Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/1EDA76FCA3E711ED800D3012C4F9AE02.roa
File: 1EDA76FCA3E711ED800D3012C4F9AE02.roa (raw, json)
Hash identifier: K8hZfmRRXzEoD8P6TBeUE/Qnxuc8pKIEid8zyGmy4w8=
Subject key identifier: CE:63:0C:05:CF:6C:10:F9:E5:0C:05:4D:D7:A2:42:61:DB:EA:3D:19
Certificate issuer: /CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Certificate serial: 32F9
Authority key identifier: 63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/1EDA76FCA3E711ED800D3012C4F9AE02.roa
Signing time: Fri 03 Feb 2023 17:20:57 +0000
ROA not before: Fri 03 Feb 2023 17:20:57 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 51765
IP address blocks: 103.21.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13049 (0x32f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Validity
Not Before: Feb 3 17:20:57 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63dd4279-fbd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bb:ac:07:3e:78:c3:55:77:ef:66:d1:8a:9b:
a0:3b:31:e2:ad:f4:41:0a:7e:17:41:8e:4a:e1:fb:
d2:b4:6f:55:d4:dc:05:de:24:e0:66:03:33:f2:26:
53:48:eb:6b:fb:8e:ad:80:36:d5:16:2d:7b:c9:13:
90:e3:dd:c5:fd:dc:ee:c6:ad:e2:4f:f4:0b:47:97:
83:3a:ab:6c:4a:f9:fa:27:00:11:44:b3:13:3a:2b:
7e:39:eb:88:3b:18:b3:76:3f:ea:27:6e:59:b7:fe:
34:63:54:36:ef:db:34:4f:28:17:8a:75:4f:cb:da:
98:e9:43:a1:7d:93:d9:02:cc:0f:78:96:bb:78:f9:
60:71:e8:88:a7:37:1d:7d:86:21:87:30:dc:f5:d1:
35:62:6c:55:44:84:98:1d:81:70:5b:87:14:53:d3:
9c:a3:46:c0:5b:b2:6c:b0:4c:36:9f:a9:eb:2e:2d:
80:6f:62:11:bf:51:7b:6a:c3:71:47:c1:b2:0e:d1:
12:b5:b4:9e:b4:b4:ad:c7:f4:12:9f:ca:ec:a2:36:
f1:4f:1b:52:10:19:50:a6:74:74:b8:3c:dc:8b:72:
1e:52:9f:81:97:29:12:01:1c:ba:df:3c:73:db:47:
3d:a3:c2:63:5a:79:6c:c5:37:93:c8:d8:e2:e9:43:
bf:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:63:0C:05:CF:6C:10:F9:E5:0C:05:4D:D7:A2:42:61:DB:EA:3D:19
X509v3 Authority Key Identifier:
keyid:63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/1EDA76FCA3E711ED800D3012C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.138.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ac:a3:a1:51:ac:8e:1f:b3:a1:28:bf:68:0a:3d:0b:b9:8d:
40:d9:26:b4:3a:46:b8:f6:54:5c:25:03:25:5f:d7:50:e6:3d:
0c:8f:59:00:a9:ff:a9:ed:d4:b4:43:88:67:70:4d:15:e8:b4:
49:e1:70:c4:02:a4:a5:e6:c4:f5:2c:12:4e:08:0f:1c:be:8d:
d7:9e:5f:7e:5d:b6:3a:fd:40:c1:1f:bc:7c:b8:4e:55:c0:e2:
fd:d5:c6:af:f8:b7:59:26:7f:30:10:a0:da:dc:3b:1e:01:7c:
e4:1a:67:9f:a5:4d:e1:85:60:b7:e9:39:7e:ad:fe:cf:a0:6e:
d0:3a:75:88:e8:3b:61:b3:46:1d:8e:59:60:74:19:ba:a7:69:
d5:c7:eb:96:34:ec:33:e9:d4:61:f9:bb:c7:4c:c2:4a:99:0e:
a2:05:88:14:a4:8d:b5:6d:51:d3:b9:2b:1d:44:02:49:84:f9:
f6:45:19:04:b1:a4:c0:12:9e:89:79:17:ac:24:31:77:c8:5a:
1b:29:82:3b:1c:70:40:8a:98:8b:36:14:15:ec:51:6f:0b:ab:
34:f6:07:52:3e:05:30:a6:db:30:cf:8a:a5:ee:6a:be:51:a5:
9c:80:42:2f:99:59:b4:ff:43:dc:4b:08:8c:0a:3f:fe:72:eb:
a6:e4:51:26
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNzYxMTAvBgNVBAUTKDYzRUM0RTYzODBGQUFFQTUxMTA3RTlDNDBDMkYxMDU4
RTA4Rjg1NkUwHhcNMjMwMjAzMTcyMDU3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RkNDI3OS1mYmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA57usBz54w1V372bRipugOzHirfRBCn4XQY5K4fvStG9V1NwF3iTgZgMz8iZT
SOtr+46tgDbVFi17yROQ493F/dzuxq3iT/QLR5eDOqtsSvn6JwARRLMTOit+OeuI
Oxizdj/qJ25Zt/40Y1Q279s0TygXinVPy9qY6UOhfZPZAswPeJa7ePlgceiIpzcd
fYYhhzDc9dE1YmxVRISYHYFwW4cUU9Oco0bAW7JssEw2n6nrLi2Ab2IRv1F7asNx
R8GyDtEStbSetLStx/QSn8rsojbxTxtSEBlQpnR0uDzci3IeUp+BlykSARy63zxz
20c9o8JjWnlsxTeTyNji6UO/kQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM5jDAXP
bBD55QwFTdeiQmHb6j0ZMB8GA1UdIwQYMBaAFGPsTmOA+q6lEQfpxAwvEFjgj4Vu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY3Ni85NDRFMzg5MjFE
QUIxMUUyQkIzMENBQTkwOEIwMkNEMi9ZLXhPWTRENnJxVVJCLW5FREM4UVdPQ1Bo
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1kteE9ZNEQ2cnFVUkItbkVEQzhRV09DUGhXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNzYvOTQ0RTM4OTIxREFCMTFFMkJCMzBDQUE5MDhCMDJDRDIvMUVEQTc2RkNB
M0U3MTFFRDgwMEQzMDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnFYowDQYJKoZIhvcNAQELBQADggEBAK2so6FRrI4fs6Eo
v2gKPQu5jUDZJrQ6Rrj2VFwlAyVf11DmPQyPWQCp/6nt1LRDiGdwTRXotEnhcMQC
pKXmxPUsEk4IDxy+jdeeX35dtjr9QMEfvHy4TlXA4v3Vxq/4t1kmfzAQoNrcOx4B
fOQaZ5+lTeGFYLfpOX6t/s+gbtA6dYjoO2GzRh2OWWB0GbqnadXH65Y07DPp1GH5
u8dMwkqZDqIFiBSkjbVtUdO5Kx1EAkmE+fZFGQSxpMASnol5F6wkMXfIWhspgjsc
cECKmIs2FBXsUW8LqzT2B1I+BTCm2zDPiqXuar5RpZyAQi+ZWbT/Q9xLCIwKP/5y
66bkUSY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org