Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131EDD/210B43047BBF11EBA02A4339C4F9AE02/247681E07BCC11EB91CCFB33C4F9AE02.roa
File: 247681E07BCC11EB91CCFB33C4F9AE02.roa (raw, json)
Hash identifier: 0kZYXQNNLtbXfVcikb9dBSnJtUw5Fm0oyA0ar91k7IE=
Subject key identifier: 60:CA:EF:49:AB:23:61:7C:FC:BB:16:E9:3E:92:87:10:9C:3C:08:EB
Certificate issuer: /CN=A9131EDD/serialNumber=A4694BE47C4F3BC94805D4A366A007C69070512E
Certificate serial: 01A5
Authority key identifier: A4:69:4B:E4:7C:4F:3B:C9:48:05:D4:A3:66:A0:07:C6:90:70:51:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pGlL5HxPO8lIBdSjZqAHxpBwUS4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131EDD/210B43047BBF11EBA02A4339C4F9AE02/247681E07BCC11EB91CCFB33C4F9AE02.roa
Signing time: Wed 29 Sep 2021 14:33:23 +0000
ROA not before: Wed 29 Sep 2021 14:33:23 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 45654
IP address blocks: 103.14.172.0/24 maxlen: 24
103.14.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 421 (0x1a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131EDD/serialNumber=A4694BE47C4F3BC94805D4A366A007C69070512E
Validity
Not Before: Sep 29 14:33:23 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61547932-afda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:33:ea:fa:c7:a9:b3:28:fe:97:de:bd:17:62:
e8:9c:85:71:07:43:8d:7c:09:99:96:ef:5e:51:b2:
aa:ef:9b:7e:74:bd:f4:72:24:fe:c1:5b:c0:84:3c:
56:06:82:2e:50:92:df:7e:2c:4a:b0:7b:f2:a1:9b:
5e:92:eb:57:ed:76:eb:f3:ad:f2:f0:d9:47:08:e2:
df:16:50:53:f3:3a:d7:f2:a5:b3:c4:05:eb:32:69:
a4:a3:a3:c4:32:69:0f:0b:6a:ef:42:f7:5a:b2:cc:
77:6c:09:6e:b6:c3:c2:6e:c5:52:1b:fd:25:56:7d:
a6:56:d9:39:24:a4:b8:da:e8:ec:d7:36:9e:53:04:
75:8b:57:e7:1f:87:90:3e:03:53:21:fe:42:0c:08:
9a:72:33:7d:7f:37:f6:62:7d:c4:6b:7e:47:5f:d9:
da:ec:36:b0:92:21:82:75:f8:0b:a6:f7:ee:ca:07:
7b:53:28:03:ea:f1:43:e4:72:62:97:23:09:92:d9:
32:b0:aa:c6:12:57:7b:4e:00:cd:fd:84:87:e8:3e:
03:bd:c3:dd:67:17:5c:20:5c:7e:3e:3e:01:5b:63:
05:95:9e:b6:a5:1a:78:fc:e3:55:03:e2:e4:b0:6a:
f3:5a:cd:c8:bd:71:df:e9:7d:88:28:ad:c8:f1:38:
53:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CA:EF:49:AB:23:61:7C:FC:BB:16:E9:3E:92:87:10:9C:3C:08:EB
X509v3 Authority Key Identifier:
keyid:A4:69:4B:E4:7C:4F:3B:C9:48:05:D4:A3:66:A0:07:C6:90:70:51:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131EDD/210B43047BBF11EBA02A4339C4F9AE02/pGlL5HxPO8lIBdSjZqAHxpBwUS4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pGlL5HxPO8lIBdSjZqAHxpBwUS4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131EDD/210B43047BBF11EBA02A4339C4F9AE02/247681E07BCC11EB91CCFB33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.172.0/24
