Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/0492A76253A511EC922C8D5EC4F9AE02.roa
File: 0492A76253A511EC922C8D5EC4F9AE02.roa (raw, json)
Hash identifier: hTtuVZMjQLCJjZEIUuuEjOgeymCbU3Ij0sh7dGFPM2g=
Subject key identifier: B5:99:4F:8A:29:3E:ED:83:1E:CE:4A:A8:17:DC:29:12:39:42:D1:CF
Certificate issuer: /CN=A915D6C2/serialNumber=42B749E1ECDBE030747F8CB5747F2D73A5E42454
Certificate serial: 07
Authority key identifier: 42:B7:49:E1:EC:DB:E0:30:74:7F:8C:B5:74:7F:2D:73:A5:E4:24:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrdJ4ezb4DB0f4y1dH8tc6XkJFQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/0492A76253A511EC922C8D5EC4F9AE02.roa
Signing time: Sat 04 Dec 2021 18:41:22 +0000
ROA not before: Sat 04 Dec 2021 18:41:22 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 149053
IP address blocks: 103.177.124.0/23 maxlen: 24
2001:df0:2240::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D6C2/serialNumber=42B749E1ECDBE030747F8CB5747F2D73A5E42454
Validity
Not Before: Dec 4 18:41:22 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61abb651-fc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:20:0f:a7:d5:e5:d4:b8:0e:9d:f6:f4:86:aa:
ee:48:51:51:e3:65:fa:dd:37:1e:b4:8c:d3:75:1d:
48:ac:e0:29:f7:47:55:9e:e2:87:ca:07:cc:3c:7d:
19:01:b3:f1:12:3e:d5:7e:ed:f9:43:08:79:7c:b9:
5e:32:a8:b7:2b:bb:d2:a4:52:5e:1d:f0:65:3a:ba:
b6:2f:c3:22:84:92:f3:2a:34:07:fd:9d:11:e5:2c:
3a:4e:8f:67:2b:36:3d:17:c8:cd:87:f1:a9:33:ef:
59:3b:1d:5e:3b:03:e2:68:dc:70:5d:ab:e9:d1:99:
3b:b2:0f:66:52:49:c3:03:32:32:85:81:14:89:d5:
34:d5:35:99:ef:9c:5d:4c:d6:77:71:28:7f:68:0a:
3f:38:97:98:38:0c:38:16:4f:5b:b8:b3:88:e2:12:
3f:76:1d:17:ed:5a:d8:1e:c4:02:f8:f5:53:b4:20:
3a:8c:96:66:98:ec:ad:36:0b:09:96:85:c5:ec:b9:
fc:a3:d5:54:bb:4f:b6:7b:33:4f:47:96:f1:6c:ca:
1d:46:23:0c:7d:6d:d4:13:5c:75:16:bf:16:76:46:
3f:27:53:75:c1:8e:0d:28:b9:79:ce:83:d7:f9:8b:
09:e2:17:38:80:31:44:98:88:6c:7d:e7:35:39:f7:
6c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:99:4F:8A:29:3E:ED:83:1E:CE:4A:A8:17:DC:29:12:39:42:D1:CF
X509v3 Authority Key Identifier:
keyid:42:B7:49:E1:EC:DB:E0:30:74:7F:8C:B5:74:7F:2D:73:A5:E4:24:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/QrdJ4ezb4DB0f4y1dH8tc6XkJFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrdJ4ezb4DB0f4y1dH8tc6XkJFQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/0492A76253A511EC922C8D5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.124.0/23
IPv6:
2001:df0:2240::/48
