Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/61B615BEA38211EC98BD3909C4F9AE02.roa
File: 61B615BEA38211EC98BD3909C4F9AE02.roa (raw, json)
Hash identifier: 5jqiiOLftlxR/C9CQGT9SoyvKDe9y/1TtU0BOXkYx18=
Subject key identifier: 21:32:B7:C3:8D:6D:55:F4:42:99:97:ED:57:74:49:3E:0E:2F:01:B1
Certificate issuer: /CN=A911DF8A/serialNumber=826007A4E3D14BB0B509BB969845D01EB809DD7A
Certificate serial: 02
Authority key identifier: 82:60:07:A4:E3:D1:4B:B0:B5:09:BB:96:98:45:D0:1E:B8:09:DD:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gmAHpOPRS7C1CbuWmEXQHrgJ3Xo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/61B615BEA38211EC98BD3909C4F9AE02.roa
Signing time: Mon 14 Mar 2022 10:34:52 +0000
ROA not before: Mon 14 Mar 2022 10:34:52 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 48024
IP address blocks: 103.182.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DF8A/serialNumber=826007A4E3D14BB0B509BB969845D01EB809DD7A
Validity
Not Before: Mar 14 10:34:52 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=622f1a4c-0b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:90:df:a1:43:27:ce:90:64:be:ed:a8:31:ff:
86:a2:66:3b:c3:c0:9d:56:12:18:42:9f:05:65:bf:
0c:a6:98:8e:88:90:1a:9a:76:f3:98:09:7e:68:01:
d7:f3:9a:0d:66:96:56:e3:7a:0f:bd:cc:65:6e:55:
65:fe:a3:9b:c3:82:31:fe:20:0b:c4:92:fe:4a:2c:
92:9d:03:97:22:e4:1c:a6:12:be:02:1d:65:c3:a2:
3b:cc:a9:68:b6:99:9a:48:bb:70:f4:ba:8e:b3:44:
a2:22:33:e9:98:de:cd:e4:93:84:04:ce:42:96:1d:
0e:0d:97:a3:a4:ad:d0:d1:09:06:e2:44:67:06:fe:
72:53:c4:c3:13:2b:29:79:1a:54:27:58:5f:e0:32:
1a:c2:f0:e3:bf:80:50:a8:2c:15:87:50:e5:40:4d:
69:a7:b6:3f:1c:47:d1:17:2d:d7:9c:c6:2d:4e:c2:
ac:35:7d:8f:13:3e:06:94:36:37:89:5e:4c:aa:b5:
5e:95:80:1a:dd:87:e0:85:7d:bc:31:46:d1:4a:f1:
5f:30:37:02:0c:d5:3d:52:77:b1:cb:8a:16:b0:78:
c8:ca:fc:d7:41:ce:62:0c:91:00:42:64:4d:1e:74:
e5:97:a9:cb:56:29:be:da:64:63:02:4d:9a:d6:3f:
eb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:32:B7:C3:8D:6D:55:F4:42:99:97:ED:57:74:49:3E:0E:2F:01:B1
X509v3 Authority Key Identifier:
keyid:82:60:07:A4:E3:D1:4B:B0:B5:09:BB:96:98:45:D0:1E:B8:09:DD:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/gmAHpOPRS7C1CbuWmEXQHrgJ3Xo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gmAHpOPRS7C1CbuWmEXQHrgJ3Xo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/61B615BEA38211EC98BD3909C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.182.96.0/24
