Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/CC23CD60299C11ED87FEA42DC4F9AE02.roa
File: CC23CD60299C11ED87FEA42DC4F9AE02.roa (raw, json)
Hash identifier: qEyB1odlOQJXPIf1gNDrljYR73AIs7BZXgCJxxE2DlE=
Subject key identifier: 4A:64:5A:18:CC:3B:86:5E:A7:C4:90:4A:81:AF:A0:24:9B:F7:D2:53
Certificate issuer: /CN=A915AF7A/serialNumber=6880D323AA3F2D5146050640F321A6129000DF03
Certificate serial: 03D8
Authority key identifier: 68:80:D3:23:AA:3F:2D:51:46:05:06:40:F3:21:A6:12:90:00:DF:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIDTI6o_LVFGBQZA8yGmEpAA3wM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/CC23CD60299C11ED87FEA42DC4F9AE02.roa
Signing time: Mon 05 Sep 2022 12:01:14 +0000
ROA not before: Mon 05 Sep 2022 12:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139300
IP address blocks: 103.167.40.0/24 maxlen: 24
103.167.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 984 (0x3d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915AF7A/serialNumber=6880D323AA3F2D5146050640F321A6129000DF03
Validity
Not Before: Sep 5 12:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6315e509-e900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:94:77:9e:57:14:71:e8:9a:16:dc:ab:1c:6d:
40:23:50:7e:9e:18:b8:32:d1:02:d0:4e:ba:b6:75:
cb:be:0e:86:a3:c5:63:8f:b9:f6:e6:2b:71:b9:c3:
19:18:5e:ac:d3:8e:d6:de:b3:24:7f:38:b4:91:3c:
cd:1a:2b:a8:0a:45:52:f1:f0:bd:e5:2e:99:8e:5f:
7c:64:1b:62:4e:28:57:f9:15:57:2d:fb:9e:ab:c2:
f8:e3:e4:f9:a2:6c:e5:6a:52:57:9b:71:07:97:f2:
bc:a2:e6:cb:da:c5:90:65:35:62:44:87:04:fe:1e:
94:fb:58:2f:e8:e8:30:15:c2:d1:21:90:8b:47:88:
bc:ef:e4:60:6c:11:fb:b3:50:70:d7:5e:ba:3e:c6:
e8:b0:d2:e1:f3:90:11:2a:b4:e5:ca:a3:47:57:89:
6a:f0:d5:47:38:a6:95:5b:7e:18:62:6f:09:88:15:
dc:8a:0d:7f:db:c7:6e:d7:2f:81:4a:8d:82:26:36:
01:ef:0d:dc:9b:7d:bb:05:9e:58:4f:5b:20:e9:8b:
31:db:1d:68:1f:d0:94:84:e8:1a:3d:dc:d6:d6:c1:
d4:8d:c4:cc:3c:34:a3:0b:e0:f0:5f:76:30:01:ae:
01:66:87:46:66:08:70:4c:c7:d2:4e:d2:e0:1d:87:
2f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:64:5A:18:CC:3B:86:5E:A7:C4:90:4A:81:AF:A0:24:9B:F7:D2:53
X509v3 Authority Key Identifier:
keyid:68:80:D3:23:AA:3F:2D:51:46:05:06:40:F3:21:A6:12:90:00:DF:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/aIDTI6o_LVFGBQZA8yGmEpAA3wM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIDTI6o_LVFGBQZA8yGmEpAA3wM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AF7A/E0533336BAC911EBB807D51CC4F9AE02/CC23CD60299C11ED87FEA42DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.40.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:05:42:cb:bb:93:be:e4:f5:90:7a:7f:f8:9b:ca:ae:6b:d5:
e4:55:16:f8:3d:ad:c2:a2:c0:fd:b7:81:47:07:83:1e:16:52:
6a:f2:7d:84:55:84:79:17:8b:74:4a:ef:bf:28:59:bd:36:ed:
2e:87:fc:b9:08:0d:fa:d7:94:ba:d0:04:42:28:a7:01:90:f5:
05:c3:da:b7:d0:ab:b1:ba:8b:90:23:0f:a4:14:b1:6b:d0:04:
30:29:2f:7a:7c:c6:4c:33:17:5f:91:53:6d:fe:f9:2b:d0:b7:
ec:97:cd:a1:3b:cf:5d:d0:f6:bf:98:70:3e:55:c0:fb:0c:8a:
d9:51:b2:dd:36:34:3c:7e:45:3c:23:08:da:28:c8:93:cd:5f:
65:84:d1:24:af:e9:1f:92:8f:6b:e0:49:0c:19:ce:98:78:2a:
2d:7a:b7:58:dd:ca:5c:9c:8e:17:25:28:33:43:0f:b1:8c:7f:
77:e1:39:f2:4e:98:6a:7d:85:65:0f:cf:97:cd:31:7a:2a:4e:
57:f5:f3:c3:39:1a:0e:07:cf:56:db:3c:66:47:0e:2b:41:03:
44:e7:44:0e:e9:2f:4f:3f:c7:b0:a1:6d:b8:e1:b3:5e:47:22:
24:52:89:80:f5:79:df:58:aa:ad:e8:a8:47:8f:37:8c:e8:87:
e3:30:0f:7c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFGN0ExMTAvBgNVBAUTKDY4ODBEMzIzQUEzRjJENTE0NjA1MDY0MEYzMjFBNjEy
OTAwMERGMDMwHhcNMjIwOTA1MTIwMTE0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE1ZTUwOS1lOTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAspR3nlcUceiaFtyrHG1AI1B+nhi4MtEC0E66tnXLvg6Go8Vjj7n25itxucMZ
GF6s047W3rMkfzi0kTzNGiuoCkVS8fC95S6Zjl98ZBtiTihX+RVXLfueq8L44+T5
omzlalJXm3EHl/K8oubL2sWQZTViRIcE/h6U+1gv6OgwFcLRIZCLR4i87+RgbBH7
s1Bw1166PsbosNLh85ARKrTlyqNHV4lq8NVHOKaVW34YYm8JiBXcig1/28du1y+B
So2CJjYB7w3cm327BZ5YT1sg6Ysx2x1oH9CUhOgaPdzW1sHUjcTMPDSjC+DwX3Yw
Aa4BZodGZghwTMfSTtLgHYcvYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEpkWhjM
O4Zep8SQSoGvoCSb99JTMB8GA1UdIwQYMBaAFGiA0yOqPy1RRgUGQPMhphKQAN8D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUY3QS9FMDUzMzMzNkJB
QzkxMUVCQjgwN0Q1MUNDNEY5QUUwMi9hSURUSTZvX0xWRkdCUVpBOHlHbUVwQUEz
d00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FJRFRJNm9fTFZGR0JRWkE4eUdtRXBBQTN3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFGN0EvRTA1MzMzMzZCQUM5MTFFQkI4MDdENTFDQzRGOUFFMDIvQ0MyM0NENjAy
OTlDMTFFRDg3RkVBNDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnpygwDQYJKoZIhvcNAQELBQADggEBAEoFQsu7k77k9ZB6
f/ibyq5r1eRVFvg9rcKiwP23gUcHgx4WUmryfYRVhHkXi3RK778oWb027S6H/LkI
DfrXlLrQBEIopwGQ9QXD2rfQq7G6i5AjD6QUsWvQBDApL3p8xkwzF1+RU23++SvQ
t+yXzaE7z13Q9r+YcD5VwPsMitlRst02NDx+RTwjCNooyJPNX2WE0SSv6R+Sj2vg
SQwZzph4Ki16t1jdylycjhclKDNDD7GMf3fhOfJOmGp9hWUPz5fNMXoqTlf188M5
Gg4Hz1bbPGZHDitBA0TnRA7pL08/x7Chbbjhs15HIiRSiYD1ed9Yqq3oqEePN4zo
h+MwD3w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-ams.rpki-client.org