Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/0BBD2250D05111EC8EC75D35C4F9AE02.roa
File: 0BBD2250D05111EC8EC75D35C4F9AE02.roa (raw, json)
Hash identifier: HqehQWsoeUYZIPd6EZXvhoxy9OITuj9bGbqwC6bTIOs=
Subject key identifier: 3F:55:22:3B:64:CC:35:44:E1:14:2A:04:C8:9F:1B:84:55:4A:EA:88
Certificate issuer: /CN=A913A8A4/serialNumber=4D176A0B457A6E5695D37A7ECB8DCB3A73CB4812
Certificate serial: 0EF1
Authority key identifier: 4D:17:6A:0B:45:7A:6E:56:95:D3:7A:7E:CB:8D:CB:3A:73:CB:48:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRdqC0V6blaV03p-y43LOnPLSBI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/0BBD2250D05111EC8EC75D35C4F9AE02.roa
Signing time: Tue 10 May 2022 11:05:05 +0000
ROA not before: Tue 10 May 2022 11:05:05 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 140096
IP address blocks: 103.102.4.0/22 maxlen: 23
103.102.4.0/24 maxlen: 32
103.102.5.0/24 maxlen: 24
103.102.6.0/24 maxlen: 24
103.102.7.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3825 (0xef1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913A8A4/serialNumber=4D176A0B457A6E5695D37A7ECB8DCB3A73CB4812
Validity
Not Before: May 10 11:05:05 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=627a46e1-8380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d2:e9:57:94:94:1e:14:6b:a3:e6:99:4a:81:
ee:6a:f2:d8:8b:3f:7d:5b:89:09:59:58:a9:1e:4e:
a8:e0:83:0f:72:00:e1:ba:a5:d1:13:1d:fa:91:5f:
15:e3:ab:0c:88:e7:3b:d0:bb:cf:c7:91:8b:43:a0:
8d:28:f0:ef:f1:89:bb:9b:5a:e0:16:dc:49:49:d1:
56:22:95:57:17:0d:5f:5c:38:4c:e7:79:8f:db:7f:
04:46:ba:2a:5c:c2:97:cb:f6:b0:c0:46:bf:80:26:
b8:58:1e:c8:5f:6f:75:82:fa:7e:6d:8e:93:82:30:
2e:16:9d:57:0e:3d:32:2a:88:8d:ba:7c:bb:e3:ff:
40:d0:86:73:8a:4f:a3:67:9c:ee:39:f4:66:83:32:
90:44:64:d1:66:47:22:e0:ba:99:10:ce:fd:02:50:
23:a0:98:da:6d:3d:e9:12:32:38:96:11:bb:73:3e:
1c:29:19:5f:b4:3f:76:d3:01:87:25:40:1c:0c:31:
aa:3b:49:88:93:8e:ae:55:1d:30:50:f1:42:07:4d:
e7:25:a4:35:dc:a0:16:cc:a6:23:e7:38:93:a9:ff:
b3:c7:f2:01:b8:ea:b6:36:0f:8a:87:f7:5f:2a:f2:
b5:d8:d5:93:10:6f:02:d2:ce:56:e9:19:5f:1f:82:
f1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:55:22:3B:64:CC:35:44:E1:14:2A:04:C8:9F:1B:84:55:4A:EA:88
X509v3 Authority Key Identifier:
keyid:4D:17:6A:0B:45:7A:6E:56:95:D3:7A:7E:CB:8D:CB:3A:73:CB:48:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/TRdqC0V6blaV03p-y43LOnPLSBI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRdqC0V6blaV03p-y43LOnPLSBI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/0BBD2250D05111EC8EC75D35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:0f:df:90:dc:2d:8c:10:39:1c:bb:a4:cd:49:b7:2a:4d:ad:
aa:56:a6:aa:ef:dc:6a:ba:9d:ed:14:fa:4c:6e:f7:d2:b7:0d:
dd:40:a2:ba:46:db:37:93:40:72:81:12:a0:d9:f5:48:82:21:
6d:86:46:4a:af:fe:3d:eb:49:9e:26:1f:2e:28:15:dc:72:f6:
a2:1c:93:36:30:97:30:ca:4a:a9:46:04:bd:29:92:e1:29:16:
06:86:d3:ca:8e:f6:5a:0b:eb:31:d0:99:6a:8d:e8:ad:d3:93:
45:c9:98:8c:36:87:57:ae:e7:6f:72:90:11:15:6c:94:74:fc:
d0:f5:20:cd:b8:ac:35:0a:11:c6:0b:17:fa:8d:1a:a2:62:81:
a3:62:67:e0:ad:54:46:eb:77:7b:2d:1f:76:66:29:8e:4f:da:
3a:3e:02:e1:b8:44:0a:31:cc:f0:7c:6b:e0:27:09:a4:31:2f:
a1:33:70:b5:c8:52:73:5c:4d:ea:04:f3:78:5d:a4:90:94:de:
63:a2:bc:3e:65:9a:0e:f7:85:de:50:62:77:e9:b4:62:02:20:
3e:ed:82:e1:16:db:69:d5:f7:c9:1f:de:9d:15:18:74:46:a3:
d0:35:79:9b:ee:8c:5a:b9:0e:fc:01:c4:12:fa:45:a0:bf:a2:
d7:0a:af:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDvEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0E4QTQxMTAvBgNVBAUTKDREMTc2QTBCNDU3QTZFNTY5NUQzN0E3RUNCOERDQjNB
NzNDQjQ4MTIwHhcNMjIwNTEwMTEwNTA1WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdhNDZlMS04MzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNLpV5SUHhRro+aZSoHuavLYiz99W4kJWVipHk6o4IMPcgDhuqXREx36kV8V
46sMiOc70LvPx5GLQ6CNKPDv8Ym7m1rgFtxJSdFWIpVXFw1fXDhM53mP238ERroq
XMKXy/awwEa/gCa4WB7IX291gvp+bY6TgjAuFp1XDj0yKoiNuny74/9A0IZzik+j
Z5zuOfRmgzKQRGTRZkci4LqZEM79AlAjoJjabT3pEjI4lhG7cz4cKRlftD920wGH
JUAcDDGqO0mIk46uVR0wUPFCB03nJaQ13KAWzKYj5ziTqf+zx/IBuOq2Ng+Kh/df
KvK12NWTEG8C0s5W6RlfH4LxlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD9VIjtk
zDVE4RQqBMifG4RVSuqIMB8GA1UdIwQYMBaAFE0XagtFem5WldN6fsuNyzpzy0gS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQThBNC83OTBFNjEwQ0U5
QzMxMUU4QTlDRUQ2NDhDNEY5QUUwMi9UUmRxQzBWNmJsYVYwM3AteTQzTE9uUExT
QkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RSZHFDMFY2YmxhVjAzcC15NDNMT25QTFNCSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0E4QTQvNzkwRTYxMENFOUMzMTFFOEE5Q0VENjQ4QzRGOUFFMDIvMEJCRDIyNTBE
MDUxMTFFQzhFQzc1RDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnZgQwDQYJKoZIhvcNAQELBQADggEBAH4P35DcLYwQORy7
pM1JtypNrapWpqrv3Gq6ne0U+kxu99K3Dd1AorpG2zeTQHKBEqDZ9UiCIW2GRkqv
/j3rSZ4mHy4oFdxy9qIckzYwlzDKSqlGBL0pkuEpFgaG08qO9loL6zHQmWqN6K3T
k0XJmIw2h1eu529ykBEVbJR0/ND1IM24rDUKEcYLF/qNGqJigaNiZ+CtVEbrd3st
H3ZmKY5P2jo+AuG4RAoxzPB8a+AnCaQxL6EzcLXIUnNcTeoE83hdpJCU3mOivD5l
mg73hd5QYnfptGICID7tguEW22nV98kf3p0VGHRGo9A1eZvujFq5DvwBxBL6RaC/
otcKr1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org