103.14.175.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:27:d7:6c:f0:50:cf:ca:22:1e:a8:13:1d:79:11:b5:7a:2e:
4d:ef:c2:a8:ac:0c:69:f7:ef:b0:83:e0:e4:08:74:60:72:e9:
91:4c:b0:ee:30:dc:e7:27:5c:ba:60:e4:a0:33:89:60:0f:73:
2f:27:dc:71:db:af:62:6b:b6:6d:9c:8f:7e:c9:b5:5d:14:3a:
c2:4c:41:32:6c:77:a8:57:31:ce:5e:2f:0e:c4:69:e8:83:30:
0f:42:af:db:fd:50:89:db:32:be:da:91:fa:79:26:db:df:9e:
96:fb:28:b8:8c:9d:fc:e7:ca:16:46:0b:ef:70:bc:31:83:14:
4f:b8:c4:eb:85:39:e7:ad:77:f2:dc:45:21:bb:73:7c:b4:ef:
8d:a7:dc:84:1c:0c:32:bb:01:89:b0:aa:45:e4:22:a6:c4:5a:
59:a2:e2:8f:70:f1:ee:d2:e3:23:6a:bf:88:42:cf:c5:6b:1b:
d4:8c:89:a6:b4:a4:74:a9:e4:60:f3:5d:55:c7:aa:c2:3a:d3:
0f:2e:50:94:bc:54:8c:99:a5:ac:7f:75:53:34:a4:eb:84:83:
2e:cb:4a:96:e8:48:cf:e2:ca:a4:8e:37:2c:2d:48:96:5a:06:
8a:32:16:b3:96:57:6e:71:04:d0:67:f5:23:ee:1b:50:7a:e8:
a8:d9:04:f5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzFFREQxMTAvBgNVBAUTKEE0Njk0QkU0N0M0RjNCQzk0ODA1RDRBMzY2QTAwN0M2
OTA3MDUxMkUwHhcNMjEwOTI5MTQzMzIzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTU0NzkzMi1hZmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDPq+sepsyj+l969F2LonIVxB0ONfAmZlu9eUbKq75t+dL30ciT+wVvAhDxW
BoIuUJLffixKsHvyoZtekutX7Xbr863y8NlHCOLfFlBT8zrX8qWzxAXrMmmko6PE
MmkPC2rvQvdassx3bAlutsPCbsVSG/0lVn2mVtk5JKS42ujs1zaeUwR1i1fnH4eQ
PgNTIf5CDAiacjN9fzf2Yn3Ea35HX9na7DawkiGCdfgLpvfuygd7UygD6vFD5HJi
lyMJktkysKrGEld7TgDN/YSH6D4DvcPdZxdcIFx+Pj4BW2MFlZ62pRp4/ONVA+Lk
sGrzWs3IvXHf6X2IKK3I8ThTaQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGDK70mr
I2F8/LsW6T6ShxCcPAjrMB8GA1UdIwQYMBaAFKRpS+R8TzvJSAXUo2agB8aQcFEu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUVERC8yMTBCNDMwNDdC
QkYxMUVCQTAyQTQzMzlDNEY5QUUwMi9wR2xMNUh4UE84bElCZFNqWnFBSHhwQndV
UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BHbEw1SHhQTzhsSUJkU2pacUFIeHBCd1VTNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzFFREQvMjEwQjQzMDQ3QkJGMTFFQkEwMkE0MzM5QzRGOUFFMDIvMjQ3NjgxRTA3
QkNDMTFFQjkxQ0NGQjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnDqwDBABnDq8wDQYJKoZIhvcNAQELBQADggEBALQn12zw
UM/KIh6oEx15EbV6Lk3vwqisDGn377CD4OQIdGBy6ZFMsO4w3OcnXLpg5KAziWAP
cy8n3HHbr2Jrtm2cj37JtV0UOsJMQTJsd6hXMc5eLw7EaeiDMA9Cr9v9UInbMr7a
kfp5Jtvfnpb7KLiMnfznyhZGC+9wvDGDFE+4xOuFOeetd/LcRSG7c3y0742n3IQc
DDK7AYmwqkXkIqbEWlmi4o9w8e7S4yNqv4hCz8VrG9SMiaa0pHSp5GDzXVXHqsI6
0w8uUJS8VIyZpax/dVM0pOuEgy7LSpboSM/iyqSONywtSJZaBooyFrOWV25xBNBn
9SPuG1B66KjZBPU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org