Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/95458834A3B211EDAB2FAE53C4F9AE02.roa
File: 95458834A3B211EDAB2FAE53C4F9AE02.roa (raw, json)
Hash identifier: 4FjbCjNI50tORS2R0BrqeOjHpX5/gkwpWdugJUeEgqU=
Subject key identifier: 71:4E:D0:E9:25:8E:97:12:9A:6B:EB:52:BA:B9:27:2A:15:FF:F7:9E
Certificate issuer: /CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Certificate serial: 1065
Authority key identifier: EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/95458834A3B211EDAB2FAE53C4F9AE02.roa
Signing time: Fri 03 Feb 2023 11:04:52 +0000
ROA not before: Fri 03 Feb 2023 11:04:52 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138403
IP address blocks: 103.124.180.0/24 maxlen: 24
103.124.181.0/24 maxlen: 24
103.124.182.0/24 maxlen: 24
103.124.183.0/24 maxlen: 24
2403:e3c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4197 (0x1065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Validity
Not Before: Feb 3 11:04:52 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63dcea54-5094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b6:23:6d:34:26:e2:a1:77:fd:31:72:37:48:
fa:52:76:eb:25:7f:64:31:9f:d8:b9:25:dd:6d:92:
cc:03:db:77:ce:8e:1c:3b:61:33:be:af:8e:b1:c3:
20:8c:82:e7:58:63:40:e2:af:e1:50:40:27:e8:fa:
5e:28:c2:c7:2c:5c:cd:eb:44:62:17:68:f9:ef:4c:
88:59:d3:a5:80:ba:b9:74:96:d0:6d:75:cf:ae:c8:
34:6a:0f:70:4a:e6:00:d4:53:dc:d6:ad:84:9a:0b:
3c:d4:06:1b:5e:db:ed:01:a1:aa:80:03:c8:8b:8f:
79:fd:f7:6b:4b:9d:1e:b8:3d:9d:f0:e5:c5:fc:8a:
a6:2d:f8:20:44:53:c6:4d:ef:02:e4:98:ab:8b:cd:
17:e2:8e:17:c6:cc:0c:e8:1a:d6:dc:83:c9:77:df:
5f:dd:31:c9:af:c1:6f:5b:6a:bf:34:df:b5:a2:38:
a7:93:5c:7b:d9:c6:23:8c:bc:e3:39:4b:3a:16:2a:
c3:b0:97:00:fc:4d:20:ba:18:6f:7d:e7:1f:fd:04:
b7:ae:62:ad:e7:f6:ca:f0:2b:20:87:56:a5:da:c5:
cb:7c:1a:0e:02:37:4e:67:f7:29:72:d6:45:87:cf:
93:c2:8e:d9:5d:62:bb:a4:57:96:de:6e:d6:e1:5d:
5b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4E:D0:E9:25:8E:97:12:9A:6B:EB:52:BA:B9:27:2A:15:FF:F7:9E
X509v3 Authority Key Identifier:
keyid:EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/7ulOOvQOrIyjbcMuSeREbs-zNQU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/95458834A3B211EDAB2FAE53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.180.0/22
IPv6:
2403:e3c0::/32
Signature Algorithm: sha256WithRSAEncryption
86:bf:cd:1b:88:98:2c:85:85:52:83:5c:b2:7d:7f:3e:cd:03:
17:48:98:1a:6e:10:8e:72:ce:32:f3:82:69:ce:77:7a:3f:b5:
ab:3b:84:34:dd:07:e0:4d:ab:a3:f0:1d:db:f3:11:90:98:2b:
a3:8c:80:89:42:c4:ee:0c:5f:fc:e1:de:c8:64:5c:5b:7e:71:
bb:ba:27:3b:c8:c0:ed:95:2a:93:bf:7c:89:48:b7:18:f0:6f:
8c:9f:c8:1f:33:b8:d7:2b:2a:db:4b:18:bd:e9:6d:be:1a:d1:
ee:ea:b5:53:62:30:f8:6b:3f:f0:e7:fd:50:99:7f:73:98:8b:
77:75:eb:16:46:0a:59:4a:b6:bb:14:5d:cd:61:2c:79:4a:a0:
6b:a7:82:45:ef:e7:9a:20:b0:55:eb:0b:60:59:87:4e:b6:2a:
74:c5:b6:88:b3:7d:69:3d:07:16:3e:5c:8a:0d:4d:82:82:2d:
0e:4c:2f:85:ef:03:d1:9f:29:f1:f2:5c:82:f9:d0:26:20:65:
e9:60:95:59:5e:4d:48:0e:3f:fe:08:93:da:79:dd:40:25:4c:
d4:4b:e7:67:35:f6:ae:de:7e:17:8f:94:43:57:5f:05:95:a5:
bd:fa:ee:7a:19:f5:98:cd:c6:76:aa:f7:c2:5f:0f:d8:a6:8a:
5d:5c:ab:8e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEGUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFGRjcxMTAvBgNVBAUTKEVFRTk0RTNBRjQwRUFDOENBMzZEQzMyRTQ5RTQ0NDZF
Q0ZCMzM1MDUwHhcNMjMwMjAzMTEwNDUyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RjZWE1NC01MDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzbYjbTQm4qF3/TFyN0j6UnbrJX9kMZ/YuSXdbZLMA9t3zo4cO2Ezvq+OscMg
jILnWGNA4q/hUEAn6PpeKMLHLFzN60RiF2j570yIWdOlgLq5dJbQbXXPrsg0ag9w
SuYA1FPc1q2Emgs81AYbXtvtAaGqgAPIi495/fdrS50euD2d8OXF/IqmLfggRFPG
Te8C5Jiri80X4o4XxswM6BrW3IPJd99f3THJr8FvW2q/NN+1ojink1x72cYjjLzj
OUs6FirDsJcA/E0guhhvfecf/QS3rmKt5/bK8Csgh1al2sXLfBoOAjdOZ/cpctZF
h8+Two7ZXWK7pFeW3m7W4V1bHQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHFO0Okl
jpcSmmvrUrq5JyoV//eeMB8GA1UdIwQYMBaAFO7pTjr0DqyMo23DLknkRG7PszUF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUZGNy8yMTg2MkM2NEUw
QzAxMUU4OUU5QkZFMTVDNEY5QUUwMi83dWxPT3ZRT3JJeWpiY011U2VSRWJzLXpO
UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzd1bE9PdlFPckl5amJjTXVTZVJFYnMtek5RVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFGRjcvMjE4NjJDNjRFMEMwMTFFODlFOUJGRTE1QzRGOUFFMDIvOTU0NTg4MzRB
M0IyMTFFREFCMkZBRTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfLQwDQQCAAIwBwMFACQD48AwDQYJKoZIhvcNAQELBQAD
ggEBAIa/zRuImCyFhVKDXLJ9fz7NAxdImBpuEI5yzjLzgmnOd3o/tas7hDTdB+BN
q6PwHdvzEZCYK6OMgIlCxO4MX/zh3shkXFt+cbu6JzvIwO2VKpO/fIlItxjwb4yf
yB8zuNcrKttLGL3pbb4a0e7qtVNiMPhrP/Dn/VCZf3OYi3d16xZGCllKtrsUXc1h
LHlKoGungkXv55ogsFXrC2BZh062KnTFtoizfWk9BxY+XIoNTYKCLQ5ML4XvA9Gf
KfHyXIL50CYgZelglVleTUgOP/4Ik9p53UAlTNRL52c19q7efhePlENXXwWVpb36
7noZ9ZjNxnaq98JfD9imil1cq44=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org