Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/03C4CEA2B79F11EB9B99533EC4F9AE02.roa
File: 03C4CEA2B79F11EB9B99533EC4F9AE02.roa (raw, json)
Hash identifier: kGyykJl8dcweWScHee+2JkTAQPYZtMFBzwlgISfQT4g=
Subject key identifier: E2:FE:B8:5A:E7:98:57:F0:16:8E:7E:53:6A:14:BB:77:3C:8B:CE:67
Certificate issuer: /CN=A911C21E/serialNumber=8BE3874546E90BA83237179EE8932013B2D9F840
Certificate serial: 0A95
Authority key identifier: 8B:E3:87:45:46:E9:0B:A8:32:37:17:9E:E8:93:20:13:B2:D9:F8:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i-OHRUbpC6gyNxee6JMgE7LZ-EA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/03C4CEA2B79F11EB9B99533EC4F9AE02.roa
Signing time: Thu 12 Jan 2023 10:56:31 +0000
ROA not before: Thu 12 Jan 2023 10:56:31 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138346
IP address blocks: 103.130.114.0/24 maxlen: 24
103.130.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2709 (0xa95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C21E/serialNumber=8BE3874546E90BA83237179EE8932013B2D9F840
Validity
Not Before: Jan 12 10:56:31 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63bfe75e-850e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6c:33:ff:b1:61:80:92:e7:b2:97:05:0e:b0:
01:fc:c8:fd:57:fa:41:62:9d:e1:a9:0e:09:78:2e:
fd:fa:6e:06:c8:97:3a:6a:13:06:83:7b:91:33:b6:
ac:f9:d9:05:0e:96:28:32:1d:a8:69:23:60:01:f4:
73:a1:3c:3e:9d:23:08:f3:cf:b9:7f:a8:5b:1a:58:
65:8a:a5:a3:6a:4f:87:00:30:55:b0:4e:04:41:13:
a0:62:2f:00:b6:64:57:60:b4:a9:38:2c:5b:9e:11:
d5:08:c9:5a:db:9c:e5:c6:5d:66:c4:5f:50:f7:15:
d2:c8:69:4f:80:d6:dc:bc:ba:66:4d:63:2a:b2:b0:
78:db:6e:1d:7b:99:e2:ed:04:44:3b:d7:89:16:2c:
30:d8:de:03:ee:a2:f9:e5:19:91:c1:41:7b:f9:e4:
89:b1:bd:f3:c6:69:06:ae:fd:7a:5a:3e:46:63:da:
e0:90:5a:bf:56:bf:a9:a2:21:d1:b2:f9:fe:71:0c:
be:78:c4:f3:91:f8:12:a0:c7:17:17:21:87:f8:50:
7f:c5:aa:c3:65:bc:ed:bd:8d:1e:40:c4:a7:10:cd:
a6:37:82:f5:ea:7a:5a:c5:00:a5:f7:24:a4:73:d6:
a0:16:1f:5c:b6:37:2e:7e:34:fc:67:be:29:b8:e6:
71:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FE:B8:5A:E7:98:57:F0:16:8E:7E:53:6A:14:BB:77:3C:8B:CE:67
X509v3 Authority Key Identifier:
keyid:8B:E3:87:45:46:E9:0B:A8:32:37:17:9E:E8:93:20:13:B2:D9:F8:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/i-OHRUbpC6gyNxee6JMgE7LZ-EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i-OHRUbpC6gyNxee6JMgE7LZ-EA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/03C4CEA2B79F11EB9B99533EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.114.0/23
