Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/0992678AEA2C11EB8F879778C4F9AE02.roa
File: 0992678AEA2C11EB8F879778C4F9AE02.roa (raw, json)
Hash identifier: Y2pSuDOrAVbrLs8i1LGVCAJC/HC1ixoXJt8vLanLphc=
Subject key identifier: 20:BC:14:DE:58:15:C6:B1:7E:F8:F2:C6:C4:03:64:0F:EF:EE:65:4F
Certificate issuer: /CN=A914BF04/serialNumber=B01E7C1EDE102251EE60741E2E19F060303D71C9
Certificate serial: 0387
Authority key identifier: B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/0992678AEA2C11EB8F879778C4F9AE02.roa
Signing time: Fri 11 Nov 2022 06:52:34 +0000
ROA not before: Fri 11 Nov 2022 06:52:34 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141681
IP address blocks: 103.161.242.0/24 maxlen: 24
103.170.17.0/24 maxlen: 24
2400:bde0::/32 maxlen: 32
2400:bde0::/48 maxlen: 48
2400:bde0:0:1::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 903 (0x387)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BF04/serialNumber=B01E7C1EDE102251EE60741E2E19F060303D71C9
Validity
Not Before: Nov 11 06:52:34 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=636df132-93f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c0:b9:53:64:47:ea:30:f7:d2:aa:b8:94:68:
06:72:70:4d:0d:87:cf:01:d0:a5:7c:b7:30:56:ae:
69:62:d7:7d:84:78:da:23:a8:9c:68:f8:e6:d5:4e:
56:82:fc:ed:f0:c4:88:61:87:3f:2b:0b:9c:82:09:
96:dd:27:85:62:f5:f9:f2:5a:69:1c:e8:fb:79:f8:
df:96:d8:42:1f:9b:f8:98:bc:fc:17:7d:2a:d2:d1:
29:e3:5f:db:25:e8:c7:9d:e7:b3:99:bb:bd:4d:e5:
69:c5:c6:1a:b1:47:aa:4e:e7:85:81:e3:c3:f7:8d:
6f:52:5b:8c:da:39:1a:4e:8f:25:82:ad:c3:d5:81:
45:ca:e3:d3:dd:e7:c7:8d:15:3e:61:d5:e4:00:f1:
29:dd:ae:1b:35:84:0b:e5:f5:73:46:b2:5a:9d:b7:
4e:27:dd:35:5a:b8:60:5f:43:7b:bc:a5:a8:97:21:
18:f4:e7:5b:b7:bc:45:c5:b0:f4:cc:5b:ac:a8:30:
7a:a6:b7:60:85:d5:bf:bb:ce:ce:af:c4:76:57:f9:
7e:7d:02:07:b8:93:22:49:2e:62:f4:f4:4f:7f:2c:
ef:d8:04:4f:9b:20:8b:0e:25:d1:3b:2d:9f:d5:98:
1a:26:e7:50:36:fd:76:f7:cb:c8:55:3e:6a:8e:41:
b6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BC:14:DE:58:15:C6:B1:7E:F8:F2:C6:C4:03:64:0F:EF:EE:65:4F
X509v3 Authority Key Identifier:
keyid:B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/0992678AEA2C11EB8F879778C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.242.0/24
103.170.17.0/24
IPv6:
2400:bde0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:c0:5e:2d:7f:2d:08:a5:02:7b:f6:a8:77:7a:b9:e3:22:53:
9e:cf:f4:7a:04:26:f5:0d:1f:23:5e:28:01:99:64:df:c3:3c:
b8:4f:f2:f0:25:e6:ea:ab:55:21:d3:fe:13:6d:b0:33:de:f1:
d9:8b:27:78:a0:17:95:09:fc:35:fe:53:7b:db:44:06:df:da:
f4:4a:38:e0:75:69:b0:d0:5e:61:6f:07:42:9a:c7:ad:d5:8a:
ce:dd:17:f9:f1:25:fd:f2:fe:5e:aa:55:06:33:61:06:b8:8e:
1b:17:22:4d:e7:11:b4:84:78:8a:62:de:8f:90:19:31:79:dc:
0f:c1:0a:df:93:a1:7e:7a:e8:4c:90:0f:4b:db:8f:7d:cb:6c:
b8:06:7d:c5:65:3c:bf:ba:92:bf:f9:0e:c2:2f:c9:8d:0e:c8:
e0:0a:df:a5:73:6a:5d:66:c4:4f:d6:03:e7:5d:e3:f2:6c:8f:
d6:3b:10:41:e6:d7:80:9d:bb:d0:6f:79:11:c6:d2:6d:b9:2b:
96:bd:2f:fe:47:1b:38:4f:88:02:94:40:4d:86:6b:01:8a:e7:
3f:8c:09:a2:36:9a:58:8a:f8:57:ca:75:69:a4:54:f9:e8:d1:
d1:a7:04:a7:ee:50:e6:f1:6f:61:ba:79:23:8a:49:56:4c:5e:
3f:35:16:f9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA4cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJGMDQxMTAvBgNVBAUTKEIwMUU3QzFFREUxMDIyNTFFRTYwNzQxRTJFMTlGMDYw
MzAzRDcxQzkwHhcNMjIxMTExMDY1MjM0WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZkZjEzMi05M2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucC5U2RH6jD30qq4lGgGcnBNDYfPAdClfLcwVq5pYtd9hHjaI6icaPjm1U5W
gvzt8MSIYYc/KwucggmW3SeFYvX58lppHOj7efjflthCH5v4mLz8F30q0tEp41/b
JejHneezmbu9TeVpxcYasUeqTueFgePD941vUluM2jkaTo8lgq3D1YFFyuPT3efH
jRU+YdXkAPEp3a4bNYQL5fVzRrJanbdOJ901WrhgX0N7vKWolyEY9Odbt7xFxbD0
zFusqDB6prdghdW/u87Or8R2V/l+fQIHuJMiSS5i9PRPfyzv2ARPmyCLDiXROy2f
1ZgaJudQNv1298vIVT5qjkG2SwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCC8FN5Y
FcaxfvjyxsQDZA/v7mVPMB8GA1UdIwQYMBaAFLAefB7eECJR7mB0Hi4Z8GAwPXHJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkYwNC9EQTUzOEE1NkVB
MjgxMUVCOUFFNjBCNzRDNEY5QUUwMi9zQjU4SHQ0UUlsSHVZSFFlTGhud1lEQTlj
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NCNThIdDRRSWxIdVlIUWVMaG53WURBOWNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJGMDQvREE1MzhBNTZFQTI4MTFFQjlBRTYwQjc0QzRGOUFFMDIvMDk5MjY3OEFF
QTJDMTFFQjhGODc5Nzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnofIDBABnqhEwDQQCAAIwBwMFACQAveAwDQYJKoZIhvcN
AQELBQADggEBAE/AXi1/LQilAnv2qHd6ueMiU57P9HoEJvUNHyNeKAGZZN/DPLhP
8vAl5uqrVSHT/hNtsDPe8dmLJ3igF5UJ/DX+U3vbRAbf2vRKOOB1abDQXmFvB0Ka
x63Vis7dF/nxJf3y/l6qVQYzYQa4jhsXIk3nEbSEeIpi3o+QGTF53A/BCt+ToX56
6EyQD0vbj33LbLgGfcVlPL+6kr/5DsIvyY0OyOAK36Vzal1mxE/WA+dd4/Jsj9Y7
EEHm14Cdu9BveRHG0m25K5a9L/5HGzhPiAKUQE2GawGK5z+MCaI2mliK+FfKdWmk
VPno0dGnBKfuUObxb2G6eSOKSVZMXj81Fvk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org