Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150CF3/028F9EFE2E8611ED9D2EDC4DC4F9AE02/4BDF1E9C2E8911EDAF9A0C54C4F9AE02.roa
File: 4BDF1E9C2E8911EDAF9A0C54C4F9AE02.roa (raw, json)
Hash identifier: djmhjSImxiXihkmaG1LQd9y1X77i4hbwPG2Xe6Ks6Mc=
Subject key identifier: 66:51:E3:B5:71:31:EE:17:C2:12:A1:B6:98:CD:14:04:22:94:16:45
Certificate issuer: /CN=A9150CF3/serialNumber=7A3E426C96257BDF243C3C63B78038340525C2A9
Certificate serial: 02
Authority key identifier: 7A:3E:42:6C:96:25:7B:DF:24:3C:3C:63:B7:80:38:34:05:25:C2:A9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ej5CbJYle98kPDxjt4A4NAUlwqk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150CF3/028F9EFE2E8611ED9D2EDC4DC4F9AE02/4BDF1E9C2E8911EDAF9A0C54C4F9AE02.roa
Signing time: Wed 07 Sep 2022 08:44:34 +0000
ROA not before: Wed 07 Sep 2022 08:44:34 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 135598
IP address blocks: 103.69.128.0/24 maxlen: 24
103.69.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150CF3/serialNumber=7A3E426C96257BDF243C3C63B78038340525C2A9
Validity
Not Before: Sep 7 08:44:34 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=631859f1-6b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a2:64:f7:ef:d3:94:bc:91:c6:47:64:d0:51:
0c:ad:cf:3d:43:fe:9e:5e:06:33:48:bb:48:40:db:
fd:67:be:04:61:07:54:ab:7d:60:cd:3f:3e:c2:3f:
2a:6a:7a:48:ca:e9:58:91:bb:5b:68:b4:9f:6d:bb:
1b:11:38:a2:3f:63:eb:30:93:ba:d8:82:dc:a0:ca:
0e:a4:5d:ce:b4:78:40:10:02:94:a9:31:df:c1:10:
9c:a4:a6:a1:a7:21:56:6d:1d:be:f3:8f:8d:2e:d3:
5b:e3:a1:2e:10:70:49:90:6d:73:a7:54:37:6d:b7:
94:57:ed:ac:b4:72:7d:1f:78:f9:06:91:a1:48:7a:
42:38:a1:91:00:5c:23:8f:06:31:be:2b:3a:d3:f6:
5b:7d:32:db:09:fc:4d:30:ea:d9:ee:8e:c1:f0:46:
9d:a2:11:5c:9d:7c:8b:86:b3:fb:84:d5:f1:4f:7e:
b2:39:d5:4a:b7:dd:51:7f:61:75:c9:13:ce:c0:e3:
4d:09:99:2f:4e:33:0f:b0:dd:b5:21:49:3a:52:45:
bf:4e:43:32:13:3e:4a:78:ea:ea:37:51:e0:c7:8c:
5f:c9:ea:dc:f1:23:88:54:d5:1b:51:8b:91:b8:db:
65:18:dd:ed:83:50:5c:42:e7:1e:1a:f3:9a:20:84:
1b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:51:E3:B5:71:31:EE:17:C2:12:A1:B6:98:CD:14:04:22:94:16:45
X509v3 Authority Key Identifier:
keyid:7A:3E:42:6C:96:25:7B:DF:24:3C:3C:63:B7:80:38:34:05:25:C2:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150CF3/028F9EFE2E8611ED9D2EDC4DC4F9AE02/ej5CbJYle98kPDxjt4A4NAUlwqk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ej5CbJYle98kPDxjt4A4NAUlwqk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150CF3/028F9EFE2E8611ED9D2EDC4DC4F9AE02/4BDF1E9C2E8911EDAF9A0C54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.128.0/23
