Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/705C3534D37111ECBE6E137EC4F9AE02.roa
File: 705C3534D37111ECBE6E137EC4F9AE02.roa (raw, json)
Hash identifier: N8FTfj+xXAwJ8CLf6c94qac9z+XAU7kA6UptqMk3/zk=
Subject key identifier: D4:E6:B3:56:F4:A5:43:27:9A:37:7A:9B:8F:17:2E:61:D5:95:E3:EE
Certificate issuer: /CN=A914B758/serialNumber=AF55581BA127E2090A0A5462FE7BCE70616F2CDC
Certificate serial: 02
Authority key identifier: AF:55:58:1B:A1:27:E2:09:0A:0A:54:62:FE:7B:CE:70:61:6F:2C:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r1VYG6En4gkKClRi_nvOcGFvLNw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/705C3534D37111ECBE6E137EC4F9AE02.roa
Signing time: Sat 14 May 2022 10:34:31 +0000
ROA not before: Sat 14 May 2022 10:34:31 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 149830
IP address blocks: 103.187.98.0/23 maxlen: 23
103.187.98.0/24 maxlen: 24
103.187.99.0/24 maxlen: 24
2001:df0:bac0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914B758/serialNumber=AF55581BA127E2090A0A5462FE7BCE70616F2CDC
Validity
Not Before: May 14 10:34:31 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=627f85b7-1d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:49:7f:ba:51:92:24:05:29:bb:47:a3:ed:e0:
aa:e8:da:25:37:4e:1b:69:12:11:fb:67:69:ef:f2:
ab:91:62:bf:fa:88:c5:b8:60:fa:27:57:e1:ac:5a:
f6:e7:d9:96:5b:12:e3:1f:76:ca:43:c7:cb:07:04:
ed:f7:1d:78:8b:ae:9a:be:ab:37:01:c8:64:d0:99:
9b:a6:59:64:57:c5:41:86:46:1f:0b:e3:f2:24:75:
ab:2f:36:76:34:27:5f:7c:7a:c0:92:cb:89:a2:91:
5e:51:b3:72:fd:ac:52:cb:56:6d:dc:27:8b:ef:7f:
e3:e7:01:23:54:d0:bf:17:5a:2a:c4:6f:c7:a1:ce:
26:2c:5f:69:15:3c:52:b0:6d:10:18:36:06:05:76:
bd:bd:a3:bc:15:d2:57:d5:fb:fa:90:78:d8:80:5b:
ed:ef:c4:81:ad:6e:d3:c1:af:62:c8:57:c0:65:2b:
ec:e9:b9:67:1b:33:d9:97:b3:29:c9:1d:1f:ba:16:
7e:b1:5f:0c:79:c9:01:7c:69:4b:38:46:ff:7f:37:
26:60:cf:84:6a:b8:cc:7c:35:68:1b:99:17:27:16:
c7:65:4c:55:0e:0a:ca:98:df:24:dc:93:ce:7f:91:
a9:94:d0:b5:0b:07:2f:2c:f0:a3:06:9d:57:ce:62:
e8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E6:B3:56:F4:A5:43:27:9A:37:7A:9B:8F:17:2E:61:D5:95:E3:EE
X509v3 Authority Key Identifier:
keyid:AF:55:58:1B:A1:27:E2:09:0A:0A:54:62:FE:7B:CE:70:61:6F:2C:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/r1VYG6En4gkKClRi_nvOcGFvLNw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r1VYG6En4gkKClRi_nvOcGFvLNw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B758/4C7A2868D36E11ECB2614453C4F9AE02/705C3534D37111ECBE6E137EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.187.98.0/23