Signature Algorithm: sha256WithRSAEncryption
68:6e:75:6b:3a:30:16:0d:17:27:65:76:72:c1:b1:9b:f3:06:
40:24:25:89:b9:f2:7f:a7:78:1a:c4:f4:53:77:58:9b:18:60:
7f:b3:c0:ba:4f:2a:9f:8e:78:ed:a8:c4:d7:e1:7d:2a:fc:a2:
3b:d2:49:16:e1:c0:21:a9:97:c4:6e:d2:4a:1e:74:6d:e9:fc:
a2:d8:61:0d:b5:dc:ad:6f:2b:cf:b4:40:94:9b:e4:a3:1b:46:
d7:f1:c0:25:3d:f8:ba:5b:fb:52:65:36:70:0a:af:7a:25:0d:
c2:25:5e:a7:53:18:68:09:d9:45:9e:f3:b8:96:d4:0b:1a:b1:
1f:cc:7e:91:be:77:93:80:1e:a0:73:db:64:66:4a:50:54:f2:
1a:f9:b9:a7:bb:8b:41:fb:c4:ef:56:31:c1:d9:ca:2f:0e:90:
61:b9:f6:ee:d2:14:35:bd:20:fa:d1:71:98:45:ac:24:b6:98:
db:39:77:64:53:8f:11:a6:a6:ea:a5:38:77:34:3d:54:35:3d:
33:9c:02:1a:b4:e4:21:47:9a:17:e8:f8:59:74:f5:46:c8:7e:
56:6e:6d:73:a8:52:29:ec:99:8d:2d:f0:f7:a2:fa:ea:a2:c6:
5b:ea:9b:6c:37:37:45:cc:4a:77:2e:a4:ea:b2:ef:94:27:7a:
62:2a:95:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyMUUxMTAvBgNVBAUTKDhCRTM4NzQ1NDZFOTBCQTgzMjM3MTc5RUU4OTMyMDEz
QjJEOUY4NDAwHhcNMjMwMTEyMTA1NjMxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JmZTc1ZS04NTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvGwz/7FhgJLnspcFDrAB/Mj9V/pBYp3hqQ4JeC79+m4GyJc6ahMGg3uRM7as
+dkFDpYoMh2oaSNgAfRzoTw+nSMI88+5f6hbGlhliqWjak+HADBVsE4EQROgYi8A
tmRXYLSpOCxbnhHVCMla25zlxl1mxF9Q9xXSyGlPgNbcvLpmTWMqsrB4224de5ni
7QREO9eJFiww2N4D7qL55RmRwUF7+eSJsb3zxmkGrv16Wj5GY9rgkFq/Vr+poiHR
svn+cQy+eMTzkfgSoMcXFyGH+FB/xarDZbztvY0eQMSnEM2mN4L16npaxQCl9ySk
c9agFh9ctjcufjT8Z74puOZxCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOL+uFrn
mFfwFo5+U2oUu3c8i85nMB8GA1UdIwQYMBaAFIvjh0VG6QuoMjcXnuiTIBOy2fhA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzIxRS82MEMxODE1NDBC
ODkxMUVBOEU1QUI3NUZDNEY5QUUwMi9pLU9IUlVicEM2Z3lOeGVlNkpNZ0U3TFot
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ktT0hSVWJwQzZneU54ZWU2Sk1nRTdMWi1FQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyMUUvNjBDMTgxNTQwQjg5MTFFQThFNUFCNzVGQzRGOUFFMDIvMDNDNENFQTJC
NzlGMTFFQjlCOTk1MzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFngnIwDQYJKoZIhvcNAQELBQADggEBAGhudWs6MBYNFydl
dnLBsZvzBkAkJYm58n+neBrE9FN3WJsYYH+zwLpPKp+OeO2oxNfhfSr8ojvSSRbh
wCGpl8Ru0koedG3p/KLYYQ213K1vK8+0QJSb5KMbRtfxwCU9+Lpb+1JlNnAKr3ol
DcIlXqdTGGgJ2UWe87iW1AsasR/MfpG+d5OAHqBz22RmSlBU8hr5uae7i0H7xO9W
McHZyi8OkGG59u7SFDW9IPrRcZhFrCS2mNs5d2RTjxGmpuqlOHc0PVQ1PTOcAhq0
5CFHmhfo+Fl09UbIflZubXOoUinsmY0t8Pei+uqixlvqm2w3N0XMSncupOqy75Qn
emIqlX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org