Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/4D9BAAC6DA5411EDA5345D73C4F9AE02.roa
File: 4D9BAAC6DA5411EDA5345D73C4F9AE02.roa (raw, json)
Hash identifier: xLDSy6focAMTBTc3MPioHJc69duEE0qXq25QqqPcweE=
Subject key identifier: 1E:B6:09:04:D5:D8:39:66:4C:8E:D9:2E:B4:79:34:A3:22:97:74:B4
Certificate issuer: /CN=A9156CFE/serialNumber=03C7FFEE0CAF4925849E286EC0EFBB0C8B2A8E4F
Certificate serial: 081E
Authority key identifier: 03:C7:FF:EE:0C:AF:49:25:84:9E:28:6E:C0:EF:BB:0C:8B:2A:8E:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A8f_7gyvSSWEnihuwO-7DIsqjk8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/4D9BAAC6DA5411EDA5345D73C4F9AE02.roa
Signing time: Thu 13 Apr 2023 23:38:34 +0000
ROA not before: Thu 13 Apr 2023 23:38:34 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 133141
IP address blocks: 103.82.120.0/24 maxlen: 24
103.82.121.0/24 maxlen: 24
103.82.122.0/24 maxlen: 24
103.82.123.0/24 maxlen: 24
202.59.12.0/24 maxlen: 24
202.59.13.0/24 maxlen: 24
202.59.14.0/24 maxlen: 24
202.59.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2078 (0x81e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156CFE/serialNumber=03C7FFEE0CAF4925849E286EC0EFBB0C8B2A8E4F
Validity
Not Before: Apr 13 23:38:34 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64389279-a3e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:34:20:2b:12:53:44:ff:45:41:50:f4:df:99:
9d:12:90:0a:ac:be:59:42:6a:fb:e9:b2:ec:ed:6f:
1d:93:d1:55:ed:9a:71:6d:0b:ea:dc:56:23:ba:a9:
fa:d1:d0:c1:73:09:7a:4a:fa:9b:7e:0f:39:fd:41:
5c:b0:a8:0a:95:bb:e6:04:f1:4b:bc:cd:1f:c1:e1:
56:a8:da:20:45:81:52:6d:4e:7c:db:0f:ec:c7:f6:
2b:45:42:d1:3b:e9:fa:fb:45:53:35:ae:3a:43:03:
78:73:c7:35:88:40:c3:65:34:fc:ab:d1:1b:b3:2e:
5a:10:34:25:59:c1:97:e1:82:70:ef:5e:36:ad:89:
88:5a:be:0e:f0:10:4d:5c:d6:eb:51:b3:a6:7b:6f:
76:54:9d:6d:61:3a:25:8b:e5:7a:02:3d:3e:ba:d3:
d8:02:a7:4f:b5:b5:63:f5:5c:c8:5f:f0:7b:4a:1d:
72:b7:05:4c:4f:47:c4:26:6e:c8:08:1f:50:80:c8:
d5:e8:3d:05:5d:45:67:3c:a5:5f:f3:f5:0c:fc:0c:
1e:16:83:5a:01:db:22:79:a6:2a:15:7d:c8:48:e2:
fe:62:63:4f:1b:c3:6f:12:90:4d:44:70:49:52:2e:
df:43:09:2f:eb:80:ad:5f:61:68:c2:43:eb:94:89:
ab:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B6:09:04:D5:D8:39:66:4C:8E:D9:2E:B4:79:34:A3:22:97:74:B4
X509v3 Authority Key Identifier:
keyid:03:C7:FF:EE:0C:AF:49:25:84:9E:28:6E:C0:EF:BB:0C:8B:2A:8E:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/A8f_7gyvSSWEnihuwO-7DIsqjk8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A8f_7gyvSSWEnihuwO-7DIsqjk8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/4D9BAAC6DA5411EDA5345D73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.120.0/22
