Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/941144240AA211EE8FB5CC3AC4F9AE02.roa
File: 941144240AA211EE8FB5CC3AC4F9AE02.roa (raw, json)
Hash identifier: PyRoAksAtV+2orIGQDVoBcPEuMPaDYru2iAoH8K1K4w=
Subject key identifier: B3:18:11:E7:6F:F9:DB:6E:CD:19:A8:67:C3:DD:D6:E6:CA:E2:A0:F2
Certificate issuer: /CN=A9174C15/serialNumber=C7B0004FF6B18688C197BC4B39FAC125D49FBCF9
Certificate serial: 039C
Authority key identifier: C7:B0:00:4F:F6:B1:86:88:C1:97:BC:4B:39:FA:C1:25:D4:9F:BC:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7AAT_axhojBl7xLOfrBJdSfvPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/941144240AA211EE8FB5CC3AC4F9AE02.roa
Signing time: Wed 14 Jun 2023 10:59:48 +0000
ROA not before: Wed 14 Jun 2023 10:59:48 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 14618
IP address blocks: 103.172.141.0/24 maxlen: 24
2407:d4c0:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924 (0x39c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174C15/serialNumber=C7B0004FF6B18688C197BC4B39FAC125D49FBCF9
Validity
Not Before: Jun 14 10:59:48 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64899da4-5c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cc:ce:5f:9a:1c:bb:d6:ec:9c:22:db:b0:2c:
19:99:da:dc:97:af:3c:d3:07:eb:18:44:86:2c:9b:
76:4b:86:34:dd:e4:0b:f5:30:98:7e:2e:e9:39:a1:
56:05:e7:6d:6d:39:c1:4e:aa:d2:56:cd:36:0a:f2:
76:62:00:f8:9f:e5:71:15:92:3e:5c:63:1b:5f:f8:
29:54:76:92:4e:3d:59:2d:ba:c6:86:0c:78:30:99:
ce:aa:0d:2a:8d:06:a4:d0:74:d9:ca:18:c7:a9:23:
08:85:cd:55:93:19:ec:4b:b3:fe:6c:da:1a:ff:ff:
e0:75:03:d0:1b:7c:f8:62:c6:a0:20:7d:ef:85:be:
22:1c:64:73:4a:7b:64:a7:8c:ed:33:e5:e6:3a:e1:
74:d6:f5:a8:09:27:bc:04:0b:02:f2:6a:9e:8e:73:
6a:05:e9:1e:0f:11:a2:0a:3a:f2:49:8b:65:f0:4e:
88:94:b1:6a:c6:49:2a:da:6d:1e:d1:14:e5:b4:4f:
77:f0:f7:fa:14:d6:71:d7:a3:6e:ae:c9:60:72:ca:
4c:57:89:43:f6:bb:19:68:76:d4:8c:f9:2e:98:b6:
ca:7a:56:37:2a:7b:a5:e6:19:3a:31:6e:28:93:41:
c9:09:cc:56:77:b8:8c:ec:a5:00:4a:93:db:53:a1:
2c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:18:11:E7:6F:F9:DB:6E:CD:19:A8:67:C3:DD:D6:E6:CA:E2:A0:F2
X509v3 Authority Key Identifier:
keyid:C7:B0:00:4F:F6:B1:86:88:C1:97:BC:4B:39:FA:C1:25:D4:9F:BC:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/x7AAT_axhojBl7xLOfrBJdSfvPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7AAT_axhojBl7xLOfrBJdSfvPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/941144240AA211EE8FB5CC3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.141.0/24
IPv6:
2407:d4c0:1000::/40
