Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/DF7656860B8A11EA9FEC6165C4F9AE02.roa
File: DF7656860B8A11EA9FEC6165C4F9AE02.roa (raw, json)
Hash identifier: uFlZmaVkDKAgApvkrXGUsnqI/MTkt8W7/SlN3OnNT3U=
Subject key identifier: A3:DF:95:1D:1A:7B:E2:4D:CF:8F:34:6B:4D:5A:3C:53:7B:A0:B8:C2
Certificate issuer: /CN=A911C21E/serialNumber=8BE3874546E90BA83237179EE8932013B2D9F840
Certificate serial: 0A60
Authority key identifier: 8B:E3:87:45:46:E9:0B:A8:32:37:17:9E:E8:93:20:13:B2:D9:F8:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i-OHRUbpC6gyNxee6JMgE7LZ-EA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/DF7656860B8A11EA9FEC6165C4F9AE02.roa
Signing time: Mon 10 Oct 2022 20:26:57 +0000
ROA not before: Mon 10 Oct 2022 20:26:57 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 136461
IP address blocks: 103.130.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2656 (0xa60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C21E/serialNumber=8BE3874546E90BA83237179EE8932013B2D9F840
Validity
Not Before: Oct 10 20:26:57 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63448011-4aec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:46:0f:26:e7:64:8d:46:ac:72:1f:b1:94:
a6:0f:c7:63:6a:92:68:e8:17:de:ab:63:66:88:e0:
b4:69:ea:83:47:94:64:c5:0b:17:58:7d:0a:71:a6:
33:b3:0c:db:5e:c3:24:b3:45:f7:22:28:39:28:52:
45:eb:8b:85:b7:cb:10:8d:eb:b0:8e:cb:dc:60:41:
82:4a:89:2e:c1:43:2e:6b:3a:e5:e7:21:3a:f5:14:
c3:d6:28:8f:7d:6a:5b:62:72:14:dd:15:b9:45:1b:
b6:e2:e6:1c:f8:e7:a0:ba:0e:5b:1d:81:70:b3:0c:
b9:04:86:5b:32:ea:e6:67:8a:ea:1d:46:90:16:b4:
76:d0:f4:0a:31:79:a3:73:63:27:a2:fe:b0:e6:73:
ee:16:c2:be:2b:e5:d6:e7:c6:1d:37:74:02:05:75:
57:56:bf:67:36:3b:34:66:de:ec:b8:db:f9:03:36:
12:e9:c0:68:01:d6:7d:0d:0b:0a:84:a7:01:3f:d4:
66:17:43:10:5d:c7:6d:7c:ee:0d:65:18:44:65:c8:
9b:7e:f6:63:e4:be:cc:7f:28:7d:32:f3:4d:53:69:
b7:fd:cf:bf:83:ff:4d:50:34:d7:9b:53:64:b4:9b:
c4:86:2e:61:6e:6a:d1:a7:65:e2:3b:7b:f9:7b:72:
29:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DF:95:1D:1A:7B:E2:4D:CF:8F:34:6B:4D:5A:3C:53:7B:A0:B8:C2
X509v3 Authority Key Identifier:
keyid:8B:E3:87:45:46:E9:0B:A8:32:37:17:9E:E8:93:20:13:B2:D9:F8:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/i-OHRUbpC6gyNxee6JMgE7LZ-EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i-OHRUbpC6gyNxee6JMgE7LZ-EA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C21E/60C181540B8911EA8E5AB75FC4F9AE02/DF7656860B8A11EA9FEC6165C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:da:84:ef:ec:9c:17:5c:6e:97:b0:34:52:a4:ca:17:af:ba:
4e:11:20:eb:88:79:13:cc:f3:f0:63:fd:44:82:8d:5c:cc:d3:
39:ad:03:e5:54:4e:22:6a:85:ea:93:46:cd:84:a0:04:bc:cf:
88:b3:42:15:1e:fb:44:45:91:0b:46:72:9a:1e:ca:87:9f:20:
16:89:88:3e:ad:7b:b0:50:d5:1b:b7:eb:93:8c:77:70:2e:a7:
4c:22:db:6c:19:89:fb:87:bc:15:a9:9b:31:b4:99:fe:c2:5d:
d2:48:54:3c:14:52:44:d7:fa:02:92:4d:ed:df:53:e5:f6:e2:
fe:a4:44:53:1c:5b:c0:60:56:0d:dd:b8:c7:74:d5:3d:48:d1:
ea:4f:bd:0c:01:61:7b:dc:03:2c:7f:2e:e8:a5:d1:c3:70:f6:
3f:91:f0:1a:85:a6:10:07:d5:7d:b9:ea:68:f4:07:f7:ed:f3:
12:87:a7:85:45:93:a9:e9:84:81:fc:0c:ae:77:95:01:86:25:
18:5f:1a:af:16:ca:6a:17:db:c5:37:f0:af:a3:25:2b:d8:18:
4c:5b:b4:e7:1a:79:70:f1:ba:e4:0b:5f:a7:bd:1d:ec:a6:65:
ce:49:00:7f:cd:bc:dc:72:75:3e:5c:6b:2b:40:94:08:83:dd:
14:02:c8:55
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyMUUxMTAvBgNVBAUTKDhCRTM4NzQ1NDZFOTBCQTgzMjM3MTc5RUU4OTMyMDEz
QjJEOUY4NDAwHhcNMjIxMDEwMjAyNjU3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ0ODAxMS00YWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArS5GDybnZI1GrHIfsZSmD8djapJo6Bfeq2NmiOC0aeqDR5RkxQsXWH0KcaYz
swzbXsMks0X3Iig5KFJF64uFt8sQjeuwjsvcYEGCSokuwUMuazrl5yE69RTD1iiP
fWpbYnIU3RW5RRu24uYc+Oegug5bHYFwswy5BIZbMurmZ4rqHUaQFrR20PQKMXmj
c2Mnov6w5nPuFsK+K+XW58YdN3QCBXVXVr9nNjs0Zt7suNv5AzYS6cBoAdZ9DQsK
hKcBP9RmF0MQXcdtfO4NZRhEZcibfvZj5L7Mfyh9MvNNU2m3/c+/g/9NUDTXm1Nk
tJvEhi5hbmrRp2XiO3v5e3Ip2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKPflR0a
e+JNz480a01aPFN7oLjCMB8GA1UdIwQYMBaAFIvjh0VG6QuoMjcXnuiTIBOy2fhA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzIxRS82MEMxODE1NDBC
ODkxMUVBOEU1QUI3NUZDNEY5QUUwMi9pLU9IUlVicEM2Z3lOeGVlNkpNZ0U3TFot
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ktT0hSVWJwQzZneU54ZWU2Sk1nRTdMWi1FQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyMUUvNjBDMTgxNTQwQjg5MTFFQThFNUFCNzVGQzRGOUFFMDIvREY3NjU2ODYw
QjhBMTFFQTlGRUM2MTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABngnIwDQYJKoZIhvcNAQELBQADggEBAH/ahO/snBdcbpew
NFKkyhevuk4RIOuIeRPM8/Bj/USCjVzM0zmtA+VUTiJqheqTRs2EoAS8z4izQhUe
+0RFkQtGcpoeyoefIBaJiD6te7BQ1Ru365OMd3Aup0wi22wZifuHvBWpmzG0mf7C
XdJIVDwUUkTX+gKSTe3fU+X24v6kRFMcW8BgVg3duMd01T1I0epPvQwBYXvcAyx/
Luil0cNw9j+R8BqFphAH1X256mj0B/ft8xKHp4VFk6nphIH8DK53lQGGJRhfGq8W
ymoX28U38K+jJSvYGExbtOcaeXDxuuQLX6e9HeymZc5JAH/NvNxydT5caytAlAiD
3RQCyFU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org