Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/5EAC86B29C6C11ED8F9E0E40C4F9AE02.roa
File: 5EAC86B29C6C11ED8F9E0E40C4F9AE02.roa (raw, json)
Hash identifier: E3iiT3juYMwjPDLIIlkZf9z0eEdkU22+bHY1uw3p3rA=
Subject key identifier: FC:8F:6E:BF:E3:4E:3A:7B:97:A5:19:EE:3C:BB:6D:71:BB:8D:88:97
Certificate issuer: /CN=A916807A/serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
Certificate serial: 67
Authority key identifier: 72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/5EAC86B29C6C11ED8F9E0E40C4F9AE02.roa
Signing time: Sun 26 Mar 2023 03:55:23 +0000
ROA not before: Sun 26 Mar 2023 03:55:23 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 137053
IP address blocks: 103.4.101.0/24 maxlen: 24
2001:df1:4840::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103 (0x67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916807A/serialNumber=729E2F9C1D87C214735078CFD21C638E07157B5D
Validity
Not Before: Mar 26 03:55:23 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=641fc22a-efbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ac:c3:d7:3a:f3:0c:1b:11:69:53:d8:65:63:
c4:cc:81:84:18:c3:af:6a:9d:8c:ca:22:ba:41:49:
a6:25:e1:70:d3:dc:f3:cf:10:58:9c:da:c8:ad:5e:
e3:6a:3d:2a:16:57:41:fa:31:90:01:70:c0:0f:2f:
30:3b:23:f1:6b:f1:6f:02:af:4a:e8:85:cb:21:8d:
71:87:32:04:96:8e:1b:02:d3:c5:e6:6c:03:18:0a:
75:a9:fc:4e:4e:16:34:48:17:99:be:f4:3c:8a:93:
f4:39:16:3c:03:29:81:81:6c:18:2e:19:53:91:f0:
ef:a0:71:5c:3e:9d:15:1b:e9:7a:59:59:1a:d4:2a:
a9:1c:4a:6e:30:0e:04:ef:76:1f:65:e6:f4:d0:dc:
40:83:a8:41:bd:a3:e8:42:f8:6c:62:bf:41:2e:99:
29:f2:bb:13:2d:48:28:07:90:6d:97:cd:24:cb:df:
83:43:69:26:0d:37:04:60:a3:1c:6a:fe:1f:7b:26:
ba:92:32:2b:38:a9:84:ac:3c:7d:fd:e9:0a:6f:a9:
6c:df:10:b9:a0:df:02:18:ac:7f:53:75:f8:a2:00:
05:b5:b0:19:62:70:c5:a1:18:11:c6:5c:f7:67:d0:
21:08:a9:77:a7:a7:34:98:3e:4a:d9:56:67:a2:a0:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:8F:6E:BF:E3:4E:3A:7B:97:A5:19:EE:3C:BB:6D:71:BB:8D:88:97
X509v3 Authority Key Identifier:
keyid:72:9E:2F:9C:1D:87:C2:14:73:50:78:CF:D2:1C:63:8E:07:15:7B:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/cp4vnB2HwhRzUHjP0hxjjgcVe10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cp4vnB2HwhRzUHjP0hxjjgcVe10.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916807A/0263AB483E8811EDA61A9B2AC4F9AE02/5EAC86B29C6C11ED8F9E0E40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.4.101.0/24
IPv6:
2001:df1:4840::/48
Signature Algorithm: sha256WithRSAEncryption
