Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/A0B802E80A5D11EE912F0140C4F9AE02.roa
File: A0B802E80A5D11EE912F0140C4F9AE02.roa (raw, json)
Hash identifier: rpjEAXPGx8p1D9OKMpvDQz6sIe57ky/doWxwNvgmLYo=
Subject key identifier: 1A:2E:9B:50:AD:4E:D1:F6:BB:6E:71:E4:35:FD:A6:08:F4:AB:F6:7F
Certificate issuer: /CN=A911AE4D/serialNumber=B459B915D67B72D8335384202DBFBB39565C94D8
Certificate serial: 02
Authority key identifier: B4:59:B9:15:D6:7B:72:D8:33:53:84:20:2D:BF:BB:39:56:5C:94:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tFm5FdZ7ctgzU4QgLb-7OVZclNg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/A0B802E80A5D11EE912F0140C4F9AE02.roa
Signing time: Wed 14 Jun 2023 02:46:15 +0000
ROA not before: Wed 14 Jun 2023 02:46:15 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 211256
IP address blocks: 103.120.12.0/24 maxlen: 24
103.120.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911AE4D/serialNumber=B459B915D67B72D8335384202DBFBB39565C94D8
Validity
Not Before: Jun 14 02:46:15 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=648929f6-2108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0b:c0:e2:46:00:b2:cc:27:8c:b0:82:32:12:
d1:42:79:6e:d7:ec:64:6f:5c:fc:11:94:a9:01:e9:
fb:54:5c:fc:9d:b9:f1:b8:0b:96:26:30:0e:5b:18:
e1:ca:54:d7:45:0a:8c:58:b9:a5:09:43:54:f3:44:
c3:7a:2d:f9:a1:8e:eb:0c:bf:76:fa:52:82:d5:10:
94:93:ef:83:16:d4:4e:52:91:da:3f:6e:32:a9:69:
02:76:0c:ae:1a:19:8e:5b:c4:80:b5:0c:a8:62:44:
4c:d7:87:1f:d0:6e:48:63:16:8f:13:58:14:cd:36:
ff:74:db:ee:e3:f9:de:44:a9:03:f9:96:ab:e2:3b:
4d:e7:73:6d:2e:17:2c:b1:22:f0:6a:5e:25:23:41:
c1:31:ec:9c:8c:fa:8f:a9:2e:e4:77:f4:77:fe:91:
e6:89:81:2a:7d:b0:f2:77:8d:b9:6e:25:d1:a2:cf:
b3:56:bd:40:d3:81:03:e1:bc:bc:96:4a:8a:03:9e:
9c:f9:d4:36:4f:fb:68:60:d1:17:6e:b8:f9:75:50:
3b:c2:75:12:52:d4:f1:ea:c5:1e:54:ef:14:c2:7c:
27:0d:f4:c6:d0:73:2f:7f:74:61:31:f3:a6:4d:f5:
da:83:1c:ef:63:ca:ac:5f:cc:76:ef:95:c1:3c:c8:
98:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2E:9B:50:AD:4E:D1:F6:BB:6E:71:E4:35:FD:A6:08:F4:AB:F6:7F
X509v3 Authority Key Identifier:
keyid:B4:59:B9:15:D6:7B:72:D8:33:53:84:20:2D:BF:BB:39:56:5C:94:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/tFm5FdZ7ctgzU4QgLb-7OVZclNg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tFm5FdZ7ctgzU4QgLb-7OVZclNg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE4D/57C37E380A5711EE8C635A46C4F9AE02/A0B802E80A5D11EE912F0140C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.12.0/24
