Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/CAF950AE299C11ED87FEA42DC4F9AE02.roa
File: CAF950AE299C11ED87FEA42DC4F9AE02.roa (raw, json)
Hash identifier: cRxIkQwI8JGInMKlExGNJ5+1TuAaHy7WsvJDwGwRDa8=
Subject key identifier: 22:93:FB:28:0B:DA:00:9E:07:D0:DA:A4:BE:1D:99:5F:B3:AC:08:DB
Certificate issuer: /CN=A915AF7A/serialNumber=6880D323AA3F2D5146050640F321A6129000DF03
Certificate serial: 03D4
Authority key identifier: 68:80:D3:23:AA:3F:2D:51:46:05:06:40:F3:21:A6:12:90:00:DF:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIDTI6o_LVFGBQZA8yGmEpAA3wM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/CAF950AE299C11ED87FEA42DC4F9AE02.roa
Signing time: Sun 04 Sep 2022 14:01:38 +0000
ROA not before: Sun 04 Sep 2022 14:01:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137449
IP address blocks: 103.167.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 980 (0x3d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915AF7A/serialNumber=6880D323AA3F2D5146050640F321A6129000DF03
Validity
Not Before: Sep 4 14:01:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6314afc2-7e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cc:8d:6a:7e:f3:dd:15:5b:2e:5a:b5:57:fd:
2f:04:0b:c2:6c:c4:b5:d0:7c:60:e1:2d:4f:bf:8d:
82:7e:33:6f:7e:48:2f:a8:31:0b:08:2b:6d:4f:7b:
43:2b:e7:3e:66:27:17:9a:3d:ed:07:6a:06:41:63:
0f:a5:d4:4e:2d:8e:57:c0:16:1d:ef:78:d8:0f:01:
b7:61:f7:ab:74:7a:f4:ea:8e:a6:03:a5:88:c1:58:
92:37:18:35:3c:65:0d:05:9f:5d:cc:af:ff:77:4a:
08:dd:d1:5d:c2:14:15:d8:05:fb:af:e7:e0:aa:4e:
b1:8d:a2:fb:6e:e3:46:83:a9:41:d8:58:f0:a4:be:
38:24:4e:0d:cd:69:8d:9b:c7:56:33:e0:55:0f:9a:
c3:72:b2:4b:43:33:52:86:2e:b9:f2:95:7e:25:f7:
01:12:37:32:7f:13:44:37:7c:7f:9c:9a:c9:0a:f9:
13:4e:75:d5:db:ce:35:f1:1d:48:3b:63:3d:dd:23:
d9:19:37:02:1a:ea:37:dc:9b:77:ad:4b:5e:e3:d2:
2f:c8:17:73:5f:4e:1c:d3:66:bb:2d:05:4b:86:ed:
b1:53:37:c3:06:cf:b7:c8:aa:16:08:6c:40:f2:f6:
3b:9e:62:3d:07:8d:17:93:51:76:04:3b:64:ba:06:
7a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:93:FB:28:0B:DA:00:9E:07:D0:DA:A4:BE:1D:99:5F:B3:AC:08:DB
X509v3 Authority Key Identifier:
keyid:68:80:D3:23:AA:3F:2D:51:46:05:06:40:F3:21:A6:12:90:00:DF:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/aIDTI6o_LVFGBQZA8yGmEpAA3wM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIDTI6o_LVFGBQZA8yGmEpAA3wM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/CAF950AE299C11ED87FEA42DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.40.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c4:dd:a5:56:f6:ec:0b:4b:45:7b:f5:4e:3e:c4:7f:63:36:
7b:a5:67:c1:f9:21:f7:c0:70:5d:ee:95:aa:27:3d:97:8e:8d:
52:9a:72:53:9e:0f:cf:1c:f5:b0:ee:ab:55:b8:00:4e:6d:4c:
b7:92:26:ac:b5:34:08:6e:1d:81:6e:31:7d:9e:25:8f:af:5e:
da:0d:e8:26:f0:3b:d8:34:5a:bd:44:66:e8:6b:cf:7f:f1:d4:
a1:3b:1d:61:c3:66:c0:6e:67:f1:1e:17:11:28:10:40:54:b7:
2a:32:7f:44:9c:47:09:5f:ae:a5:00:64:0f:52:db:87:d9:55:
82:8e:3f:5f:99:dc:62:51:d1:83:2f:45:a4:f9:f7:ae:e3:60:
40:3f:9c:a0:bb:64:31:70:3f:19:1e:58:96:18:48:e6:d0:db:
13:bc:83:66:dc:70:1e:4c:7a:0e:70:74:65:10:fd:b4:78:cc:
42:5e:51:9e:e8:7d:6a:be:a4:5b:1e:de:3b:fe:94:90:06:f2:
dc:f1:c0:1a:6b:82:22:f3:4a:b5:62:47:7e:a2:7d:55:57:95:
44:49:35:d5:48:df:57:95:a8:f7:e3:09:f7:13:14:d4:15:0a:
68:ab:c8:9c:19:58:7e:67:ec:c5:4a:1a:6a:ba:06:5e:ce:da:
00:7c:47:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA9QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFGN0ExMTAvBgNVBAUTKDY4ODBEMzIzQUEzRjJENTE0NjA1MDY0MEYzMjFBNjEy
OTAwMERGMDMwHhcNMjIwOTA0MTQwMTM4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE0YWZjMi03ZTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxsyNan7z3RVbLlq1V/0vBAvCbMS10Hxg4S1Pv42CfjNvfkgvqDELCCttT3tD
K+c+ZicXmj3tB2oGQWMPpdROLY5XwBYd73jYDwG3YferdHr06o6mA6WIwViSNxg1
PGUNBZ9dzK//d0oI3dFdwhQV2AX7r+fgqk6xjaL7buNGg6lB2FjwpL44JE4NzWmN
m8dWM+BVD5rDcrJLQzNShi658pV+JfcBEjcyfxNEN3x/nJrJCvkTTnXV28418R1I
O2M93SPZGTcCGuo33Jt3rUte49IvyBdzX04c02a7LQVLhu2xUzfDBs+3yKoWCGxA
8vY7nmI9B40Xk1F2BDtkugZ6kQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCKT+ygL
2gCeB9DapL4dmV+zrAjbMB8GA1UdIwQYMBaAFGiA0yOqPy1RRgUGQPMhphKQAN8D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUY3QS9FMDUzMzMzNkJB
QzkxMUVCQjgwN0Q1MUNDNEY5QUUwMi9hSURUSTZvX0xWRkdCUVpBOHlHbUVwQUEz
d00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FJRFRJNm9fTFZGR0JRWkE4eUdtRXBBQTN3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFGN0EvRTA1MzMzMzZCQUM5MTFFQkI4MDdENTFDQzRGOUFFMDIvQ0FGOTUwQUUy
OTlDMTFFRDg3RkVBNDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpygwDQYJKoZIhvcNAQELBQADggEBACfE3aVW9uwLS0V7
9U4+xH9jNnulZ8H5IffAcF3ulaonPZeOjVKaclOeD88c9bDuq1W4AE5tTLeSJqy1
NAhuHYFuMX2eJY+vXtoN6CbwO9g0Wr1EZuhrz3/x1KE7HWHDZsBuZ/EeFxEoEEBU
tyoyf0ScRwlfrqUAZA9S24fZVYKOP1+Z3GJR0YMvRaT5967jYEA/nKC7ZDFwPxke
WJYYSObQ2xO8g2bccB5Meg5wdGUQ/bR4zEJeUZ7ofWq+pFse3jv+lJAG8tzxwBpr
giLzSrViR36ifVVXlURJNdVI31eVqPfjCfcTFNQVCmiryJwZWH5n7MVKGmq6Bl7O
2gB8R5g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org