Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/F0C4865E612411ED9F121467C4F9AE02.roa
File: F0C4865E612411ED9F121467C4F9AE02.roa (raw, json)
Hash identifier: EbfaEi3uh0ryKpz/3kOcZ/8RH/VsM6NOI3CXjDlM35U=
Subject key identifier: 14:EC:0D:01:54:08:85:3C:C0:AE:CC:FA:77:20:C2:78:9C:3A:C9:EB
Certificate issuer: /CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Certificate serial: 1061
Authority key identifier: EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/F0C4865E612411ED9F121467C4F9AE02.roa
Signing time: Wed 01 Feb 2023 17:05:04 +0000
ROA not before: Wed 01 Feb 2023 17:05:04 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138403
IP address blocks: 103.124.180.0/22 maxlen: 22
103.124.180.0/24 maxlen: 24
103.124.181.0/24 maxlen: 24
103.124.182.0/24 maxlen: 24
103.124.183.0/24 maxlen: 24
2403:e3c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4193 (0x1061)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Validity
Not Before: Feb 1 17:05:04 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63da9bbf-9e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dc:41:04:60:b4:ca:fa:65:85:4b:4b:07:26:
d9:35:06:69:d5:cd:34:2d:38:d2:aa:df:6a:4d:41:
74:cc:81:f9:95:f7:9a:78:74:13:9e:70:69:18:92:
85:2b:c4:3c:7c:4c:2c:ac:26:f8:7b:92:67:c2:4d:
f8:ec:3e:59:72:38:13:bd:e6:5d:49:d7:69:20:72:
fa:94:95:3e:9e:c3:06:32:2a:a4:34:49:2c:07:7b:
29:95:0f:f7:c6:2f:96:f9:a3:dd:5b:3a:b4:62:4a:
ba:ea:d8:b6:77:29:5c:69:a1:59:fd:37:37:6f:ac:
22:18:45:7b:d6:26:29:49:32:e2:84:84:48:44:4c:
2f:07:62:8b:17:f4:e9:de:40:4d:c2:b3:17:9e:43:
94:2a:60:a6:1c:c5:0c:4a:6e:9a:98:99:48:78:2f:
92:c0:df:7f:0b:87:f4:b1:1d:65:b8:f1:42:8c:15:
4a:eb:3b:5f:6f:87:07:fb:57:56:42:14:fc:9c:31:
bf:58:8d:76:e8:b8:f3:f0:9b:21:68:4f:ce:10:be:
0b:d1:71:f8:04:b6:ec:d7:8b:f4:6e:ad:1c:94:c2:
9c:2f:67:f9:c7:79:fe:0b:af:07:55:82:b0:1d:5f:
7b:84:90:43:ab:41:9b:9c:06:1e:6c:55:79:a4:e3:
9f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EC:0D:01:54:08:85:3C:C0:AE:CC:FA:77:20:C2:78:9C:3A:C9:EB
X509v3 Authority Key Identifier:
keyid:EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/7ulOOvQOrIyjbcMuSeREbs-zNQU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/F0C4865E612411ED9F121467C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.180.0/22
IPv6:
2403:e3c0::/32
Signature Algorithm: sha256WithRSAEncryption
97:20:85:d7:f9:73:50:b2:f0:50:21:96:d1:84:22:e4:f1:e5:
af:d8:89:6a:46:26:bd:02:7a:9c:3c:df:27:4e:e3:bc:9b:92:
91:33:74:20:30:54:e4:d5:d6:c0:14:6b:e4:bb:be:ea:94:d3:
67:cc:87:81:b5:2a:a5:92:6b:8c:e8:45:8e:bf:35:1f:7b:c5:
8e:30:e1:33:18:83:82:34:32:73:29:28:bc:cb:71:33:f6:d9:
16:19:b9:2f:ee:37:9b:51:f1:3b:42:7a:ad:e7:fe:ee:a2:93:
e2:73:d9:07:8b:ef:c7:a2:a8:b5:e3:9b:e0:82:80:81:13:a5:
55:d7:c7:19:f1:a7:dc:f0:2c:29:5c:62:a5:38:66:55:c0:e0:
f6:5b:0c:2a:5a:fa:9c:1c:bf:97:05:e5:b0:be:a4:ae:ac:c7:
49:04:49:84:ff:36:7d:6f:c1:38:1e:8e:88:99:95:fc:d7:23:
77:93:86:ed:14:58:8a:39:ea:6a:cd:3c:bd:0b:be:2e:36:0d:
e5:5a:39:ab:29:c9:b9:3f:26:0d:34:0f:d3:cd:f9:51:a2:ca:
96:89:63:89:e7:bf:ac:75:93:1b:8e:56:fb:4e:97:5c:a0:63:
a5:dc:d1:68:d7:82:14:7a:84:39:7b:8d:ac:f2:5a:7a:d4:fb:
03:31:8d:9b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEGEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFGRjcxMTAvBgNVBAUTKEVFRTk0RTNBRjQwRUFDOENBMzZEQzMyRTQ5RTQ0NDZF
Q0ZCMzM1MDUwHhcNMjMwMjAxMTcwNTA0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RhOWJiZi05ZTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr9xBBGC0yvplhUtLBybZNQZp1c00LTjSqt9qTUF0zIH5lfeaeHQTnnBpGJKF
K8Q8fEwsrCb4e5Jnwk347D5ZcjgTveZdSddpIHL6lJU+nsMGMiqkNEksB3splQ/3
xi+W+aPdWzq0Ykq66ti2dylcaaFZ/Tc3b6wiGEV71iYpSTLihIRIREwvB2KLF/Tp
3kBNwrMXnkOUKmCmHMUMSm6amJlIeC+SwN9/C4f0sR1luPFCjBVK6ztfb4cH+1dW
QhT8nDG/WI126Ljz8JshaE/OEL4L0XH4BLbs14v0bq0clMKcL2f5x3n+C68HVYKw
HV97hJBDq0GbnAYebFV5pOOfuQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBTsDQFU
CIU8wK7M+ncgwnicOsnrMB8GA1UdIwQYMBaAFO7pTjr0DqyMo23DLknkRG7PszUF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUZGNy8yMTg2MkM2NEUw
QzAxMUU4OUU5QkZFMTVDNEY5QUUwMi83dWxPT3ZRT3JJeWpiY011U2VSRWJzLXpO
UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzd1bE9PdlFPckl5amJjTXVTZVJFYnMtek5RVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFGRjcvMjE4NjJDNjRFMEMwMTFFODlFOUJGRTE1QzRGOUFFMDIvRjBDNDg2NUU2
MTI0MTFFRDlGMTIxNDY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfLQwDQQCAAIwBwMFACQD48AwDQYJKoZIhvcNAQELBQAD
ggEBAJcghdf5c1Cy8FAhltGEIuTx5a/YiWpGJr0Cepw83ydO47ybkpEzdCAwVOTV
1sAUa+S7vuqU02fMh4G1KqWSa4zoRY6/NR97xY4w4TMYg4I0MnMpKLzLcTP22RYZ
uS/uN5tR8TtCeq3n/u6ik+Jz2QeL78eiqLXjm+CCgIETpVXXxxnxp9zwLClcYqU4
ZlXA4PZbDCpa+pwcv5cF5bC+pK6sx0kESYT/Nn1vwTgejoiZlfzXI3eThu0UWIo5
6mrNPL0Lvi42DeVaOaspybk/Jg00D9PN+VGiypaJY4nnv6x1kxuOVvtOl1ygY6Xc
0WjXghR6hDl7jazyWnrU+wMxjZs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org