Signature Algorithm: sha256WithRSAEncryption
89:bd:4c:a4:81:c7:66:c8:24:89:c9:f8:d6:5d:50:e8:b0:44:
64:55:ee:46:32:29:e1:40:b9:fe:fa:86:c4:c6:1a:0d:c0:db:
38:1e:55:f4:5d:4a:e3:39:d5:a6:c1:64:00:af:89:dc:cf:50:
f7:f3:0b:29:1c:d0:4a:7d:33:5c:f4:e7:7d:78:f2:ea:18:54:
0d:b3:be:ba:ce:08:79:5a:cb:8e:29:74:38:2b:46:3f:80:77:
4f:d1:96:28:77:50:81:86:26:83:a9:d0:d3:45:a3:bd:4f:aa:
c6:57:90:e1:7d:66:55:e1:a5:79:c0:73:60:12:16:2f:d4:73:
5a:3c:55:2b:81:43:6a:cd:83:1d:85:99:ab:18:e8:ea:d0:95:
cc:a4:2a:5c:a4:6b:b9:1d:93:76:00:e1:ae:ac:f3:be:30:9d:
99:78:69:5a:86:c4:42:94:ae:18:00:d9:bc:e2:16:b1:2b:c2:
2b:7c:d0:97:44:17:fd:fc:f4:fe:9a:81:e0:1b:26:92:96:2d:
5d:64:78:1e:39:7b:39:1e:6c:9c:8e:2e:0d:2f:64:b5:be:d7:
36:d7:ab:b7:53:75:95:9d:a9:6c:fb:cc:57:08:be:2e:0b:6b:
8d:45:a0:99:a6:45:25:14:8f:fb:4d:49:25:1a:73:9d:b6:28:
fd:f4:8d:24
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
MENGMzExMC8GA1UEBRMoN0EzRTQyNkM5NjI1N0JERjI0M0MzQzYzQjc4MDM4MzQw
NTI1QzJBOTAeFw0yMjA5MDcwODQ0MzRaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMTg1OWYxLTZiNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoomT379OUvJHGR2TQUQytzz1D/p5eBjNIu0hA2/1nvgRhB1SrfWDNPz7CPypq
ekjK6ViRu1totJ9tuxsROKI/Y+swk7rYgtygyg6kXc60eEAQApSpMd/BEJykpqGn
IVZtHb7zj40u01vjoS4QcEmQbXOnVDdtt5RX7ay0cn0fePkGkaFIekI4oZEAXCOP
BjG+KzrT9lt9MtsJ/E0w6tnujsHwRp2iEVydfIuGs/uE1fFPfrI51Uq33VF/YXXJ
E87A400JmS9OMw+w3bUhSTpSRb9OQzITPkp46uo3UeDHjF/J6tzxI4hU1RtRi5G4
22UY3e2DUFxC5x4a85oghBuFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZlHjtXEx
7hfCEqG2mM0UBCKUFkUwHwYDVR0jBBgwFoAUej5CbJYle98kPDxjt4A4NAUlwqkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUwQ0YzLzAyOEY5RUZFMkU4
NjExRUQ5RDJFREM0REM0RjlBRTAyL2VqNUNiSllsZTk4a1BEeGp0NEE0TkFVbHdx
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZWo1Q2JKWWxlOThrUER4anQ0QTROQVVsd3FrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MENGMy8wMjhGOUVGRTJFODYxMUVEOUQyRURDNERDNEY5QUUwMi80QkRGMUU5QzJF
ODkxMUVEQUY5QTBDNTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdFgDANBgkqhkiG9w0BAQsFAAOCAQEAib1MpIHHZsgkicn4
1l1Q6LBEZFXuRjIp4UC5/vqGxMYaDcDbOB5V9F1K4znVpsFkAK+J3M9Q9/MLKRzQ
Sn0zXPTnfXjy6hhUDbO+us4IeVrLjil0OCtGP4B3T9GWKHdQgYYmg6nQ00WjvU+q
xleQ4X1mVeGlecBzYBIWL9RzWjxVK4FDas2DHYWZqxjo6tCVzKQqXKRruR2TdgDh
rqzzvjCdmXhpWobEQpSuGADZvOIWsSvCK3zQl0QX/fz0/pqB4BsmkpYtXWR4Hjl7
OR5snI4uDS9ktb7XNtert1N1lZ2pbPvMVwi+LgtrjUWgmaZFJRSP+01JJRpznbYo
/fSNJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:59 2024 by rpki-client on console-ams.rpki-client.org