Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A608/7480FC8802E711EAB0450418C4F9AE02/645EF064A8C411EC8F560C42C4F9AE02.roa
File: 645EF064A8C411EC8F560C42C4F9AE02.roa (raw, json)
Hash identifier: wH7yMB5cViqPuNoiNcFpt+pUdVMGkbkSdz11yVDYxZ0=
Subject key identifier: 6C:43:3E:69:A3:B8:17:6F:66:D1:0D:3B:AC:D6:1A:3D:4F:0F:71:9C
Certificate issuer: /CN=A917A608/serialNumber=211C550B53EB20475185BABCDE7E70DF674448B7
Certificate serial: 08DD
Authority key identifier: 21:1C:55:0B:53:EB:20:47:51:85:BA:BC:DE:7E:70:DF:67:44:48:B7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IRxVC1PrIEdRhbq83n5w32dESLc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A608/7480FC8802E711EAB0450418C4F9AE02/645EF064A8C411EC8F560C42C4F9AE02.roa
Signing time: Mon 21 Mar 2022 03:09:59 +0000
ROA not before: Mon 21 Mar 2022 03:09:59 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 137020
IP address blocks: 103.137.162.0/23 maxlen: 23
103.137.162.0/24 maxlen: 24
103.137.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2269 (0x8dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A608/serialNumber=211C550B53EB20475185BABCDE7E70DF674448B7
Validity
Not Before: Mar 21 03:09:59 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=6237ec87-3570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:28:1f:e3:f7:ac:86:0c:b0:30:c7:ce:f3:d6:
c3:42:79:f8:d1:8d:6b:a0:13:e2:a9:e9:23:48:34:
2f:cf:7b:6b:5b:09:b8:6b:0e:f9:12:1c:21:30:f8:
3b:55:4d:d2:56:e0:36:7a:9f:87:cc:00:3f:79:2b:
9d:b8:f1:6e:ed:06:da:62:d3:6e:23:ad:ef:46:53:
ef:0c:ff:8a:33:f3:d5:95:ec:50:da:cb:68:af:d3:
1c:e0:de:b9:84:b5:c3:34:86:5b:ae:11:4e:1e:a1:
c9:e6:c2:8d:3b:51:8a:f6:55:31:16:74:69:f6:27:
c3:71:cf:26:60:06:5e:f6:7b:c8:fa:17:42:ed:3d:
79:e1:dd:85:5f:b9:9c:a7:44:bd:b6:47:04:d1:3e:
65:b8:aa:62:4b:d6:28:65:4d:28:78:a9:96:d6:59:
8b:21:a2:1e:aa:45:65:ce:cb:17:98:43:72:9c:07:
9c:e6:49:7c:a7:12:e9:54:d3:d8:9c:21:4b:28:9f:
68:77:c3:04:6a:8d:0e:2d:96:8c:03:17:a4:d8:94:
ff:d7:64:5e:02:16:4b:c9:92:dd:ce:d8:c0:0d:b7:
9f:a0:cd:9e:98:a5:4f:fb:a9:68:84:a9:5e:bd:a8:
0d:9c:c9:ea:19:d9:c9:99:3f:a8:6e:93:94:05:43:
65:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:43:3E:69:A3:B8:17:6F:66:D1:0D:3B:AC:D6:1A:3D:4F:0F:71:9C
X509v3 Authority Key Identifier:
keyid:21:1C:55:0B:53:EB:20:47:51:85:BA:BC:DE:7E:70:DF:67:44:48:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A608/7480FC8802E711EAB0450418C4F9AE02/IRxVC1PrIEdRhbq83n5w32dESLc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IRxVC1PrIEdRhbq83n5w32dESLc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A608/7480FC8802E711EAB0450418C4F9AE02/645EF064A8C411EC8F560C42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.162.0/23