IPv6:
2001:df0:bac0::/48
Signature Algorithm: sha256WithRSAEncryption
32:86:b7:fe:71:c9:09:51:46:1b:2f:84:c0:b0:7f:52:3d:53:
87:3e:4f:ea:cd:9a:25:5b:df:69:5a:81:bd:55:48:8c:ad:d4:
9e:dd:c5:d4:17:7b:a1:b5:a0:4b:a0:32:25:d2:ca:02:18:2e:
f7:f1:05:a2:8f:0f:75:1a:1b:2f:f8:8f:1c:82:0e:22:bd:e0:
63:c9:81:28:d6:c2:d2:55:46:4b:8d:b8:81:1d:fe:ed:33:74:
6d:ec:42:80:b5:ca:da:33:32:d1:ee:44:a2:14:6c:de:05:8e:
b0:a5:e9:24:91:a9:37:cc:8c:c6:14:4f:ca:02:fe:9b:7f:5f:
0d:44:3a:68:bf:1d:54:ef:12:d9:73:58:5e:e7:33:c7:ad:86:
eb:1e:0a:87:16:44:e1:2f:a5:a8:40:cc:d3:56:a1:02:a1:03:
e2:e1:a9:70:1e:6a:bc:d0:ec:25:26:f7:1c:f6:a5:df:14:f1:
41:f4:5b:c3:49:96:ec:e0:99:7f:81:06:b6:e4:40:54:25:9f:
9d:4c:6b:9e:06:b8:45:10:eb:7c:7e:8c:30:37:74:01:dd:86:
c0:d2:c9:cc:31:8f:94:48:e1:a7:88:15:f3:92:18:bc:7e:6f:
1f:be:55:28:99:5f:f0:ab:38:4a:66:3b:55:89:c3:8e:cb:6b:
df:ce:24:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
Qjc1ODExMC8GA1UEBRMoQUY1NTU4MUJBMTI3RTIwOTBBMEE1NDYyRkU3QkNFNzA2
MTZGMkNEQzAeFw0yMjA1MTQxMDM0MzFaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyN2Y4NWI3LTFkMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTSX+6UZIkBSm7R6Pt4Kro2iU3ThtpEhH7Z2nv8quRYr/6iMW4YPonV+GsWvbn
2ZZbEuMfdspDx8sHBO33HXiLrpq+qzcByGTQmZumWWRXxUGGRh8L4/IkdasvNnY0
J198esCSy4mikV5Rs3L9rFLLVm3cJ4vvf+PnASNU0L8XWirEb8ehziYsX2kVPFKw
bRAYNgYFdr29o7wV0lfV+/qQeNiAW+3vxIGtbtPBr2LIV8BlK+zpuWcbM9mXsynJ
HR+6Fn6xXwx5yQF8aUs4Rv9/NyZgz4RquMx8NWgbmRcnFsdlTFUOCsqY3yTck85/
kamU0LULBy8s8KMGnVfOYujVAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU1OazVvSl
QyeaN3qbjxcuYdWV4+4wHwYDVR0jBBgwFoAUr1VYG6En4gkKClRi/nvOcGFvLNww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCNzU4LzRDN0EyODY4RDM2
RTExRUNCMjYxNDQ1M0M0RjlBRTAyL3IxVllHNkVuNGdrS0NsUmlfbnZPY0dGdkxO
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcjFWWUc2RW40Z2tLQ2xSaV9udk9jR0Z2TE53LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
Qjc1OC80QzdBMjg2OEQzNkUxMUVDQjI2MTQ0NTNDNEY5QUUwMi83MDVDMzUzNEQz
NzExMUVDQkU2RTEzN0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe7YjAPBAIAAjAJAwcAIAEN8LrAMA0GCSqGSIb3DQEBCwUA
A4IBAQAyhrf+cckJUUYbL4TAsH9SPVOHPk/qzZolW99pWoG9VUiMrdSe3cXUF3uh
taBLoDIl0soCGC738QWijw91Ghsv+I8cgg4iveBjyYEo1sLSVUZLjbiBHf7tM3Rt
7EKAtcraMzLR7kSiFGzeBY6wpekkkak3zIzGFE/KAv6bf18NRDpovx1U7xLZc1he
5zPHrYbrHgqHFkThL6WoQMzTVqECoQPi4alwHmq80OwlJvcc9qXfFPFB9FvDSZbs
4Jl/gQa25EBUJZ+dTGueBrhFEOt8fowwN3QB3YbA0snMMY+USOGniBXzkhi8fm8f
vlUomV/wqzhKZjtVicOOy2vfziRP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org