Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914B30A/91AE69AA467C11ECBD66126BC4F9AE02/AA0E8234467F11EC9A5B0A6FC4F9AE02.roa
File: AA0E8234467F11EC9A5B0A6FC4F9AE02.roa (raw, json)
Hash identifier: Z15kfD+CDe/trXiL9bU6NJLo2v7ifBTWg9vm3158InY=
Subject key identifier: 15:27:D8:7F:11:78:A3:47:B7:7F:9C:FE:A8:04:84:18:CE:A7:6E:42
Certificate issuer: /CN=A914B30A/serialNumber=137F69888BEE9CC83BAB41FAF2C942D10AF2CB65
Certificate serial: 02
Authority key identifier: 13:7F:69:88:8B:EE:9C:C8:3B:AB:41:FA:F2:C9:42:D1:0A:F2:CB:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E39piIvunMg7q0H68slC0Qryy2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914B30A/91AE69AA467C11ECBD66126BC4F9AE02/AA0E8234467F11EC9A5B0A6FC4F9AE02.roa
Signing time: Tue 16 Nov 2021 01:51:07 +0000
ROA not before: Tue 16 Nov 2021 01:51:07 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 138521
IP address blocks: 103.176.120.0/24 maxlen: 24
2001:df0:dc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914B30A/serialNumber=137F69888BEE9CC83BAB41FAF2C942D10AF2CB65
Validity
Not Before: Nov 16 01:51:07 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61930e8b-4965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4c:ef:13:ee:86:19:4d:d8:6a:99:c4:55:4a:
74:1b:a9:23:28:fe:30:19:51:db:56:44:b6:71:75:
37:94:bf:d6:ad:a4:67:c0:4e:9c:7e:08:42:1c:90:
71:48:b8:19:c4:3d:96:46:58:32:33:4a:f5:8e:fc:
06:ea:e7:18:73:d3:97:95:b4:23:22:0e:08:ec:44:
b4:ef:b1:e8:4c:e8:d2:64:dc:65:eb:8f:eb:2c:cd:
5f:b4:1b:6a:87:d3:36:7e:ef:37:a5:42:70:45:4b:
59:96:79:b8:33:6d:a3:38:46:d0:b2:1e:08:89:eb:
7f:e4:3a:db:c1:9a:19:ea:49:21:82:d8:5a:09:f8:
02:da:74:f1:ea:66:4f:4c:ec:1e:f2:f1:60:58:46:
b3:d4:0d:ea:69:10:f5:e2:aa:2a:5e:65:98:20:0e:
01:1d:9a:b8:f3:6f:79:1b:f4:24:49:01:84:fb:db:
c2:2f:9a:f6:12:f9:13:fd:a5:8c:73:e1:8b:c2:23:
1e:e5:5b:56:ef:05:07:a4:68:b6:4d:06:62:2e:64:
dc:23:29:68:10:e9:00:86:90:52:72:3f:49:92:f5:
f9:6d:f4:13:ae:44:cc:57:3e:5d:63:1f:a2:2f:d9:
a5:d8:23:e4:dc:68:9b:1e:32:4d:0f:b3:01:57:e1:
66:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:27:D8:7F:11:78:A3:47:B7:7F:9C:FE:A8:04:84:18:CE:A7:6E:42
X509v3 Authority Key Identifier:
keyid:13:7F:69:88:8B:EE:9C:C8:3B:AB:41:FA:F2:C9:42:D1:0A:F2:CB:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914B30A/91AE69AA467C11ECBD66126BC4F9AE02/E39piIvunMg7q0H68slC0Qryy2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E39piIvunMg7q0H68slC0Qryy2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B30A/91AE69AA467C11ECBD66126BC4F9AE02/AA0E8234467F11EC9A5B0A6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.120.0/24
