Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/CAB84976633811ED97F86846C4F9AE02.roa
File: CAB84976633811ED97F86846C4F9AE02.roa (raw, json)
Hash identifier: 1SnBoFPpeRud4oY/fgQTK+IJK6Qv6ZKA24Yn1ILfuDg=
Subject key identifier: 8D:04:8C:5F:C2:1B:43:56:F1:01:3B:60:0D:27:0F:E4:2B:8F:1E:14
Certificate issuer: /CN=A914BF04/serialNumber=B01E7C1EDE102251EE60741E2E19F060303D71C9
Certificate serial: 038D
Authority key identifier: B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/CAB84976633811ED97F86846C4F9AE02.roa
Signing time: Sun 13 Nov 2022 10:11:35 +0000
ROA not before: Sun 13 Nov 2022 10:11:35 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141681
IP address blocks: 103.161.242.0/24 maxlen: 24
103.170.17.0/24 maxlen: 24
2400:bde0::/32 maxlen: 32
2400:bde0::/48 maxlen: 48
2400:bde0:0:1::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 909 (0x38d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BF04/serialNumber=B01E7C1EDE102251EE60741E2E19F060303D71C9
Validity
Not Before: Nov 13 10:11:35 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6370c2d6-3a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:95:0b:b4:75:af:63:15:d7:32:da:b9:46:1b:
b2:87:60:e9:36:e5:08:ba:83:c3:5f:83:1f:b3:f4:
ac:b7:3a:77:38:2a:b2:f2:5f:13:88:34:ca:f2:a7:
04:99:08:fb:3a:c0:10:02:2a:93:ea:7b:57:6f:c0:
9b:f3:38:4a:13:9f:38:89:45:bd:40:2a:2f:d4:b5:
b7:b4:ee:7a:71:e6:5c:3a:70:d6:46:03:d3:b0:90:
af:85:fb:22:44:b8:6b:f9:9c:bd:f7:d9:5a:63:d5:
22:9e:bb:34:62:e2:71:cf:03:da:4a:42:46:bd:c6:
d3:e7:ac:81:4c:b6:b4:b3:d7:4e:c0:91:33:cd:ac:
84:6f:0a:7e:93:ec:0c:17:94:9b:cf:65:c0:d2:f3:
9f:02:a5:18:08:0f:cd:3d:3b:f6:85:74:0d:20:7e:
92:b9:e0:9b:b0:43:5e:66:6d:49:63:2d:79:5c:62:
c2:1d:d0:48:f1:84:80:62:c7:96:8e:c4:4d:db:16:
a5:a5:52:10:b7:bd:b5:fa:83:fb:b8:4e:48:cb:39:
74:a9:2a:2f:18:57:40:40:e0:b9:48:3c:7f:be:eb:
d9:35:87:27:1a:68:cc:83:ce:a0:0d:e3:05:fd:f8:
73:81:bc:6b:cc:69:8d:db:fa:a9:67:71:d8:5c:da:
50:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:04:8C:5F:C2:1B:43:56:F1:01:3B:60:0D:27:0F:E4:2B:8F:1E:14
X509v3 Authority Key Identifier:
keyid:B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/CAB84976633811ED97F86846C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.242.0/24
103.170.17.0/24
IPv6:
2400:bde0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:b9:9c:76:df:d6:a4:f7:15:57:b9:22:06:5a:ac:26:8d:87:
11:af:44:60:f2:fd:3f:67:f5:2b:47:ba:d7:0a:bf:27:1a:73:
bd:29:9a:b2:bc:99:8a:cc:87:b1:10:f3:06:32:c2:b3:cd:e4:
3f:a4:94:8e:ca:88:28:5c:e5:04:6e:0d:34:63:30:a1:95:b4:
30:41:54:07:b2:95:ac:19:e1:60:71:b8:2f:1c:60:4f:fe:a0:
b0:6e:10:12:63:39:ad:a7:ca:aa:1f:25:f0:72:3b:b9:24:6e:
3f:b6:9b:b9:d3:52:92:98:00:09:63:f8:ad:ee:7e:86:4c:33:
4e:50:cf:2c:eb:37:82:33:df:51:2e:f9:e7:3b:93:f3:61:11:
3c:db:a2:86:d9:4b:81:96:b7:ab:5e:1e:c8:e3:34:6c:9c:f5:
0d:1a:34:25:26:7f:eb:a0:98:dd:97:e1:06:c4:1c:b3:9e:22:
25:bf:2f:64:65:4f:aa:af:05:96:c5:58:45:39:45:bb:0b:4e:
2d:11:8b:9e:ae:2e:5e:7e:a0:b4:57:70:ca:be:79:39:da:bc:
47:01:35:82:b6:16:61:87:c3:49:63:68:92:e0:65:e9:26:d7:
89:bf:d5:23:a1:16:cb:8a:6e:f8:fb:a4:40:27:7f:18:71:00:
e1:d5:09:64
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICA40wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJGMDQxMTAvBgNVBAUTKEIwMUU3QzFFREUxMDIyNTFFRTYwNzQxRTJFMTlGMDYw
MzAzRDcxQzkwHhcNMjIxMTEzMTAxMTM1WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzcwYzJkNi0zYTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzpULtHWvYxXXMtq5Rhuyh2DpNuUIuoPDX4Mfs/Sstzp3OCqy8l8TiDTK8qcE
mQj7OsAQAiqT6ntXb8Cb8zhKE584iUW9QCov1LW3tO56ceZcOnDWRgPTsJCvhfsi
RLhr+Zy999laY9Uinrs0YuJxzwPaSkJGvcbT56yBTLa0s9dOwJEzzayEbwp+k+wM
F5Sbz2XA0vOfAqUYCA/NPTv2hXQNIH6SueCbsENeZm1JYy15XGLCHdBI8YSAYseW
jsRN2xalpVIQt721+oP7uE5Iyzl0qSovGFdAQOC5SDx/vuvZNYcnGmjMg86gDeMF
/fhzgbxrzGmN2/qpZ3HYXNpQeQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI0EjF/C
G0NW8QE7YA0nD+Qrjx4UMB8GA1UdIwQYMBaAFLAefB7eECJR7mB0Hi4Z8GAwPXHJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkYwNC9EQTUzOEE1NkVB
MjgxMUVCOUFFNjBCNzRDNEY5QUUwMi9zQjU4SHQ0UUlsSHVZSFFlTGhud1lEQTlj
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NCNThIdDRRSWxIdVlIUWVMaG53WURBOWNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJGMDQvREE1MzhBNTZFQTI4MTFFQjlBRTYwQjc0QzRGOUFFMDIvQ0FCODQ5NzY2
MzM4MTFFRDk3Rjg2ODQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnofIDBABnqhEwDQQCAAIwBwMFACQAveAwDQYJKoZIhvcN
AQELBQADggEBAJy5nHbf1qT3FVe5IgZarCaNhxGvRGDy/T9n9StHutcKvycac70p
mrK8mYrMh7EQ8wYywrPN5D+klI7KiChc5QRuDTRjMKGVtDBBVAeylawZ4WBxuC8c
YE/+oLBuEBJjOa2nyqofJfByO7kkbj+2m7nTUpKYAAlj+K3ufoZMM05QzyzrN4Iz
31Eu+ec7k/NhETzboobZS4GWt6teHsjjNGyc9Q0aNCUmf+ugmN2X4QbEHLOeIiW/
L2RlT6qvBZbFWEU5RbsLTi0Ri56uLl5+oLRXcMq+eTnavEcBNYK2FmGHw0ljaJLg
Zekm14m/1SOhFsuKbvj7pEAnfxhxAOHVCWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org