39:f7:b3:a8:4f:78:d3:dc:69:96:b6:ff:a9:83:b1:0f:e5:b2:
ef:a3:ed:79:44:12:46:86:a3:ba:3b:b8:05:9d:81:06:3e:58:
a0:60:c3:aa:5b:8d:c6:df:a4:e6:44:56:f7:ba:7c:76:14:3e:
e7:55:9c:9e:cf:b5:24:dc:b6:f9:31:27:9b:63:c2:11:ef:10:
fe:61:95:9e:2f:e5:52:f6:10:3d:de:7f:31:66:61:6a:8e:db:
5c:b6:99:d1:77:48:71:c6:9d:89:10:ed:53:66:87:ed:96:cd:
91:c2:82:b6:43:7b:9b:80:c4:dd:50:0d:ed:aa:62:c2:6b:4c:
e7:8c:22:0a:df:f2:80:3b:8e:6c:33:fc:c4:ac:d5:a2:ec:25:
8f:3f:b5:b0:e0:d5:33:01:03:cf:a0:cd:9b:ae:73:cf:a4:db:
74:41:b2:59:ee:48:ad:2c:88:a1:1e:7f:38:1b:2f:8b:77:bf:
99:10:70:eb:ec:54:6e:96:aa:04:3e:2e:08:a2:01:29:f6:02:
86:07:4b:44:87:4a:ae:54:29:cd:fe:7c:9f:db:6c:ec:4a:76:
a2:2b:be:4a:3c:6d:41:00:47:7f:86:e0:80:9e:20:48:58:ab:
13:97:0a:22:af:35:a8:43:de:e3:8c:d6:79:e3:b4:f5:0f:b0:
d4:90:e9:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBZzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODA3QTExMC8GA1UEBRMoNzI5RTJGOUMxRDg3QzIxNDczNTA3OENGRDIxQzYzOEUw
NzE1N0I1RDAeFw0yMzAzMjYwMzU1MjNaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MWZjMjJhLWVmYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDorMPXOvMMGxFpU9hlY8TMgYQYw69qnYzKIrpBSaYl4XDT3PPPEFic2sitXuNq
PSoWV0H6MZABcMAPLzA7I/Fr8W8Cr0rohcshjXGHMgSWjhsC08XmbAMYCnWp/E5O
FjRIF5m+9DyKk/Q5FjwDKYGBbBguGVOR8O+gcVw+nRUb6XpZWRrUKqkcSm4wDgTv
dh9l5vTQ3ECDqEG9o+hC+Gxiv0EumSnyuxMtSCgHkG2XzSTL34NDaSYNNwRgoxxq
/h97JrqSMis4qYSsPH396QpvqWzfELmg3wIYrH9TdfiiAAW1sBlicMWhGBHGXPdn
0CEIqXenpzSYPkrZVmeioEXlAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU/I9uv+NO
OnuXpRnuPLttcbuNiJcwHwYDVR0jBBgwFoAUcp4vnB2HwhRzUHjP0hxjjgcVe10w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4MDdBLzAyNjNBQjQ4M0U4
ODExRURBNjFBOUIyQUM0RjlBRTAyL2NwNHZuQjJId2hSelVIalAwaHhqamdjVmUx
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvY3A0dm5CMkh3aFJ6VUhqUDBoeGpqZ2NWZTEwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODA3QS8wMjYzQUI0ODNFODgxMUVEQTYxQTlCMkFDNEY5QUUwMi81RUFDODZCMjlD
NkMxMUVEOEY5RTBFNDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGcEZTAPBAIAAjAJAwcAIAEN8UhAMA0GCSqGSIb3DQEBCwUA
A4IBAQA597OoT3jT3GmWtv+pg7EP5bLvo+15RBJGhqO6O7gFnYEGPligYMOqW43G
36TmRFb3unx2FD7nVZyez7Uk3Lb5MSebY8IR7xD+YZWeL+VS9hA93n8xZmFqjttc
tpnRd0hxxp2JEO1TZoftls2RwoK2Q3ubgMTdUA3tqmLCa0znjCIK3/KAO45sM/zE
rNWi7CWPP7Ww4NUzAQPPoM2brnPPpNt0QbJZ7kitLIihHn84Gy+Ld7+ZEHDr7FRu
lqoEPi4IogEp9gKGB0tEh0quVCnN/nyf22zsSnaiK75KPG1BAEd/huCAniBIWKsT
lwoirzWoQ97jjNZ547T1D7DUkOmL
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org