Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/94A798CA0AA211EE8FB5CC3AC4F9AE02.roa
File: 94A798CA0AA211EE8FB5CC3AC4F9AE02.roa (raw, json)
Hash identifier: duZMMauTJnfauYXbYMcBahRA3qzXuU8WWMfKiEB9rBI=
Subject key identifier: 26:61:2D:85:3A:05:95:D7:E5:1E:CE:CC:08:D0:C9:0A:46:B5:62:E1
Certificate issuer: /CN=A9174C15/serialNumber=C7B0004FF6B18688C197BC4B39FAC125D49FBCF9
Certificate serial: 039D
Authority key identifier: C7:B0:00:4F:F6:B1:86:88:C1:97:BC:4B:39:FA:C1:25:D4:9F:BC:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7AAT_axhojBl7xLOfrBJdSfvPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/94A798CA0AA211EE8FB5CC3AC4F9AE02.roa
Signing time: Wed 14 Jun 2023 10:59:49 +0000
ROA not before: Wed 14 Jun 2023 10:59:49 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 16509
IP address blocks: 103.172.141.0/24 maxlen: 24
2407:d4c0:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925 (0x39d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174C15/serialNumber=C7B0004FF6B18688C197BC4B39FAC125D49FBCF9
Validity
Not Before: Jun 14 10:59:49 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64899da5-02cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:56:58:f6:cb:80:b1:8a:50:e7:2e:e7:cf:31:
ae:d9:54:15:b6:e2:54:e1:76:58:4d:63:d8:da:4a:
6c:51:3f:de:43:6c:38:28:17:e3:77:0c:eb:c9:63:
f2:15:fe:79:b0:7e:a1:51:ce:68:f0:4b:6e:84:4c:
fa:e9:d9:08:21:20:7b:67:75:8c:ef:df:96:b1:dc:
13:0f:6c:59:65:25:67:a1:41:81:2e:c6:5b:7d:d1:
74:6b:49:27:3f:93:c9:58:93:58:de:09:40:31:ff:
31:73:ac:c6:e9:89:91:0b:24:2b:25:58:b0:88:0a:
a6:69:c3:0b:b5:45:8b:a1:5d:39:30:5f:8d:59:6e:
fe:7c:95:e3:da:21:5c:39:c8:3e:95:e4:cd:1c:93:
63:4f:14:68:5e:73:68:9c:b1:88:e0:0e:f4:0c:06:
0b:6f:a2:bc:5e:2a:ce:b7:e8:77:dd:8f:9f:24:1a:
78:e4:a5:27:27:a6:49:ac:1f:08:3d:8b:3d:1b:30:
a5:b4:74:39:52:ea:2a:a1:d6:f2:b6:5f:f8:28:dc:
fb:0b:6d:d2:6a:d7:ac:8e:b4:6b:04:ae:89:2b:9b:
62:e7:ca:33:d6:14:78:e8:e7:97:b7:4e:cc:dd:48:
20:dc:2a:11:cc:03:bb:a3:34:36:b4:41:db:09:d6:
d8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:61:2D:85:3A:05:95:D7:E5:1E:CE:CC:08:D0:C9:0A:46:B5:62:E1
X509v3 Authority Key Identifier:
keyid:C7:B0:00:4F:F6:B1:86:88:C1:97:BC:4B:39:FA:C1:25:D4:9F:BC:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/x7AAT_axhojBl7xLOfrBJdSfvPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7AAT_axhojBl7xLOfrBJdSfvPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174C15/AC9C6B500A4411EC94797E53C4F9AE02/94A798CA0AA211EE8FB5CC3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.141.0/24
IPv6:
2407:d4c0:1000::/40
Signature Algorithm: sha256WithRSAEncryption
16:74:9a:4b:86:4d:8e:c2:fe:1f:ec:70:59:53:8b:63:a3:b5:
5a:80:d7:e9:b0:89:e2:09:d7:fd:77:db:3d:2d:71:f5:cb:c7:
55:ef:c7:f4:4d:32:4c:8c:3b:de:0c:e3:2c:b6:74:ab:8a:8e:
52:bd:6c:57:b2:af:0d:d5:77:d9:97:81:6b:6d:36:3a:37:da:
90:91:ac:9f:de:f8:15:83:20:e7:70:73:92:bc:7e:58:cf:1e:
a4:df:f0:fd:5d:21:2b:56:cb:16:d6:02:73:1f:f2:8c:4b:d0:
68:b4:57:59:84:7a:6c:7e:d1:35:31:23:97:51:28:20:93:7f:
8b:2d:04:a5:bf:d1:90:4b:37:40:cf:7f:33:63:90:4d:77:15:
66:0a:77:ee:96:bc:87:5c:f5:0f:5a:5a:c2:bf:2d:bc:d9:28:
d6:d6:10:a5:13:23:93:53:f7:05:9a:2c:5b:16:52:e6:55:17:
06:fc:40:c5:68:59:cb:f7:82:b2:55:94:10:0e:67:61:f2:bc:
79:c7:77:40:ba:d1:91:80:64:63:8c:88:96:f4:70:15:19:ba:
bd:76:0f:db:65:2c:1e:62:dc:65:8e:73:0d:19:06:f4:55:a7:
46:f3:4f:ea:9c:44:2b:0e:e4:aa:54:c3:bb:0b:71:99:41:2a:
37:f1:46:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICA50wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzRDMTUxMTAvBgNVBAUTKEM3QjAwMDRGRjZCMTg2ODhDMTk3QkM0QjM5RkFDMTI1
RDQ5RkJDRjkwHhcNMjMwNjE0MTA1OTQ5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg5OWRhNS0wMmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2lZY9suAsYpQ5y7nzzGu2VQVtuJU4XZYTWPY2kpsUT/eQ2w4KBfjdwzryWPy
Ff55sH6hUc5o8EtuhEz66dkIISB7Z3WM79+WsdwTD2xZZSVnoUGBLsZbfdF0a0kn
P5PJWJNY3glAMf8xc6zG6YmRCyQrJViwiAqmacMLtUWLoV05MF+NWW7+fJXj2iFc
Ocg+leTNHJNjTxRoXnNonLGI4A70DAYLb6K8XirOt+h33Y+fJBp45KUnJ6ZJrB8I
PYs9GzCltHQ5Uuoqodbytl/4KNz7C23SatesjrRrBK6JK5ti58oz1hR46OeXt07M
3Ugg3CoRzAO7ozQ2tEHbCdbYzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCZhLYU6
BZXX5R7OzAjQyQpGtWLhMB8GA1UdIwQYMBaAFMewAE/2sYaIwZe8Szn6wSXUn7z5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEMxNS9BQzlDNkI1MDBB
NDQxMUVDOTQ3OTdFNTNDNEY5QUUwMi94N0FBVF9heGhvakJsN3hMT2ZyQkpkU2Z2
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3g3QUFUX2F4aG9qQmw3eExPZnJCSmRTZnZQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzRDMTUvQUM5QzZCNTAwQTQ0MTFFQzk0Nzk3RTUzQzRGOUFFMDIvOTRBNzk4Q0Ew
QUEyMTFFRThGQjVDQzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E
IDAeMAwEAgABMAYDBABnrI0wDgQCAAIwCAMGACQH1MAQMA0GCSqGSIb3DQEBCwUA
A4IBAQAWdJpLhk2Owv4f7HBZU4tjo7VagNfpsIniCdf9d9s9LXH1y8dV78f0TTJM
jDveDOMstnSrio5SvWxXsq8N1XfZl4FrbTY6N9qQkayf3vgVgyDncHOSvH5Yzx6k
3/D9XSErVssW1gJzH/KMS9BotFdZhHpsftE1MSOXUSggk3+LLQSlv9GQSzdAz38z
Y5BNdxVmCnfulryHXPUPWlrCvy282SjW1hClEyOTU/cFmixbFlLmVRcG/EDFaFnL
94KyVZQQDmdh8rx5x3dAutGRgGRjjIiW9HAVGbq9dg/bZSweYtxljnMNGQb0VadG
80/qnEQrDuSqVMO7C3GZQSo38UZM
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org