Signature Algorithm: sha256WithRSAEncryption
85:bd:f3:5a:07:15:49:dc:50:62:76:7e:c0:f4:4b:5c:a0:e2:
f7:b8:82:45:61:82:41:04:5f:4b:c2:1f:dd:2e:29:5b:03:86:
76:44:2a:67:f0:5e:5f:f3:b8:f4:25:8f:86:21:42:6b:03:98:
36:e9:58:ac:30:5b:be:03:50:ef:f1:72:32:de:d9:92:ab:f7:
fa:1b:25:4b:8c:8f:6a:ae:fa:19:43:08:6f:63:dc:f7:93:7e:
83:00:2d:6e:b0:7a:b1:18:90:6b:70:6d:73:4c:0b:fd:6a:85:
b8:34:2d:04:d3:36:94:45:14:d9:22:55:05:b8:1b:fc:23:15:
e3:54:ae:0d:93:0a:59:50:f2:45:00:6a:e1:30:ab:27:13:5a:
cb:6d:72:ce:03:1f:f9:e3:76:30:d8:82:6f:b3:a0:74:79:63:
2d:b8:be:4a:1f:07:a2:90:b4:49:08:87:97:9b:29:0a:f1:7d:
3e:14:be:25:37:3d:07:c7:bc:83:4e:96:cc:86:6b:b7:e2:1e:
63:02:26:8d:9e:6b:98:5b:d0:2e:cd:bb:17:1d:25:c0:b9:b4:
6f:c2:0b:5a:a1:b4:ab:32:2f:31:84:d9:49:27:e1:34:4e:3e:
e4:bc:20:17:cf:a9:04:fe:6a:27:d5:4b:d3:4e:bd:55:dc:57:
55:2d:d3:6d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
RDZDMjExMC8GA1UEBRMoNDJCNzQ5RTFFQ0RCRTAzMDc0N0Y4Q0I1NzQ3RjJENzNB
NUU0MjQ1NDAeFw0yMTEyMDQxODQxMjJaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYWJiNjUxLWZjNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLIA+n1eXUuA6d9vSGqu5IUVHjZfrdNx60jNN1HUis4Cn3R1We4ofKB8w8fRkB
s/ESPtV+7flDCHl8uV4yqLcru9KkUl4d8GU6urYvwyKEkvMqNAf9nRHlLDpOj2cr
Nj0XyM2H8akz71k7HV47A+Jo3HBdq+nRmTuyD2ZSScMDMjKFgRSJ1TTVNZnvnF1M
1ndxKH9oCj84l5g4DDgWT1u4s4jiEj92HRftWtgexAL49VO0IDqMlmaY7K02CwmW
hcXsufyj1VS7T7Z7M09HlvFsyh1GIwx9bdQTXHUWvxZ2Rj8nU3XBjg0ouXnOg9f5
iwniFziAMUSYiGx95zU592xZAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUtZlPiik+
7YMezkqoF9wpEjlC0c8wHwYDVR0jBBgwFoAUQrdJ4ezb4DB0f4y1dH8tc6XkJFQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVENkMyL0Y5QzQ2RkFDNTNB
MjExRUM5RDVFNjE1REM0RjlBRTAyL1FyZEo0ZXpiNERCMGY0eTFkSDh0YzZYa0pG
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUXJkSjRlemI0REIwZjR5MWRIOHRjNlhrSkZRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RDZDMi9GOUM0NkZBQzUzQTIxMUVDOUQ1RTYxNURDNEY5QUUwMi8wNDkyQTc2MjUz
QTUxMUVDOTIyQzhENUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWexfDAPBAIAAjAJAwcAIAEN8CJAMA0GCSqGSIb3DQEBCwUA
A4IBAQCFvfNaBxVJ3FBidn7A9EtcoOL3uIJFYYJBBF9Lwh/dLilbA4Z2RCpn8F5f
87j0JY+GIUJrA5g26VisMFu+A1Dv8XIy3tmSq/f6GyVLjI9qrvoZQwhvY9z3k36D
AC1usHqxGJBrcG1zTAv9aoW4NC0E0zaURRTZIlUFuBv8IxXjVK4NkwpZUPJFAGrh
MKsnE1rLbXLOAx/543Yw2IJvs6B0eWMtuL5KHweikLRJCIeXmykK8X0+FL4lNz0H
x7yDTpbMhmu34h5jAiaNnmuYW9AuzbsXHSXAubRvwgtaobSrMi8xhNlJJ+E0Tj7k
vCAXz6kE/mon1UvTTr1V3FdVLdNt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org