Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/6665FB00A1CA11ED8467C854C4F9AE02.roa
File: 6665FB00A1CA11ED8467C854C4F9AE02.roa (raw, json)
Hash identifier: v7Taj20Xlnyb+v2qK5Tsdk8+I6TNYROSHvYb1N8WJm0=
Subject key identifier: C1:E9:23:3C:EE:C1:BB:1C:E3:ED:7A:3B:F8:8D:A0:BA:F0:AA:F4:0E
Certificate issuer: /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial: 05B3
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/6665FB00A1CA11ED8467C854C4F9AE02.roa
Signing time: Wed 01 Feb 2023 00:50:19 +0000
ROA not before: Wed 01 Feb 2023 00:50:19 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 103.54.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1459 (0x5b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Validity
Not Before: Feb 1 00:50:19 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63d9b74b-d491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4c:6a:2b:dc:d7:b0:bb:03:0f:ce:e2:bb:5e:
61:6e:88:f3:4a:9b:74:75:18:3c:a6:ab:d4:77:9d:
01:15:9b:59:9f:55:58:cb:9e:9c:aa:a5:98:13:e4:
c7:ce:fa:cb:ad:ab:5d:9e:69:7c:4e:31:50:d5:eb:
12:63:42:a8:8a:2c:92:c0:5e:ab:96:33:80:50:5f:
73:a5:75:5e:fb:69:0b:ac:19:8f:5a:07:a3:9c:86:
48:cc:54:cc:87:4a:ce:8e:e6:e1:33:95:46:6a:0e:
7d:f1:93:29:e0:f9:d3:fe:37:67:ae:22:a3:66:a4:
bf:6f:10:b2:95:18:3b:69:b0:b2:65:6d:4f:bc:1b:
05:ad:6d:cf:e5:e9:53:c6:eb:20:67:48:7c:92:2e:
9c:0e:91:f7:23:f9:72:c7:0c:85:0b:3e:20:4d:84:
58:39:a7:70:4e:d7:d7:f9:68:26:a3:7f:4f:a2:a8:
bf:ae:46:89:50:cd:0b:e1:07:56:14:93:85:a6:5a:
d2:26:02:62:78:67:2c:d1:da:4a:d8:f9:0d:26:e6:
cc:22:3a:f4:2e:14:f6:d8:17:fa:03:9a:08:0a:d1:
46:ba:cf:2e:a7:bd:5e:4b:ed:2e:b9:f2:c9:31:6c:
b4:e1:d0:8b:fb:d0:81:97:56:25:6c:7a:f2:8a:6d:
6d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E9:23:3C:EE:C1:BB:1C:E3:ED:7A:3B:F8:8D:A0:BA:F0:AA:F4:0E
X509v3 Authority Key Identifier:
keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/6665FB00A1CA11ED8467C854C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.152.0/24
Signature Algorithm: sha256WithRSAEncryption
94:83:ac:bb:67:f4:c0:7d:a3:1d:45:c1:b9:ef:be:f1:41:64:
94:dd:c1:f5:86:1f:4b:99:d7:6b:13:ab:75:b8:50:7f:b4:fa:
27:36:6b:00:03:8c:86:80:48:e2:70:2e:a2:07:92:50:da:6e:
4b:48:72:3f:d8:65:57:d7:04:40:7c:c0:06:7a:8e:a8:01:df:
b2:e0:30:4f:0a:da:e8:23:25:f6:89:2f:56:ca:19:a7:eb:2f:
63:27:54:a9:cf:9a:0f:fd:a5:61:22:39:fc:6f:45:b6:eb:4a:
bb:82:cd:1b:4e:61:f0:65:69:74:d7:b6:2e:88:85:65:f2:a0:
6a:27:93:2f:81:0e:55:69:d7:01:ee:0b:eb:0f:e4:02:7c:17:
ff:84:4c:0f:8a:ec:5e:9e:7d:6b:97:90:9b:e4:6b:a5:cc:88:
f8:1d:24:30:15:cd:c9:f0:5c:ba:67:f0:eb:92:70:1e:ce:07:
4c:34:8e:86:6e:f3:5b:ea:db:f2:a5:63:62:21:78:dc:00:7c:
cb:25:74:1c:cf:49:4f:2c:e1:1d:f2:de:2e:58:5b:df:30:c8:
82:7a:1b:5b:be:e8:af:37:8c:51:12:ae:a0:3c:d5:2c:54:5d:
1a:64:4d:a0:99:2b:47:60:53:68:b8:13:ba:f5:99:de:dd:b7:
f1:c3:d5:57
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjMwMjAxMDA1MDE5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q5Yjc0Yi1kNDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUxqK9zXsLsDD87iu15hbojzSpt0dRg8pqvUd50BFZtZn1VYy56cqqWYE+TH
zvrLratdnml8TjFQ1esSY0KoiiySwF6rljOAUF9zpXVe+2kLrBmPWgejnIZIzFTM
h0rOjubhM5VGag598ZMp4PnT/jdnriKjZqS/bxCylRg7abCyZW1PvBsFrW3P5elT
xusgZ0h8ki6cDpH3I/lyxwyFCz4gTYRYOadwTtfX+Wgmo39Poqi/rkaJUM0L4QdW
FJOFplrSJgJieGcs0dpK2PkNJubMIjr0LhT22Bf6A5oICtFGus8up71eS+0uufLJ
MWy04dCL+9CBl1YlbHryim1tPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMHpIzzu
wbsc4+16O/iNoLrwqvQOMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvNjY2NUZCMDBB
MUNBMTFFRDg0NjdDODU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnNpgwDQYJKoZIhvcNAQELBQADggEBAJSDrLtn9MB9ox1F
wbnvvvFBZJTdwfWGH0uZ12sTq3W4UH+0+ic2awADjIaASOJwLqIHklDabktIcj/Y
ZVfXBEB8wAZ6jqgB37LgME8K2ugjJfaJL1bKGafrL2MnVKnPmg/9pWEiOfxvRbbr
SruCzRtOYfBlaXTXti6IhWXyoGonky+BDlVp1wHuC+sP5AJ8F/+ETA+K7F6efWuX
kJvka6XMiPgdJDAVzcnwXLpn8OuScB7OB0w0joZu81vq2/KlY2IheNwAfMsldBzP
SU8s4R3y3i5YW98wyIJ6G1u+6K83jFESrqA81SxUXRpkTaCZK0dgU2i4E7r1md7d
t/HD1Vc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org