Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/9E05CBB211A411EAA1E9C22EC4F9AE02.roa
File: 9E05CBB211A411EAA1E9C22EC4F9AE02.roa (raw, json)
Hash identifier: miK1tMg+I/FIXe78ic9d7y9xtz7QWI6MXIoWv2oUP2M=
Subject key identifier: 26:00:FF:FD:A9:59:F5:50:F7:6C:DD:32:AD:6F:DE:14:7C:6E:6C:C7
Certificate issuer: /CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Certificate serial: 102C
Authority key identifier: EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/9E05CBB211A411EAA1E9C22EC4F9AE02.roa
Signing time: Mon 31 Oct 2022 18:44:44 +0000
ROA not before: Mon 31 Oct 2022 18:44:44 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138403
IP address blocks: 103.124.180.0/22 maxlen: 22
103.124.180.0/24 maxlen: 24
103.124.181.0/24 maxlen: 24
103.124.182.0/24 maxlen: 24
103.124.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4140 (0x102c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Validity
Not Before: Oct 31 18:44:44 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6360179b-4a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0e:7d:60:3c:20:9a:25:f0:fb:fc:9f:cb:0e:
da:94:91:8b:13:0c:8c:55:59:a5:5a:e8:13:ee:b2:
86:55:ee:a0:ef:a0:53:99:19:a2:17:4f:87:d8:b6:
fd:7b:a2:5b:7f:a2:b5:b4:af:ee:7a:7b:4d:34:cd:
25:6a:80:52:f0:ed:a9:5b:23:5f:f6:b6:e1:77:95:
66:9f:7a:d2:17:83:d3:3d:3e:76:bf:64:96:68:ad:
c4:06:fa:63:73:4b:b8:8c:78:9f:7c:22:c5:65:70:
2f:e5:46:7a:56:d5:32:5d:98:66:dd:a5:4f:d7:54:
53:5e:28:45:cd:4d:9c:a7:b9:c0:ec:5f:bb:50:c7:
de:e9:ba:ac:c1:59:0a:50:ee:95:c5:71:d7:b8:94:
4e:3d:8a:47:3f:9d:4b:9e:1e:f4:8c:27:b5:97:41:
eb:53:ff:59:8b:38:28:eb:00:16:81:19:8b:c0:1f:
d7:b5:e2:fe:3c:aa:3e:48:1f:39:ba:21:c9:41:51:
a9:32:1c:7e:2e:37:f5:3a:77:cb:a0:36:5e:8f:13:
e2:fa:6a:71:84:42:03:aa:db:0c:27:5b:38:f6:1e:
3f:8a:2c:3b:e0:4a:05:29:f4:49:e2:21:54:f6:b5:
52:58:08:b4:35:18:8d:dd:38:ae:b7:2d:87:56:44:
b0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:00:FF:FD:A9:59:F5:50:F7:6C:DD:32:AD:6F:DE:14:7C:6E:6C:C7
X509v3 Authority Key Identifier:
keyid:EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/7ulOOvQOrIyjbcMuSeREbs-zNQU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/9E05CBB211A411EAA1E9C22EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.180.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:96:c2:8e:04:4d:51:f2:65:63:e9:15:86:8f:3a:6c:ef:6c:
45:38:c9:0c:4c:bf:83:be:ab:8f:e2:73:32:f5:ee:0e:b4:2b:
98:1d:ae:0c:58:d0:bf:5e:60:5b:9b:5e:c5:58:ad:1e:0d:32:
ca:b0:fe:5b:12:26:18:92:a5:f4:13:6a:af:9d:d2:70:80:eb:
9f:11:e3:ad:c1:65:af:95:63:5d:28:85:4e:13:70:a5:f2:06:
59:e7:ed:19:d1:ac:ae:05:b9:8d:b4:ca:18:21:7e:48:fa:d8:
2b:b0:80:a8:cc:04:3c:96:55:2c:4a:f5:f2:1d:d3:05:95:fe:
41:7b:3b:73:c6:65:d5:4f:d3:a3:df:17:02:4b:34:ac:91:37:
68:8c:02:f8:51:99:4d:4a:e0:95:4e:07:02:7f:b8:e4:a9:d9:
5b:cf:57:57:16:11:08:ed:3d:e1:02:01:14:8e:4c:78:5c:34:
29:bc:05:3f:02:e7:e6:18:56:79:f2:05:6d:54:65:34:7e:b3:
32:89:ff:9d:23:97:28:5c:5d:3f:ca:3c:86:09:05:18:dd:42:
b9:d6:e8:79:fd:da:51:45:3e:d7:60:1f:87:5b:fc:c2:1b:ec:
97:f4:60:ba:e7:09:14:88:3b:98:1c:10:34:33:54:20:73:72:
2d:86:46:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICECwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFGRjcxMTAvBgNVBAUTKEVFRTk0RTNBRjQwRUFDOENBMzZEQzMyRTQ5RTQ0NDZF
Q0ZCMzM1MDUwHhcNMjIxMDMxMTg0NDQ0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYwMTc5Yi00YTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuw59YDwgmiXw+/yfyw7alJGLEwyMVVmlWugT7rKGVe6g76BTmRmiF0+H2Lb9
e6Jbf6K1tK/uentNNM0laoBS8O2pWyNf9rbhd5Vmn3rSF4PTPT52v2SWaK3EBvpj
c0u4jHiffCLFZXAv5UZ6VtUyXZhm3aVP11RTXihFzU2cp7nA7F+7UMfe6bqswVkK
UO6VxXHXuJROPYpHP51Lnh70jCe1l0HrU/9Zizgo6wAWgRmLwB/XteL+PKo+SB85
uiHJQVGpMhx+Ljf1OnfLoDZejxPi+mpxhEIDqtsMJ1s49h4/iiw74EoFKfRJ4iFU
9rVSWAi0NRiN3Tiuty2HVkSw/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFCYA//2p
WfVQ92zdMq1v3hR8bmzHMB8GA1UdIwQYMBaAFO7pTjr0DqyMo23DLknkRG7PszUF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUZGNy8yMTg2MkM2NEUw
QzAxMUU4OUU5QkZFMTVDNEY5QUUwMi83dWxPT3ZRT3JJeWpiY011U2VSRWJzLXpO
UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzd1bE9PdlFPckl5amJjTXVTZVJFYnMtek5RVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFGRjcvMjE4NjJDNjRFMEMwMTFFODlFOUJGRTE1QzRGOUFFMDIvOUUwNUNCQjIx
MUE0MTFFQUExRTlDMjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnfLQwDQYJKoZIhvcNAQELBQADggEBALiWwo4ETVHyZWPp
FYaPOmzvbEU4yQxMv4O+q4/iczL17g60K5gdrgxY0L9eYFubXsVYrR4NMsqw/lsS
JhiSpfQTaq+d0nCA658R463BZa+VY10ohU4TcKXyBlnn7RnRrK4FuY20yhghfkj6
2CuwgKjMBDyWVSxK9fId0wWV/kF7O3PGZdVP06PfFwJLNKyRN2iMAvhRmU1K4JVO
BwJ/uOSp2VvPV1cWEQjtPeECARSOTHhcNCm8BT8C5+YYVnnyBW1UZTR+szKJ/50j
lyhcXT/KPIYJBRjdQrnW6Hn92lFFPtdgH4db/MIb7Jf0YLrnCRSIO5gcEDQzVCBz
ci2GRvQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org