Signature Algorithm: sha256WithRSAEncryption
66:2b:04:b6:df:89:87:56:b6:7f:9e:05:0b:89:ca:73:86:9e:
5d:7f:6b:6c:de:92:6d:e0:55:f0:5d:2b:72:79:74:96:fa:e6:
96:dc:6a:e9:74:f8:1f:e6:16:0d:78:48:66:52:95:4b:a0:1c:
9a:02:8e:e2:dc:30:c8:fc:61:69:9d:cc:7b:2a:48:b7:3e:8a:
1b:35:86:7d:43:02:fd:22:30:68:9f:15:b6:c7:85:10:ec:1f:
c1:f5:32:fb:81:d3:c4:87:a1:e3:00:fc:1c:13:f5:d2:8a:d1:
12:e3:74:1e:66:43:8c:90:9e:75:30:a5:6d:e5:3c:d2:73:75:
62:4c:64:a4:e0:42:81:3c:49:10:a0:e9:84:12:59:58:a7:ec:
14:33:ab:48:ba:66:71:78:fb:e2:0e:41:5f:67:0a:5c:d2:ad:
d9:f8:37:e2:3b:d7:fe:69:24:84:28:f3:9b:a7:b3:4a:d5:48:
e1:d8:32:30:e5:05:64:7e:6b:dc:4a:41:27:aa:82:db:a5:b9:
16:22:1f:1f:cf:08:21:47:8e:37:5a:19:10:3c:89:9f:a9:08:
cb:4c:58:24:28:d2:d9:44:3a:6d:44:8f:bd:53:27:14:b6:03:
cf:50:11:aa:5b:3a:60:56:16:54:eb:4c:a9:a1:25:c7:07:df:
f9:47:ed:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICA5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzRDMTUxMTAvBgNVBAUTKEM3QjAwMDRGRjZCMTg2ODhDMTk3QkM0QjM5RkFDMTI1
RDQ5RkJDRjkwHhcNMjMwNjE0MTA1OTQ4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg5OWRhNC01YzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxczOX5ocu9bsnCLbsCwZmdrcl6880wfrGESGLJt2S4Y03eQL9TCYfi7pOaFW
BedtbTnBTqrSVs02CvJ2YgD4n+VxFZI+XGMbX/gpVHaSTj1ZLbrGhgx4MJnOqg0q
jQak0HTZyhjHqSMIhc1VkxnsS7P+bNoa///gdQPQG3z4YsagIH3vhb4iHGRzSntk
p4ztM+XmOuF01vWoCSe8BAsC8mqejnNqBekeDxGiCjrySYtl8E6IlLFqxkkq2m0e
0RTltE938Pf6FNZx16NurslgcspMV4lD9rsZaHbUjPkumLbKelY3Knul5hk6MW4o
k0HJCcxWd7iM7KUASpPbU6EsbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLMYEedv
+dtuzRmoZ8Pd1ubK4qDyMB8GA1UdIwQYMBaAFMewAE/2sYaIwZe8Szn6wSXUn7z5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEMxNS9BQzlDNkI1MDBB
NDQxMUVDOTQ3OTdFNTNDNEY5QUUwMi94N0FBVF9heGhvakJsN3hMT2ZyQkpkU2Z2
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3g3QUFUX2F4aG9qQmw3eExPZnJCSmRTZnZQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzRDMTUvQUM5QzZCNTAwQTQ0MTFFQzk0Nzk3RTUzQzRGOUFFMDIvOTQxMTQ0MjQw
QUEyMTFFRThGQjVDQzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABnrI0wDgQCAAIwCAMGACQH1MAQMA0GCSqGSIb3DQEBCwUA
A4IBAQBmKwS234mHVrZ/ngULicpzhp5df2ts3pJt4FXwXStyeXSW+uaW3GrpdPgf
5hYNeEhmUpVLoByaAo7i3DDI/GFpncx7Kki3PoobNYZ9QwL9IjBonxW2x4UQ7B/B
9TL7gdPEh6HjAPwcE/XSitES43QeZkOMkJ51MKVt5TzSc3ViTGSk4EKBPEkQoOmE
EllYp+wUM6tIumZxePviDkFfZwpc0q3Z+DfiO9f+aSSEKPObp7NK1Ujh2DIw5QVk
fmvcSkEnqoLbpbkWIh8fzwghR443WhkQPImfqQjLTFgkKNLZRDptRI+9UycUtgPP
UBGqWzpgVhZU60ypoSXHB9/5R+3K
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org