Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/99EFF4EAFC3811ECAB57881AC4F9AE02.roa
File: 99EFF4EAFC3811ECAB57881AC4F9AE02.roa (raw, json)
Hash identifier: rOUY2a6gVVbJFiiZbHPk2l4XXrG/XtWPC9HDuA4Ht88=
Subject key identifier: 88:66:75:EE:93:1F:BC:D8:02:29:B0:1F:9A:9D:11:35:1C:DD:22:7D
Certificate issuer: /CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Certificate serial: 32B8
Authority key identifier: 63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/99EFF4EAFC3811ECAB57881AC4F9AE02.roa
Signing time: Mon 24 Oct 2022 16:01:08 +0000
ROA not before: Mon 24 Oct 2022 16:01:08 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 49901
IP address blocks: 103.21.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12984 (0x32b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Validity
Not Before: Oct 24 16:01:08 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6356b6c3-c482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ab:eb:61:b8:40:17:08:2d:ca:6c:4a:99:6d:
ad:85:b3:02:bd:6d:87:7b:c4:a4:82:14:80:de:e7:
47:36:4b:2b:a5:97:45:9c:9a:f2:c1:a1:92:d9:fa:
81:1f:98:a0:89:8f:22:27:60:91:50:66:b9:aa:5b:
25:37:43:d6:2c:c8:be:ef:28:84:6c:07:41:c0:ce:
22:b1:d9:91:5f:89:55:ff:c7:0d:2e:00:ed:c0:56:
5e:84:8d:36:5a:bc:91:4e:f2:e5:5a:4b:db:36:a4:
06:e7:db:76:3a:87:f7:c3:d1:58:3d:32:a8:b0:14:
86:10:67:f2:2f:d2:e1:05:e7:16:69:6d:f9:a9:df:
61:cf:7b:76:8f:8e:e8:7a:8c:4b:6b:bb:b9:76:c2:
4b:ba:69:69:30:6d:35:9e:ef:37:0c:e7:0f:8d:b1:
db:6b:31:64:c3:60:d6:8e:30:19:09:c3:a3:02:70:
6d:49:e5:fb:33:b2:95:a7:9e:01:54:0b:9b:dc:5c:
1b:23:8a:6b:dd:5a:16:b0:c1:31:fa:6a:01:0e:f8:
37:f2:5a:95:78:51:27:b7:40:96:f8:33:82:e1:22:
ce:ed:91:ec:ae:c4:92:9c:a2:5c:3a:67:07:dd:1b:
de:74:bd:3a:09:8c:4f:9e:8c:21:c4:31:38:2b:3e:
f4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:66:75:EE:93:1F:BC:D8:02:29:B0:1F:9A:9D:11:35:1C:DD:22:7D
X509v3 Authority Key Identifier:
keyid:63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/99EFF4EAFC3811ECAB57881AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.139.0/24
Signature Algorithm: sha256WithRSAEncryption
20:0f:39:6d:e9:13:0c:5e:a1:1b:40:a9:ef:24:95:e0:d3:58:
1f:54:f8:d7:b4:ba:27:65:a3:3f:1e:00:d9:d9:78:eb:4e:38:
bc:3a:33:69:8e:37:d6:18:d9:af:6a:65:3d:8a:b2:f5:24:d4:
8c:b9:2c:70:c8:03:68:09:a5:1a:5a:d2:bc:fe:62:b8:8f:47:
af:1d:13:ac:a8:f2:36:63:f5:68:3b:77:d0:c8:5a:d4:80:2b:
b7:1b:df:31:53:13:db:4c:d8:ee:a5:0b:25:0a:45:c8:d3:5a:
32:4b:0b:0d:aa:66:0a:c7:f0:64:02:98:9c:8c:b6:66:80:ea:
c4:17:50:bb:23:c6:50:9a:57:9a:76:86:91:03:82:00:a3:73:
86:b0:da:e0:44:7c:ad:8e:d9:76:cf:46:45:df:63:cb:0b:1e:
03:59:2f:42:72:a1:8c:43:88:d5:0c:eb:4c:e5:d3:48:22:2a:
23:c0:8d:5e:17:85:5a:40:8d:cb:5b:8a:75:f6:98:4e:24:27:
70:f1:6a:a0:de:4e:44:57:86:5c:51:66:6c:bb:80:7e:46:6f:
ba:86:56:ba:4f:0b:e7:93:b5:43:3d:70:a9:37:17:68:9c:46:
e3:dc:86:a7:0e:a9:f2:36:c6:db:81:86:df:fe:f5:db:59:3a:
16:08:b3:83
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNzYxMTAvBgNVBAUTKDYzRUM0RTYzODBGQUFFQTUxMTA3RTlDNDBDMkYxMDU4
RTA4Rjg1NkUwHhcNMjIxMDI0MTYwMTA4WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU2YjZjMy1jNDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKvrYbhAFwgtymxKmW2thbMCvW2He8SkghSA3udHNksrpZdFnJrywaGS2fqB
H5igiY8iJ2CRUGa5qlslN0PWLMi+7yiEbAdBwM4isdmRX4lV/8cNLgDtwFZehI02
WryRTvLlWkvbNqQG59t2Oof3w9FYPTKosBSGEGfyL9LhBecWaW35qd9hz3t2j47o
eoxLa7u5dsJLumlpMG01nu83DOcPjbHbazFkw2DWjjAZCcOjAnBtSeX7M7KVp54B
VAub3FwbI4pr3VoWsMEx+moBDvg38lqVeFEnt0CW+DOC4SLO7ZHsrsSSnKJcOmcH
3RvedL06CYxPnowhxDE4Kz70FQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIhmde6T
H7zYAimwH5qdETUc3SJ9MB8GA1UdIwQYMBaAFGPsTmOA+q6lEQfpxAwvEFjgj4Vu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY3Ni85NDRFMzg5MjFE
QUIxMUUyQkIzMENBQTkwOEIwMkNEMi9ZLXhPWTRENnJxVVJCLW5FREM4UVdPQ1Bo
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1kteE9ZNEQ2cnFVUkItbkVEQzhRV09DUGhXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNzYvOTQ0RTM4OTIxREFCMTFFMkJCMzBDQUE5MDhCMDJDRDIvOTlFRkY0RUFG
QzM4MTFFQ0FCNTc4ODFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnFYswDQYJKoZIhvcNAQELBQADggEBACAPOW3pEwxeoRtA
qe8kleDTWB9U+Ne0uidloz8eANnZeOtOOLw6M2mON9YY2a9qZT2KsvUk1Iy5LHDI
A2gJpRpa0rz+YriPR68dE6yo8jZj9Wg7d9DIWtSAK7cb3zFTE9tM2O6lCyUKRcjT
WjJLCw2qZgrH8GQCmJyMtmaA6sQXULsjxlCaV5p2hpEDggCjc4aw2uBEfK2O2XbP
RkXfY8sLHgNZL0JyoYxDiNUM60zl00giKiPAjV4XhVpAjctbinX2mE4kJ3DxaqDe
TkRXhlxRZmy7gH5Gb7qGVrpPC+eTtUM9cKk3F2icRuPchqcOqfI2xtuBht/+9dtZ
OhYIs4M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org