Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9144266/0E858E2806CB11EC99B0EA3BC4F9AE02/A0D432E049D611EC91B5B532C4F9AE02.roa
File: A0D432E049D611EC91B5B532C4F9AE02.roa (raw, json)
Hash identifier: e6Gl2gh4pJ/OajW3DwhBByIbM/ODQnL+9GtpneQyQ4E=
Subject key identifier: 7D:EB:20:9E:47:C7:1A:16:2E:A9:C3:6F:4C:1C:8F:55:87:89:9D:20
Certificate issuer: /CN=A9144266/serialNumber=2F9AC68A6B00DF6056F70ABC5AAC6DB920AB1B1D
Certificate serial: AB
Authority key identifier: 2F:9A:C6:8A:6B:00:DF:60:56:F7:0A:BC:5A:AC:6D:B9:20:AB:1B:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L5rGimsA32BW9wq8WqxtuSCrGx0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9144266/0E858E2806CB11EC99B0EA3BC4F9AE02/A0D432E049D611EC91B5B532C4F9AE02.roa
Signing time: Sat 20 Nov 2021 07:51:11 +0000
ROA not before: Sat 20 Nov 2021 07:51:11 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 132298
IP address blocks: 103.172.112.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171 (0xab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9144266/serialNumber=2F9AC68A6B00DF6056F70ABC5AAC6DB920AB1B1D
Validity
Not Before: Nov 20 07:51:11 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6198a8ef-28f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5a:b7:7f:9a:12:ec:04:7e:2d:ed:88:ef:c9:
02:ef:53:89:3b:b6:1e:f7:64:f7:52:5e:49:4d:57:
39:2d:7a:a3:60:0d:84:4f:9f:63:a8:67:c6:d0:2b:
46:16:db:c5:4f:6f:52:45:ba:e6:d3:10:73:37:e6:
07:cd:2b:93:65:16:f5:7e:68:1f:f9:a8:db:a2:fc:
20:aa:c7:7c:de:21:e6:f1:52:c4:36:34:83:8f:ec:
35:ec:2f:00:5d:bf:6c:79:09:8c:14:f4:e4:a2:43:
8a:2b:d4:15:c2:44:c0:ca:cf:97:71:87:b0:f8:fb:
9a:e9:83:32:b2:3f:13:0f:40:4f:41:11:4a:41:5f:
68:09:f4:98:e6:f9:7f:f7:96:03:b4:74:b6:0f:99:
42:13:8a:1f:66:a8:fb:c4:53:0f:8e:ae:fd:a8:2f:
87:8c:af:d0:94:f0:c2:8e:32:27:3e:f5:23:90:ae:
c4:89:75:8e:59:a7:f5:df:5c:28:88:86:23:5b:99:
ee:37:67:7b:3c:4a:63:a0:2c:f3:af:5c:63:df:84:
22:79:c2:ec:0b:a1:c9:20:1f:7a:a1:88:f2:c3:96:
91:06:08:d1:f8:e9:46:1d:7d:2c:e9:f3:c3:ed:ed:
7f:0a:e5:e7:23:fe:c6:0b:1e:23:cc:40:a8:31:27:
0d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:EB:20:9E:47:C7:1A:16:2E:A9:C3:6F:4C:1C:8F:55:87:89:9D:20
X509v3 Authority Key Identifier:
keyid:2F:9A:C6:8A:6B:00:DF:60:56:F7:0A:BC:5A:AC:6D:B9:20:AB:1B:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9144266/0E858E2806CB11EC99B0EA3BC4F9AE02/L5rGimsA32BW9wq8WqxtuSCrGx0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L5rGimsA32BW9wq8WqxtuSCrGx0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144266/0E858E2806CB11EC99B0EA3BC4F9AE02/A0D432E049D611EC91B5B532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.112.0/23