IPv6:
2001:df0:dc0::/48
Signature Algorithm: sha256WithRSAEncryption
86:1a:be:a1:d9:a7:e1:0a:43:af:f7:46:5f:85:fe:6a:92:66:
a0:d2:5f:ef:9f:2c:cd:f2:d0:fb:a6:de:09:2f:a5:75:f4:16:
a9:f0:99:70:45:b0:a3:57:21:4d:ce:5d:cc:d1:e8:54:0e:bc:
1e:cf:be:70:24:22:9b:d6:1c:e0:75:87:e4:38:8c:7c:df:dd:
25:79:5e:c6:ff:70:6e:1f:41:7c:20:a9:f5:f0:f3:ef:4b:cf:
f4:2d:b2:bd:85:71:96:a1:16:c8:a0:0f:10:d3:7f:59:b0:bc:
64:df:c4:9a:dc:52:56:b0:7e:50:3d:84:bd:d2:27:77:2d:e5:
af:05:95:6b:a5:bf:ec:d6:09:3d:c5:bf:7c:e4:ed:eb:ca:ba:
8c:22:29:c0:29:34:88:c6:01:3e:b4:e7:59:fa:f6:bf:79:2d:
d2:32:9a:24:a6:e2:c8:f9:76:a5:a6:55:da:bc:6c:e3:f6:99:
f3:02:22:4d:76:f0:36:00:64:21:20:6e:b1:c1:e5:b6:d2:bc:
e2:ad:03:c0:f1:6b:f3:40:10:a0:63:35:54:46:9b:eb:55:27:
6d:30:d9:4d:b8:81:90:17:fd:e6:ed:d1:86:99:b3:90:9a:ff:
a4:a4:fb:20:7a:ed:55:57:36:03:34:81:fb:da:be:a0:ac:e8:
dd:90:2d:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QjMwQTExMC8GA1UEBRMoMTM3RjY5ODg4QkVFOUNDODNCQUI0MUZBRjJDOTQyRDEw
QUYyQ0I2NTAeFw0yMTExMTYwMTUxMDdaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxOTMwZThiLTQ5NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzTO8T7oYZTdhqmcRVSnQbqSMo/jAZUdtWRLZxdTeUv9atpGfATpx+CEIckHFI
uBnEPZZGWDIzSvWO/Abq5xhz05eVtCMiDgjsRLTvsehM6NJk3GXrj+sszV+0G2qH
0zZ+7zelQnBFS1mWebgzbaM4RtCyHgiJ63/kOtvBmhnqSSGC2FoJ+ALadPHqZk9M
7B7y8WBYRrPUDeppEPXiqipeZZggDgEdmrjzb3kb9CRJAYT728IvmvYS+RP9pYxz
4YvCIx7lW1bvBQekaLZNBmIuZNwjKWgQ6QCGkFJyP0mS9flt9BOuRMxXPl1jH6Iv
2aXYI+TcaJseMk0PswFX4WZ9AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUFSfYfxF4
o0e3f5z+qASEGM6nbkIwHwYDVR0jBBgwFoAUE39piIvunMg7q0H68slC0Qryy2Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCMzBBLzkxQUU2OUFBNDY3
QzExRUNCRDY2MTI2QkM0RjlBRTAyL0UzOXBpSXZ1bk1nN3EwSDY4c2xDMFFyeXky
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRTM5cGlJdnVuTWc3cTBINjhzbEMwUXJ5eTJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QjMwQS85MUFFNjlBQTQ2N0MxMUVDQkQ2NjEyNkJDNEY5QUUwMi9BQTBFODIzNDQ2
N0YxMUVDOUE1QjBBNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGeweDAPBAIAAjAJAwcAIAEN8A3AMA0GCSqGSIb3DQEBCwUA
A4IBAQCGGr6h2afhCkOv90Zfhf5qkmag0l/vnyzN8tD7pt4JL6V19Bap8JlwRbCj
VyFNzl3M0ehUDrwez75wJCKb1hzgdYfkOIx8390leV7G/3BuH0F8IKn18PPvS8/0
LbK9hXGWoRbIoA8Q039ZsLxk38Sa3FJWsH5QPYS90id3LeWvBZVrpb/s1gk9xb98
5O3ryrqMIinAKTSIxgE+tOdZ+va/eS3SMpokpuLI+XalplXavGzj9pnzAiJNdvA2
AGQhIG6xweW20rzirQPA8WvzQBCgYzVURpvrVSdtMNlNuIGQF/3m7dGGmbOQmv+k
pPsgeu1VVzYDNIH72r6grOjdkC2c
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:38 2023 by rpki-client on console-ams.rpki-client.org