Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/4371725E388011EDB3E3D23DC4F9AE02.roa
File: 4371725E388011EDB3E3D23DC4F9AE02.roa (raw, json)
Hash identifier: nwwyMImnqOntv18lreaHksX0icZJvO0inS+gXCn2IDU=
Subject key identifier: EE:E8:8D:5C:24:ED:B0:96:08:E1:EB:22:09:28:30:A9:D8:01:23:95
Certificate issuer: /CN=A915087F/serialNumber=3A6DD4B70C4560EAC37E81E622CC43809F523B4B
Certificate serial: 12
Authority key identifier: 3A:6D:D4:B7:0C:45:60:EA:C3:7E:81:E6:22:CC:43:80:9F:52:3B:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Om3UtwxFYOrDfoHmIsxDgJ9SO0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/4371725E388011EDB3E3D23DC4F9AE02.roa
Signing time: Tue 20 Sep 2022 01:05:06 +0000
ROA not before: Tue 20 Sep 2022 01:05:06 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 4803
IP address blocks: 103.1.159.0/24 maxlen: 24
2001:df1:4640::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915087F/serialNumber=3A6DD4B70C4560EAC37E81E622CC43809F523B4B
Validity
Not Before: Sep 20 01:05:06 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=632911c1-f906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d7:10:f1:c4:55:5e:6e:72:23:32:a6:d9:fc:
f8:d4:a7:d8:28:67:b6:3d:5d:2f:78:93:26:c5:15:
84:f9:8c:bc:ee:70:3f:be:e2:c7:00:d8:8c:8d:b2:
f3:4a:1c:8f:44:76:57:df:4b:2d:6b:41:6d:ec:bf:
3f:8e:87:3b:73:5c:44:a0:05:22:3f:34:f4:5c:ce:
8c:73:93:de:1d:d7:a4:b2:ca:f7:d9:c2:21:e7:ab:
da:ee:fb:da:95:41:68:65:c8:78:93:76:b1:f2:76:
12:74:be:03:45:f4:7f:50:78:08:69:39:55:15:50:
19:b3:cd:ce:60:21:3e:6d:12:4b:34:fc:be:35:e8:
86:3e:cd:9a:e1:d6:4c:be:ed:32:1f:d1:d9:23:ae:
d3:76:2c:3f:eb:cd:72:69:88:46:d0:23:d2:7d:4d:
d2:7c:66:54:eb:0e:63:0a:e4:11:b4:5b:c1:70:74:
40:61:08:37:2d:d7:d3:d5:1d:03:63:1d:d9:35:39:
e5:fb:93:9f:5f:93:0e:d2:18:7c:cd:11:ed:59:b9:
16:a2:b4:ac:17:3e:7b:69:7f:42:28:60:c0:6f:4e:
97:12:dd:0f:35:8f:2e:22:32:4f:4d:c4:3e:15:a2:
34:35:09:27:d7:5a:9c:38:8d:5d:65:c8:78:a2:f3:
46:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:E8:8D:5C:24:ED:B0:96:08:E1:EB:22:09:28:30:A9:D8:01:23:95
X509v3 Authority Key Identifier:
keyid:3A:6D:D4:B7:0C:45:60:EA:C3:7E:81:E6:22:CC:43:80:9F:52:3B:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/Om3UtwxFYOrDfoHmIsxDgJ9SO0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Om3UtwxFYOrDfoHmIsxDgJ9SO0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915087F/F73196AA33E111EDB3A0EA58C4F9AE02/4371725E388011EDB3E3D23DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.159.0/24
IPv6:
2001:df1:4640::/48
Signature Algorithm: sha256WithRSAEncryption
12:31:53:5a:85:da:9e:1d:ca:e6:c0:ec:69:d8:fd:b0:98:b7:
85:3c:4a:66:af:d6:8c:67:dc:7d:2e:b1:a8:a6:29:3d:99:cd:
da:f8:5d:18:90:47:d8:25:d1:9f:53:61:9d:21:82:2d:6e:5d:
ef:3d:a5:2e:2a:e6:0e:bc:da:83:57:36:1b:8d:2b:7b:20:58:
28:b2:03:73:40:37:1f:55:c1:c8:d7:6f:0b:7e:66:f3:b4:f8:
7b:38:4f:8b:0a:97:09:a7:73:b3:23:fe:e7:c2:50:ea:9a:fb:
a7:56:76:78:1f:65:c9:0e:35:12:f4:80:5f:47:9e:55:d2:9f:
14:c5:d8:90:25:84:24:6b:62:87:c0:c2:32:ad:6c:40:d1:68:
7d:47:55:d2:37:2d:73:a7:52:2e:70:d7:c1:dd:81:03:f7:f0:
d1:6c:30:a2:4e:1f:d7:28:2d:1d:e1:36:3f:6d:7c:3a:bd:d6:
df:cf:97:87:42:81:27:7f:a4:2a:43:eb:de:d7:b5:9e:d1:f3:
71:bc:b9:15:8c:fb:9d:2a:3d:35:f8:38:4b:17:99:5c:1d:b1:
ef:64:ee:54:9a:4c:2a:dc:65:e3:ad:ba:ef:86:45:3b:bb:26:
84:cb:3b:1a:5c:d4:db:ab:4e:2c:b9:77:4e:00:95:aa:1f:b0:
5c:ef:24:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
MDg3RjExMC8GA1UEBRMoM0E2REQ0QjcwQzQ1NjBFQUMzN0U4MUU2MjJDQzQzODA5
RjUyM0I0QjAeFw0yMjA5MjAwMTA1MDZaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMjkxMWMxLWY5MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDL1xDxxFVebnIjMqbZ/PjUp9goZ7Y9XS94kybFFYT5jLzucD++4scA2IyNsvNK
HI9EdlffSy1rQW3svz+OhztzXESgBSI/NPRczoxzk94d16SyyvfZwiHnq9ru+9qV
QWhlyHiTdrHydhJ0vgNF9H9QeAhpOVUVUBmzzc5gIT5tEks0/L416IY+zZrh1ky+
7TIf0dkjrtN2LD/rzXJpiEbQI9J9TdJ8ZlTrDmMK5BG0W8FwdEBhCDct19PVHQNj
Hdk1OeX7k59fkw7SGHzNEe1ZuRaitKwXPntpf0IoYMBvTpcS3Q81jy4iMk9NxD4V
ojQ1CSfXWpw4jV1lyHii80YNAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU7uiNXCTt
sJYI4esiCSgwqdgBI5UwHwYDVR0jBBgwFoAUOm3UtwxFYOrDfoHmIsxDgJ9SO0sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUwODdGL0Y3MzE5NkFBMzNF
MTExRURCM0EwRUE1OEM0RjlBRTAyL09tM1V0d3hGWU9yRGZvSG1Jc3hEZ0o5U08w
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT20zVXR3eEZZT3JEZm9IbUlzeERnSjlTTzBzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MDg3Ri9GNzMxOTZBQTMzRTExMUVEQjNBMEVBNThDNEY5QUUwMi80MzcxNzI1RTM4
ODAxMUVEQjNFM0QyM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGcBnzAPBAIAAjAJAwcAIAEN8UZAMA0GCSqGSIb3DQEBCwUA
A4IBAQASMVNahdqeHcrmwOxp2P2wmLeFPEpmr9aMZ9x9LrGopik9mc3a+F0YkEfY
JdGfU2GdIYItbl3vPaUuKuYOvNqDVzYbjSt7IFgosgNzQDcfVcHI128LfmbztPh7
OE+LCpcJp3OzI/7nwlDqmvunVnZ4H2XJDjUS9IBfR55V0p8UxdiQJYQka2KHwMIy
rWxA0Wh9R1XSNy1zp1IucNfB3YED9/DRbDCiTh/XKC0d4TY/bXw6vdbfz5eHQoEn
f6QqQ+ve17We0fNxvLkVjPudKj01+DhLF5lcHbHvZO5Umkwq3GXjrbrvhkU7uyaE
yzsaXNTbq04suXdOAJWqH7Bc7yRz
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org