Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/B174F4BA47B811ECA8CCED4FC4F9AE02.roa
File: B174F4BA47B811ECA8CCED4FC4F9AE02.roa (raw, json)
Hash identifier: ZkXsf3JU2z+gCsfUxvLY+YzbY3BTO1pFFCMSZwBJQv0=
Subject key identifier: CC:BB:B3:EA:A5:3A:EA:FD:9F:C1:48:B5:8D:12:C6:E3:8C:C9:6B:13
Certificate issuer: /CN=A9167CC5/serialNumber=5D2785B54D163ED01EA5418BCFA34F1B7456B713
Certificate serial: 17
Authority key identifier: 5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/B174F4BA47B811ECA8CCED4FC4F9AE02.roa
Signing time: Wed 17 Nov 2021 15:11:52 +0000
ROA not before: Wed 17 Nov 2021 15:11:52 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 9498
IP address blocks: 103.23.25.0/24 maxlen: 24
103.23.26.0/23 maxlen: 23
103.23.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167CC5/serialNumber=5D2785B54D163ED01EA5418BCFA34F1B7456B713
Validity
Not Before: Nov 17 15:11:52 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61951bb8-51f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:67:14:27:18:a0:b6:d7:a3:69:09:ef:08:fc:
fe:2f:8d:4f:16:e1:11:e8:8a:c1:a9:4a:51:11:f0:
1a:73:b8:77:2e:63:a0:66:24:6a:8b:89:54:c3:5f:
ec:18:a7:ea:5b:3e:5e:1d:38:fe:24:41:50:3f:d6:
a5:22:45:bf:64:45:ad:3a:b6:7b:a2:dc:f4:23:a1:
f9:c5:87:53:c9:ca:78:77:59:05:25:ed:e2:8e:36:
d0:5f:73:d6:99:86:c3:d2:f4:bc:15:b6:6b:de:65:
b6:b6:d4:86:59:4e:0e:d5:0f:1f:97:b9:9f:34:27:
3f:cd:d1:2c:15:37:1e:13:a7:26:55:f7:6e:89:b8:
05:6c:02:67:40:ef:c0:79:4f:14:4b:fd:d1:9a:57:
2a:91:4c:09:47:7a:38:e0:b5:08:42:3d:aa:7a:06:
e3:61:c4:c8:ca:42:25:8b:4f:f6:2e:e7:b9:60:a9:
db:7c:b0:6c:28:8e:27:06:a9:c9:ac:3a:1c:5e:83:
71:e0:49:95:17:f4:42:e6:0e:db:02:c8:29:70:47:
0a:71:d4:e8:b0:b4:3c:35:22:50:b2:e6:ed:ed:d0:
7d:eb:58:79:f1:0a:50:dd:73:12:df:dd:8c:3f:bc:
89:19:97:7b:aa:6f:12:1e:1f:27:22:b1:1e:71:18:
c5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BB:B3:EA:A5:3A:EA:FD:9F:C1:48:B5:8D:12:C6:E3:8C:C9:6B:13
X509v3 Authority Key Identifier:
keyid:5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/B174F4BA47B811ECA8CCED4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.25.0-103.23.27.255
Signature Algorithm: sha256WithRSAEncryption
1d:24:b5:2c:c2:bc:56:47:3a:e6:1c:f5:5f:85:ea:89:0e:de:
93:2e:49:9a:7a:61:1b:d5:f9:09:37:0b:c1:d4:a5:c9:41:e2:
04:da:cf:23:99:ad:f8:b8:70:a1:ea:8b:0f:4b:9d:e7:df:02:
8a:00:63:25:57:0e:06:ba:07:95:c2:e8:ee:92:55:d8:f9:32:
95:18:ee:2b:7f:40:d3:ef:5e:d0:59:57:33:5e:21:e3:bf:09:
89:8f:7d:48:ba:ab:5a:4c:c0:ad:39:fe:9f:3a:94:e5:35:df:
09:95:72:83:f9:83:30:db:e9:89:f0:19:b1:9d:4a:40:99:5f:
5b:28:8c:85:8c:58:18:17:d9:53:60:ad:75:71:d5:9e:2c:e7:
2d:da:9d:7d:db:47:8f:21:cf:d6:5d:24:32:61:b6:7a:bb:b6:
62:32:b5:61:a0:83:1c:ce:65:75:e2:4b:05:5b:f1:3e:39:43:
20:04:c6:00:d3:f4:64:bf:c4:6e:7b:51:78:aa:79:d3:f4:1e:
74:de:10:70:a0:ec:d7:1f:15:88:7d:f3:c8:94:6e:1d:ee:2a:
12:42:f0:2d:c7:5d:1a:f2:87:48:97:45:e4:fa:31:15:08:5e:
f1:7a:87:d5:dd:58:e1:e1:fd:b3:9f:af:8d:76:61:85:43:4e:
30:5b:f3:16
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
N0NDNTExMC8GA1UEBRMoNUQyNzg1QjU0RDE2M0VEMDFFQTU0MThCQ0ZBMzRGMUI3
NDU2QjcxMzAeFw0yMTExMTcxNTExNTJaFw0yMzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxOTUxYmI4LTUxZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7ZxQnGKC216NpCe8I/P4vjU8W4RHoisGpSlER8BpzuHcuY6BmJGqLiVTDX+wY
p+pbPl4dOP4kQVA/1qUiRb9kRa06tnui3PQjofnFh1PJynh3WQUl7eKONtBfc9aZ
hsPS9LwVtmveZba21IZZTg7VDx+XuZ80Jz/N0SwVNx4TpyZV926JuAVsAmdA78B5
TxRL/dGaVyqRTAlHejjgtQhCPap6BuNhxMjKQiWLT/Yu57lgqdt8sGwojicGqcms
Ohxeg3HgSZUX9ELmDtsCyClwRwpx1OiwtDw1IlCy5u3t0H3rWHnxClDdcxLf3Yw/
vIkZl3uqbxIeHycisR5xGMWLAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUzLuz6qU6
6v2fwUi1jRLG44zJaxMwHwYDVR0jBBgwFoAUXSeFtU0WPtAepUGLz6NPG3RWtxMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3Q0M1LzJBQzREMzNFNDZC
MTExRUM5NDVCNEY1N0M0RjlBRTAyL1hTZUZ0VTBXUHRBZXBVR0x6Nk5QRzNSV3R4
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWFNlRnRVMFdQdEFlcFVHTHo2TlBHM1JXdHhNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
N0NDNS8yQUM0RDMzRTQ2QjExMUVDOTQ1QjRGNTdDNEY5QUUwMi9CMTc0RjRCQTQ3
QjgxMUVDQThDQ0VENEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAZxcZAwQCZxcYMA0GCSqGSIb3DQEBCwUAA4IBAQAdJLUs
wrxWRzrmHPVfheqJDt6TLkmaemEb1fkJNwvB1KXJQeIE2s8jma34uHCh6osPS53n
3wKKAGMlVw4GugeVwujuklXY+TKVGO4rf0DT717QWVczXiHjvwmJj31IuqtaTMCt
Of6fOpTlNd8JlXKD+YMw2+mJ8BmxnUpAmV9bKIyFjFgYF9lTYK11cdWeLOct2p19
20ePIc/WXSQyYbZ6u7ZiMrVhoIMczmV14ksFW/E+OUMgBMYA0/Rkv8Rue1F4qnnT
9B503hBwoOzXHxWIffPIlG4d7ioSQvAtx10a8odIl0Xk+jEVCF7xeofV3Vjh4f2z
n6+NdmGFQ04wW/MW
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org