Signature Algorithm: sha256WithRSAEncryption
56:29:86:2e:20:3e:94:4e:f7:a6:2d:a1:63:8d:a4:ac:41:3f:
a8:60:1e:6c:71:f7:25:46:0f:90:a0:61:b4:de:a1:a6:4b:23:
30:12:51:1c:5c:3e:25:1c:8c:a3:79:0c:3b:b3:11:3b:67:64:
9e:fb:79:4a:55:41:a7:bc:bb:08:dd:f9:bc:f4:ec:86:ad:78:
7d:9d:c5:c3:a2:5c:a8:64:9c:65:ed:ae:5f:9a:d2:01:5e:ac:
6c:c0:64:00:35:a5:bd:0c:3f:ad:4b:53:c3:be:b6:3c:b1:9b:
65:b5:df:39:78:45:e9:f7:c4:3b:87:a7:0e:f5:e6:da:ca:f1:
31:20:02:ad:8a:09:8a:12:8f:55:f8:34:60:33:fe:79:58:51:
83:9d:af:b1:52:b6:f7:bf:b6:0e:c7:16:5a:f7:94:c6:a7:3a:
37:fb:4d:2b:b5:a4:69:e4:6a:aa:5e:f4:b8:33:36:fd:d9:34:
a0:c0:75:b5:c2:99:1c:9f:83:dd:ac:b8:99:7e:30:78:cb:4f:
8a:39:c8:5d:06:27:8f:be:f9:f0:65:35:1b:44:9b:17:d6:1a:
07:59:f8:e4:5f:db:04:f3:a7:78:14:9a:25:e7:0c:db:e9:96:
3f:74:8b:be:4a:51:c9:75:d8:15:97:48:ca:af:64:0b:7c:b1:
8f:79:a7:ce
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
REY4QTExMC8GA1UEBRMoODI2MDA3QTRFM0QxNEJCMEI1MDlCQjk2OTg0NUQwMUVC
ODA5REQ3QTAeFw0yMjAzMTQxMDM0NTJaFw0yMzA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMmYxYTRjLTBiNGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7kN+hQyfOkGS+7agx/4aiZjvDwJ1WEhhCnwVlvwymmI6IkBqadvOYCX5oAdfz
mg1mllbjeg+9zGVuVWX+o5vDgjH+IAvEkv5KLJKdA5ci5BymEr4CHWXDojvMqWi2
mZpIu3D0uo6zRKIiM+mY3s3kk4QEzkKWHQ4Nl6OkrdDRCQbiRGcG/nJTxMMTKyl5
GlQnWF/gMhrC8OO/gFCoLBWHUOVATWmntj8cR9EXLdecxi1Owqw1fY8TPgaUNjeJ
XkyqtV6VgBrdh+CFfbwxRtFK8V8wNwIM1T1Sd7HLihaweMjK/NdBzmIMkQBCZE0e
dOWXqctWKb7aZGMCTZrWP+vDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUITK3w41t
VfRCmZftV3RJPg4vAbEwHwYDVR0jBBgwFoAUgmAHpOPRS7C1CbuWmEXQHrgJ3Xow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERjhBLzM1NTNDRkFBQTM3
RjExRUM5MkQ2RkE1RUM0RjlBRTAyL2dtQUhwT1BSUzdDMUNidVdtRVhRSHJnSjNY
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ21BSHBPUFJTN0MxQ2J1V21FWFFIcmdKM1hvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
REY4QS8zNTUzQ0ZBQUEzN0YxMUVDOTJENkZBNUVDNEY5QUUwMi82MUI2MTVCRUEz
ODIxMUVDOThCRDM5MDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGe2YDANBgkqhkiG9w0BAQsFAAOCAQEAVimGLiA+lE73pi2h
Y42krEE/qGAebHH3JUYPkKBhtN6hpksjMBJRHFw+JRyMo3kMO7MRO2dknvt5SlVB
p7y7CN35vPTshq14fZ3Fw6JcqGScZe2uX5rSAV6sbMBkADWlvQw/rUtTw762PLGb
ZbXfOXhF6ffEO4enDvXm2srxMSACrYoJihKPVfg0YDP+eVhRg52vsVK297+2DscW
WveUxqc6N/tNK7WkaeRqql70uDM2/dk0oMB1tcKZHJ+D3ay4mX4weMtPijnIXQYn
j7758GU1G0SbF9YaB1n45F/bBPOneBSaJecM2+mWP3SLvkpRyXXYFZdIyq9kC3yx
j3mnzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org