2a:23:d3:10:d7:75:a2:94:48:35:
ab:09:7c:00:a9:a0:d9:0a:7c:fd:86:51:78:3c:26:e2:7d:5b:
41:7b:41:dc:41:84:a1:b3:6a:65:8f:5a:d8:99:ae:97:1a:b3:
c7:ff:74:4b:c2:04:9f:c5:c6:c1:c8:fb:c2:9d:6c:74:35:ec:
18:77:cb:96:f3:b2:04:e4:05:16:bf:0f:2e:91:d4:ee:4e:ec:
bc:19:7f:70:34:a6:e9:bf:79:d1:1d:b0:4c:79:e6:9f:53:b7:
f5:9b:38:0f:20:d5:d1:78:bf:d6:a7:7d:44:0e:99:2e:58:13:
da:23:58:f4:26:87:22:c5:f2:82:16:00:18:af:b5:59:db:07:
0a:87:f7:4a:9a:2b:9d:b0:ca:6b:b5:cc:09:22:c7:0b:9f:56:
73:31:91:8a:39:02:37:e5:b9:90:26:45:01:66:6a:4b:55:03:
cb:53:72:80:af:1a:90:87:66:dd:12:60:b2:e4:1c:04:b6:02:
7c:ae:76:47:3e:b2:db:cb:18:70:5e:dd:2a:f3:20:12:72:d6:
c0:bb:24:02:a7:4a:39:a5:d6:a3:ae:ab:27:04:2d:e8:1d:64:
c0:5d:1b:eb
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QTcwRTExMC8GA1UEBRMoRDQzOUVFRDYwRDMxOTcwOTg3MjQ3NEI5MDcwNjYzMDQ3
M0I2REU1RTAeFw0yMzAxMzAwMjU1MjhaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZDczMTlmLTI2NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQOD3Oo0kOz9PXuvWUmvFJRbk0AbX9blpFKSLn1ILsHrX3YhYES/lzDDYU/DTx
M4xc8CHpuGBNh/x8U/I5maY0xrAW7I61mOXNR6pYCGLw9f6FcmFWtQ7eyg3wuSCj
0ZNt6JMcJxtnSQMQ1FxxcWzXpqVWL2Gm9mQoDPlt5GVgV00YYwszmdNqRQcNPN6U
3jdlD7368AjDxfvcGAYHV9+0uW/bh5h2Estc1JuZlrK3YhWxSwrlmqdpp/MQDv5o
ojLY6ihN3AF/iM9UFOzR2rcqF4YyDYDkUejSF9KLXhz+WJiDepBfMr9tj1jY1txR
iLIqi9v+AaGJwo03GfKeCRJRAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUvWZLNl3x
1ncQcxuz0N5Q8wT4hF0wHwYDVR0jBBgwFoAU1Dnu1g0xlwmHJHS5BwZjBHO23l4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBNzBFLzAwMDgzRkFDOUQ1
NzExRUQ5Rjk4OTUzMEM0RjlBRTAyLzFEbnUxZzB4bHdtSEpIUzVCd1pqQkhPMjNs
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMURudTFnMHhsd21ISkhTNUJ3WmpCSE8yM2w0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QTcwRS8wMDA4M0ZBQzlENTcxMUVEOUY5ODk1MzBDNEY5QUUwMi9GNzNFNEZFRTlE
NTkxMUVEQTIzQ0QyMzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAmd4VDANBAIAAjAHAwUAJANUQDANBgkqhkiG9w0BAQsFAAOC
AQEABPWpOS8MtDE/6pZcGcYfg4ttW+PD9m4NyEwqI9MQ13WilEg1qwl8AKmg2Qp8
/YZReDwm4n1bQXtB3EGEobNqZY9a2Jmulxqzx/90S8IEn8XGwcj7wp1sdDXsGHfL
lvOyBOQFFr8PLpHU7k7svBl/cDSm6b950R2wTHnmn1O39Zs4DyDV0Xi/1qd9RA6Z
LlgT2iNY9CaHIsXyghYAGK+1WdsHCof3SpornbDKa7XMCSLHC59WczGRijkCN+W5
kCZFAWZqS1UDy1NygK8akIdm3RJgsuQcBLYCfK52Rz6y28sYcF7dKvMgEnLWwLsk
AqdKOaXWo66rJwQt6B1kwF0b6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org