Signature Algorithm: sha256WithRSAEncryption
89:58:af:49:f6:cd:ba:d2:3d:9c:7f:f5:5e:7d:5d:65:d4:33:
8f:e9:9a:52:3c:48:3c:a9:21:e1:04:b1:b1:91:b2:e6:22:ee:
de:b2:6e:00:6c:d8:f3:f1:28:6e:d2:53:37:b8:b4:0b:a5:7a:
3a:a2:59:15:b2:c7:e4:6e:94:d4:ad:71:28:9e:a5:c0:ed:f6:
a7:f2:2a:49:9c:4b:37:68:30:be:0f:11:96:87:84:fa:21:d9:
c0:3b:4e:7a:87:49:00:5a:46:ca:44:e6:90:73:0d:5c:69:e9:
b9:12:85:eb:37:55:3e:3a:4f:e7:c4:2d:66:71:95:81:68:b5:
35:be:8d:ec:28:b5:ef:62:97:e8:59:20:2d:12:40:03:75:9e:
9c:e8:a4:a7:70:9c:a4:8a:f8:68:da:89:80:59:53:a0:86:4e:
65:26:82:3c:ca:90:d1:b5:d7:e0:19:9d:25:f7:fe:e1:c3:b6:
61:99:0d:0e:e1:1c:79:54:65:fb:81:4c:0b:b9:e6:1a:5f:0f:
29:1d:c6:ad:e6:39:90:4e:c7:7a:77:10:9d:e5:a2:ea:4c:77:
09:33:a0:20:5f:e1:6c:5a:80:3d:5a:dc:81:ef:25:fd:4f:2f:
e0:a6:29:f7:40:93:5d:f8:7a:ea:83:57:30:8b:24:9d:ad:06:
6f:f2:b0:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDQyNjYxMTAvBgNVBAUTKDJGOUFDNjhBNkIwMERGNjA1NkY3MEFCQzVBQUM2REI5
MjBBQjFCMUQwHhcNMjExMTIwMDc1MTExWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTk4YThlZi0yOGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6lq3f5oS7AR+Le2I78kC71OJO7Ye92T3Ul5JTVc5LXqjYA2ET59jqGfG0CtG
FtvFT29SRbrm0xBzN+YHzSuTZRb1fmgf+ajbovwgqsd83iHm8VLENjSDj+w17C8A
Xb9seQmMFPTkokOKK9QVwkTAys+XcYew+Pua6YMysj8TD0BPQRFKQV9oCfSY5vl/
95YDtHS2D5lCE4ofZqj7xFMPjq79qC+HjK/QlPDCjjInPvUjkK7EiXWOWaf131wo
iIYjW5nuN2d7PEpjoCzzr1xj34QiecLsC6HJIB96oYjyw5aRBgjR+OlGHX0s6fPD
7e1/CuXnI/7GCx4jzECoMScNdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH3rIJ5H
xxoWLqnDb0wcj1WHiZ0gMB8GA1UdIwQYMBaAFC+axoprAN9gVvcKvFqsbbkgqxsd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDI2Ni8wRTg1OEUyODA2
Q0IxMUVDOTlCMEVBM0JDNEY5QUUwMi9MNXJHaW1zQTMyQlc5d3E4V3F4dHVTQ3JH
eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0w1ckdpbXNBMzJCVzl3cThXcXh0dVNDckd4MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDQyNjYvMEU4NThFMjgwNkNCMTFFQzk5QjBFQTNCQzRGOUFFMDIvQTBENDMyRTA0
OUQ2MTFFQzkxQjVCNTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrHAwDQYJKoZIhvcNAQELBQADggEBAIlYr0n2zbrSPZx/
9V59XWXUM4/pmlI8SDypIeEEsbGRsuYi7t6ybgBs2PPxKG7SUze4tAulejqiWRWy
x+RulNStcSiepcDt9qfyKkmcSzdoML4PEZaHhPoh2cA7TnqHSQBaRspE5pBzDVxp
6bkShes3VT46T+fELWZxlYFotTW+jewote9il+hZIC0SQAN1npzopKdwnKSK+Gja
iYBZU6CGTmUmgjzKkNG11+AZnSX3/uHDtmGZDQ7hHHlUZfuBTAu55hpfDykdxq3m
OZBOx3p3EJ3loupMdwkzoCBf4WxagD1a3IHvJf1PL+CmKfdAk134euqDVzCLJJ2t
Bm/ysJw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org