103.120.15.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:2b:b0:9e:dc:91:63:ce:e9:5f:ac:ac:06:44:87:d6:72:23:
d0:de:4c:ca:99:1c:18:34:c9:cb:01:0a:f0:2f:c4:55:20:e5:
d7:d0:cc:48:b0:c5:87:13:db:ed:00:84:21:f5:c6:e7:ad:3f:
d1:8a:bd:5e:ba:80:5a:fc:ba:bb:af:d7:df:75:8e:a7:5e:57:
be:e5:32:c5:29:84:01:fc:83:9a:da:ea:79:8b:fd:70:17:90:
74:27:40:4b:8b:7f:48:0c:d6:63:39:56:07:01:b7:c0:7f:f1:
84:75:0e:98:01:f7:47:07:dd:43:e2:1b:bb:c1:34:c0:e5:3d:
e3:24:26:24:5d:53:71:6a:5b:38:c2:e7:16:5a:48:8a:ee:e1:
b1:d0:6c:85:60:04:19:6d:a3:4d:bc:a1:80:71:5c:2d:70:d0:
e5:58:9b:87:ec:81:3a:f3:e3:de:ca:4d:37:f4:92:f5:52:c0:
bc:03:be:c5:fc:c5:69:06:9c:1a:a7:f4:24:0c:17:14:3d:36:
4b:c4:7e:9f:9d:a7:9b:8d:f1:8e:34:15:32:26:da:00:d5:ac:
36:73:8c:f8:4e:10:d9:26:8f:37:79:5c:46:53:1d:1b:37:a1:
c6:f9:cb:81:eb:59:02:be:5d:af:d4:c7:fc:43:95:08:d1:3f:
14:74:4b:73
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QUU0RDExMC8GA1UEBRMoQjQ1OUI5MTVENjdCNzJEODMzNTM4NDIwMkRCRkJCMzk1
NjVDOTREODAeFw0yMzA2MTQwMjQ2MTVaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODkyOWY2LTIxMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFC8DiRgCyzCeMsIIyEtFCeW7X7GRvXPwRlKkB6ftUXPydufG4C5YmMA5bGOHK
VNdFCoxYuaUJQ1TzRMN6LfmhjusMv3b6UoLVEJST74MW1E5Skdo/bjKpaQJ2DK4a
GY5bxIC1DKhiREzXhx/QbkhjFo8TWBTNNv902+7j+d5EqQP5lqviO03nc20uFyyx
IvBqXiUjQcEx7JyM+o+pLuR39Hf+keaJgSp9sPJ3jbluJdGiz7NWvUDTgQPhvLyW
SooDnpz51DZP+2hg0RduuPl1UDvCdRJS1PHqxR5U7xTCfCcN9MbQcy9/dGEx86ZN
9dqDHO9jyqxfzHbvlcE8yJiVAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUGi6bUK1O
0fa7bnHkNf2mCPSr9n8wHwYDVR0jBBgwFoAUtFm5FdZ7ctgzU4QgLb+7OVZclNgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBRTRELzU3QzM3RTM4MEE1
NzExRUU4QzYzNUE0NkM0RjlBRTAyL3RGbTVGZFo3Y3RnelU0UWdMYi03T1ZaY2xO
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdEZtNUZkWjdjdGd6VTRRZ0xiLTdPVlpjbE5nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QUU0RC81N0MzN0UzODBBNTcxMUVFOEM2MzVBNDZDNEY5QUUwMi9BMEI4MDJFODBB
NUQxMUVFOTEyRjAxNDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGd4DAMEAGd4DzANBgkqhkiG9w0BAQsFAAOCAQEAOiuwntyR
Y87pX6ysBkSH1nIj0N5MypkcGDTJywEK8C/EVSDl19DMSLDFhxPb7QCEIfXG560/
0Yq9XrqAWvy6u6/X33WOp15XvuUyxSmEAfyDmtrqeYv9cBeQdCdAS4t/SAzWYzlW
BwG3wH/xhHUOmAH3RwfdQ+Ibu8E0wOU94yQmJF1TcWpbOMLnFlpIiu7hsdBshWAE
GW2jTbyhgHFcLXDQ5Vibh+yBOvPj3spNN/SS9VLAvAO+xfzFaQacGqf0JAwXFD02
S8R+n52nm43xjjQVMibaANWsNnOM+E4Q2SaPN3lcRlMdGzehxvnLgetZAr5dr9TH
/EOVCNE/FHRLcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org