Signature Algorithm: sha256WithRSAEncryption
61:04:fd:d7:8e:b6:b2:a8:38:18:14:6a:7b:9a:86:53:2b:e2:
73:4c:7f:97:fd:0e:51:04:3e:17:34:ed:41:1c:85:c5:2c:72:
8b:c8:fb:24:5c:0f:cc:a5:31:33:19:30:10:07:29:50:32:b7:
c3:f4:5e:70:09:80:31:a9:fa:4d:cf:5a:37:a9:db:df:86:ec:
3a:e9:14:f3:18:01:ff:20:a0:14:34:14:dc:25:b4:74:40:9b:
b2:b9:52:ab:3c:b6:03:f3:37:c3:f1:06:50:f4:da:7f:b8:40:
3f:cd:7c:51:f2:62:53:58:7b:2e:05:d9:96:36:a3:8d:99:8a:
e4:37:eb:2a:18:08:6e:51:45:73:f4:18:7a:87:00:1c:8d:06:
06:d0:be:5c:f6:dc:ab:36:28:f9:fd:c6:63:ac:02:93:42:e9:
f8:6d:a8:bf:7e:f6:14:ec:a4:30:5d:25:58:70:4c:fd:d9:6a:
84:2f:e7:bd:b3:2f:b0:5d:72:ba:34:3f:03:0e:1d:08:45:02:
f6:2b:85:18:38:0b:2c:a5:6f:9b:a7:86:f1:de:1b:fc:0b:61:
0d:91:6d:0a:01:de:a6:cf:44:5a:66:85:25:ea:78:e5:c1:64:
e0:59:b2:e7:80:ae:01:ce:3e:9c:11:cb:78:b4:b9:45:65:95:
a7:4f:8e:74
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E2MDgxMTAvBgNVBAUTKDIxMUM1NTBCNTNFQjIwNDc1MTg1QkFCQ0RFN0U3MERG
Njc0NDQ4QjcwHhcNMjIwMzIxMDMwOTU5WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjM3ZWM4Ny0zNTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5igf4/eshgywMMfO89bDQnn40Y1roBPiqekjSDQvz3trWwm4aw75EhwhMPg7
VU3SVuA2ep+HzAA/eSuduPFu7QbaYtNuI63vRlPvDP+KM/PVlexQ2stor9Mc4N65
hLXDNIZbrhFOHqHJ5sKNO1GK9lUxFnRp9ifDcc8mYAZe9nvI+hdC7T154d2FX7mc
p0S9tkcE0T5luKpiS9YoZU0oeKmW1lmLIaIeqkVlzssXmENynAec5kl8pxLpVNPY
nCFLKJ9od8MEao0OLZaMAxek2JT/12ReAhZLyZLdztjADbefoM2emKVP+6lohKle
vagNnMnqGdnJmT+obpOUBUNlxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGxDPmmj
uBdvZtENO6zWGj1PD3GcMB8GA1UdIwQYMBaAFCEcVQtT6yBHUYW6vN5+cN9nREi3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTYwOC83NDgwRkM4ODAy
RTcxMUVBQjA0NTA0MThDNEY5QUUwMi9JUnhWQzFQcklFZFJoYnE4M241dzMyZEVT
TGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lSeFZDMVBySUVkUmhicTgzbjV3MzJkRVNMYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E2MDgvNzQ4MEZDODgwMkU3MTFFQUIwNDUwNDE4QzRGOUFFMDIvNjQ1RUYwNjRB
OEM0MTFFQzhGNTYwQzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFniaIwDQYJKoZIhvcNAQELBQADggEBAGEE/deOtrKoOBgU
anuahlMr4nNMf5f9DlEEPhc07UEchcUscovI+yRcD8ylMTMZMBAHKVAyt8P0XnAJ
gDGp+k3PWjep29+G7DrpFPMYAf8goBQ0FNwltHRAm7K5Uqs8tgPzN8PxBlD02n+4
QD/NfFHyYlNYey4F2ZY2o42ZiuQ36yoYCG5RRXP0GHqHAByNBgbQvlz23Ks2KPn9
xmOsApNC6fhtqL9+9hTspDBdJVhwTP3ZaoQv572zL7Bdcro0PwMOHQhFAvYrhRg4
Cyylb5unhvHeG/wLYQ2RbQoB3qbPRFpmhSXqeOXBZOBZsueArgHOPpwRy3i0uUVl
ladPjnQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-ams.rpki-client.org