Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/251E65CAC25911EC9A26E286C4F9AE02.roa
File: 251E65CAC25911EC9A26E286C4F9AE02.roa (raw, json)
Hash identifier: WR1kMcpKAGLdUviFP6sQhzQYB0C04kyLg1roHnAjhV4=
Subject key identifier: 14:16:D6:D1:2B:B8:79:15:3C:EE:1A:BD:70:96:29:62:26:6D:E5:15
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0896
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/251E65CAC25911EC9A26E286C4F9AE02.roa
Signing time: Wed 27 Jul 2022 09:27:10 +0000
ROA not before: Wed 27 Jul 2022 09:27:10 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 24121
IP address blocks: 103.8.176.0/22 maxlen: 22
103.8.180.0/22 maxlen: 22
2407:b001::/32 maxlen: 32
2407:b001:1000::/40 maxlen: 40
2407:b001:3000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2198 (0x896)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Validity
Not Before: Jul 27 09:27:10 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=62e104ee-2b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e2:6a:3c:1b:5a:1c:bd:32:2b:01:1c:e9:d6:
7e:58:3b:55:cb:e8:21:5d:55:71:9c:04:0c:ee:f5:
b6:f8:c8:69:9e:e0:b2:f0:b3:0f:dc:a9:e3:0f:db:
e7:57:c2:67:f9:7d:68:17:20:b1:ea:2c:18:e0:1c:
a1:62:cf:65:f9:60:f2:83:17:9a:68:4f:d4:6a:99:
69:84:16:2b:b8:32:26:b4:a8:e5:dc:a9:a7:4c:73:
b9:b0:5f:7c:78:6c:d0:7e:97:b4:35:72:20:bd:05:
1e:04:44:ec:36:ce:91:05:24:58:82:0c:e5:10:b5:
08:9c:16:f0:2e:2f:28:42:c7:ae:3f:b8:d8:2e:0c:
c5:c5:f1:40:df:05:ba:cc:ed:26:c1:59:2b:90:44:
ef:fc:3a:15:c9:ee:45:39:f5:09:05:43:1b:75:5b:
4b:a6:a1:80:44:75:92:11:33:41:a1:48:fc:14:14:
68:20:2d:64:d1:9c:4f:7b:e0:9e:ef:b7:45:2d:4a:
f3:26:56:55:89:ea:4c:32:4c:15:9e:69:7c:7c:d9:
df:94:4e:f4:c5:f6:da:99:6b:7e:56:2a:b7:b5:f6:
29:d4:8e:94:e2:84:e9:d1:20:bc:18:7f:ce:d1:a4:
9b:ab:4b:25:0b:44:08:5a:0c:bf:7d:ad:5e:2f:c1:
3c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:16:D6:D1:2B:B8:79:15:3C:EE:1A:BD:70:96:29:62:26:6D:E5:15
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/251E65CAC25911EC9A26E286C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.8.176.0/21
IPv6:
2407:b001::/32
Signature Algorithm: sha256WithRSAEncryption
37:53:e8:64:dc:bf:be:2d:85:21:32:f5:b2:34:5f:66:93:08:
54:ba:9c:3b:6b:e9:89:9e:2e:69:50:57:e3:3b:41:3e:ed:5e:
8d:27:48:de:46:56:61:30:e9:7a:07:17:95:ab:a8:28:a7:e3:
9b:ea:b0:c9:a2:88:b4:ef:87:67:32:2f:1b:c3:45:98:b7:7a:
30:95:c0:d1:46:cf:fd:b9:d3:68:93:5a:a0:4e:b0:be:8a:f7:
ef:4d:ff:1a:14:4f:67:69:9f:29:8d:db:41:fb:20:53:2a:7e:
c8:2d:65:4a:ee:e1:8c:46:eb:1e:db:9b:c1:86:3c:d5:22:4f:
89:4c:0f:74:f4:85:62:95:c7:ed:35:29:f1:dd:02:e4:4a:36:
f0:af:42:e0:4d:8f:d7:34:7a:8d:7f:6c:a4:03:0a:56:60:5e:
af:39:7f:ed:8f:dc:39:8f:4b:a2:55:c1:34:c8:db:09:d4:cb:
61:2c:c7:67:90:c9:79:d5:24:ec:ac:24:0d:1a:c1:0b:52:d7:
e0:27:51:0e:57:67:02:86:d9:5b:f5:39:d5:f0:63:dd:4f:c0:
b2:84:31:40:48:5a:3c:6c:4d:fb:7c:8d:0e:30:b9:cd:a3:00:
2d:a3:99:56:58:e5:cf:0d:38:18:42:63:6a:a5:27:9f:f9:70:
a4:c7:8b:43
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjIwNzI3MDkyNzEwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmUxMDRlZS0yYjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyOJqPBtaHL0yKwEc6dZ+WDtVy+ghXVVxnAQM7vW2+MhpnuCy8LMP3KnjD9vn
V8Jn+X1oFyCx6iwY4ByhYs9l+WDygxeaaE/UaplphBYruDImtKjl3KmnTHO5sF98
eGzQfpe0NXIgvQUeBETsNs6RBSRYggzlELUInBbwLi8oQseuP7jYLgzFxfFA3wW6
zO0mwVkrkETv/DoVye5FOfUJBUMbdVtLpqGARHWSETNBoUj8FBRoIC1k0ZxPe+Ce
77dFLUrzJlZViepMMkwVnml8fNnflE70xfbamWt+Viq3tfYp1I6U4oTp0SC8GH/O
0aSbq0slC0QIWgy/fa1eL8E83wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBQW1tEr
uHkVPO4avXCWKWImbeUVMB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvMjUxRTY1Q0FD
MjU5MTFFQzlBMjZFMjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBANnCLAwDQQCAAIwBwMFACQHsAEwDQYJKoZIhvcNAQELBQAD
ggEBADdT6GTcv74thSEy9bI0X2aTCFS6nDtr6YmeLmlQV+M7QT7tXo0nSN5GVmEw
6XoHF5WrqCin45vqsMmiiLTvh2cyLxvDRZi3ejCVwNFGz/2502iTWqBOsL6K9+9N
/xoUT2dpnymN20H7IFMqfsgtZUru4YxG6x7bm8GGPNUiT4lMD3T0hWKVx+01KfHd
AuRKNvCvQuBNj9c0eo1/bKQDClZgXq85f+2P3DmPS6JVwTTI2wnUy2Esx2eQyXnV
JOysJA0awQtS1+AnUQ5XZwKG2Vv1OdXwY91PwLKEMUBIWjxsTft8jQ4wuc2jAC2j
mVZY5c8NOBhCY2qlJ5/5cKTHi0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org