202.59.12.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:ab:7e:8d:13:0f:40:b3:18:55:d9:cc:06:5e:39:61:a7:98:
69:b1:e3:e4:53:6c:f1:eb:22:3e:ed:10:59:bd:2c:c4:a1:e0:
b3:1c:a0:f8:2b:a2:60:22:af:97:6c:c6:55:b2:7a:ea:bb:08:
0b:71:fb:d9:6d:5c:1e:99:1d:b0:9a:f6:04:78:31:49:ec:b4:
9b:c0:27:11:ef:f5:55:43:ac:7b:dc:db:7b:2e:22:6c:eb:8a:
bf:32:9f:1c:3e:94:25:0d:85:c4:fe:23:1a:24:80:86:66:15:
06:2f:70:33:7e:fd:d2:42:8f:22:c4:4e:03:56:c7:53:80:d2:
a0:25:6d:b3:d0:6a:2d:42:f8:b0:63:85:4c:96:8f:c7:58:d6:
89:a7:ef:1e:a0:f9:bc:15:a2:63:70:1a:2e:0b:8a:68:71:21:
d1:8d:f7:bc:1f:79:4a:43:60:24:87:37:74:71:4b:b2:cc:1b:
f8:03:ff:c7:74:cc:ec:3e:61:04:7b:0a:02:9f:46:ef:18:29:
89:28:59:f8:4e:b3:1f:cb:15:86:26:b7:74:09:d8:19:1a:9d:
f4:31:e9:5c:02:8b:25:0f:7a:d7:5f:fa:3c:fb:0c:5d:59:a5:
2a:5a:d9:a4:cf:a8:2e:de:04:c5:5c:b4:ed:01:82:5a:42:7b:
77:76:fd:d3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCB4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTZDRkUxMTAvBgNVBAUTKDAzQzdGRkVFMENBRjQ5MjU4NDlFMjg2RUMwRUZCQjBD
OEIyQThFNEYwHhcNMjMwNDEzMjMzODM0WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM4OTI3OS1hM2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzQgKxJTRP9FQVD035mdEpAKrL5ZQmr76bLs7W8dk9FV7ZpxbQvq3FYjuqn6
0dDBcwl6Svqbfg85/UFcsKgKlbvmBPFLvM0fweFWqNogRYFSbU582w/sx/YrRULR
O+n6+0VTNa46QwN4c8c1iEDDZTT8q9Ebsy5aEDQlWcGX4YJw7142rYmIWr4O8BBN
XNbrUbOme292VJ1tYToli+V6Aj0+utPYAqdPtbVj9VzIX/B7Sh1ytwVMT0fEJm7I
CB9QgMjV6D0FXUVnPKVf8/UM/AweFoNaAdsieaYqFX3ISOL+YmNPG8NvEpBNRHBJ
Ui7fQwkv64CtX2FowkPrlImr8wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB62CQTV
2DlmTI7ZLrR5NKMil3S0MB8GA1UdIwQYMBaAFAPH/+4Mr0klhJ4obsDvuwyLKo5P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NkNGRS9CMzkwMzE3MDhB
QjIxMUVBQjAyMjE5M0NDNEY5QUUwMi9BOGZfN2d5dlNTV0VuaWh1d08tN0RJc3Fq
azguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0E4Zl83Z3l2U1NXRW5paHV3Ty03RElzcWprOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTZDRkUvQjM5MDMxNzA4QUIyMTFFQUIwMjIxOTNDQzRGOUFFMDIvNEQ5QkFBQzZE
QTU0MTFFREE1MzQ1RDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUngDBALKOwwwDQYJKoZIhvcNAQELBQADggEBAByrfo0T
D0CzGFXZzAZeOWGnmGmx4+RTbPHrIj7tEFm9LMSh4LMcoPgromAir5dsxlWyeuq7
CAtx+9ltXB6ZHbCa9gR4MUnstJvAJxHv9VVDrHvc23suImzrir8ynxw+lCUNhcT+
IxokgIZmFQYvcDN+/dJCjyLETgNWx1OA0qAlbbPQai1C+LBjhUyWj8dY1omn7x6g
+bwVomNwGi4LimhxIdGN97wfeUpDYCSHN3RxS7LMG/gD/8d0zOw+YQR7CgKfRu8Y
KYkoWfhOsx/LFYYmt3QJ2BkanfQx6VwCiyUPetdf+jz7DF1ZpSpa2aTPqC7eBMVc
tO0BglpCe3d2/dM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org