Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1A6415089E8F11EEBACC156CC4F9AE02.roa
File: 1A6415089E8F11EEBACC156CC4F9AE02.roa (raw, json)
Hash identifier: okAKJs+DolFerqXUOo8F4LjQ+WhMzod8EY8bJRhnqn4=
Subject key identifier: 43:2F:B1:D0:AF:A7:32:5B:15:16:7A:11:CF:18:B8:50:3C:EA:2B:E2
Certificate issuer: /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial: 061C
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1A6415089E8F11EEBACC156CC4F9AE02.roa
Signing time: Tue 19 Dec 2023 16:53:16 +0000
ROA not before: Tue 19 Dec 2023 16:53:16 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 49645
IP address blocks: 103.110.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1564 (0x61c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Validity
Not Before: Dec 19 16:53:16 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6581ca7b-52d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:76:10:14:28:b9:ce:54:39:b1:13:9f:c6:e2:
57:29:f1:96:33:13:37:ce:c6:c3:77:b0:e0:d4:69:
ee:66:05:c7:5a:68:d5:73:80:4a:ef:bf:b7:17:46:
1d:a4:6a:52:20:7b:ab:05:f6:fe:e7:d1:6b:22:be:
7d:d1:25:67:26:8b:dc:49:c9:13:a4:17:b9:4a:fd:
29:49:ee:5f:be:f1:a5:fd:38:77:99:ed:bc:08:08:
8e:e7:31:33:fc:87:35:c0:bb:65:7a:23:57:80:cd:
eb:c3:1d:a9:eb:23:6c:6a:cb:4d:7c:fc:39:3c:cf:
20:8e:5e:a1:6c:29:39:64:9b:41:2a:e8:25:c6:04:
b0:d3:cb:6a:f8:ad:9a:84:18:be:60:d3:5e:29:94:
c9:68:c2:38:b7:95:80:dc:92:18:24:79:9f:9f:4c:
0e:70:fd:a7:c6:da:57:17:06:24:ff:ba:51:bc:7f:
65:af:8a:6b:7e:e0:39:f4:e2:27:16:89:32:61:fb:
ea:da:34:bf:ce:ab:3c:e6:8e:4e:70:70:c7:f5:24:
35:38:12:6e:78:6f:36:60:3e:a6:84:d7:2a:85:aa:
64:5f:e8:14:e4:9b:09:35:b5:2c:b1:c8:52:76:85:
de:69:4a:3f:72:7e:c4:af:0b:fc:9c:05:75:01:a6:
91:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:2F:B1:D0:AF:A7:32:5B:15:16:7A:11:CF:18:B8:50:3C:EA:2B:E2
X509v3 Authority Key Identifier:
keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1A6415089E8F11EEBACC156CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.106.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ba:1f:97:d3:62:1e:f6:ea:00:08:bf:f0:48:13:b8:6b:49:
5f:82:53:5d:37:e8:e9:cb:4b:c7:ef:d6:0d:86:93:8d:b7:3a:
ba:d1:2b:c4:06:e6:ef:32:d7:f1:40:db:09:00:2a:9f:8d:92:
38:1f:86:79:6c:21:b6:63:3b:d7:5d:dc:25:27:ca:27:3a:2a:
c6:d0:af:54:0c:ca:d5:86:10:8e:3e:bc:5a:cf:10:31:84:06:
73:e0:76:b0:8f:a9:57:fe:e9:8a:b6:b6:ff:08:ad:41:8b:33:
f2:71:cb:6a:13:f8:dc:68:04:90:0b:95:bf:da:6d:67:51:ec:
37:a9:c0:8c:7b:5d:53:ce:ac:29:99:b5:8b:33:e6:5e:ed:cb:
ca:b4:ae:40:4b:8d:40:39:78:8e:9e:a4:b7:a5:70:8f:3d:83:
1d:bf:90:64:45:6b:8c:8a:f7:b5:cc:9b:4f:26:f9:19:63:82:
22:08:d8:27:e9:d3:ce:20:8a:85:91:0e:69:24:b8:0b:03:39:
96:04:bb:c6:53:7a:ff:53:81:01:8f:8f:3c:f1:2f:d3:72:9f:
d2:ce:ec:b2:00:f3:d2:93:d7:c2:16:9a:2f:b5:67:7e:54:c9:
d7:cf:5c:a6:69:d3:4d:b1:e4:39:b2:96:de:86:48:05:4c:2e:
da:3e:24:e8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjMxMjE5MTY1MzE2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgxY2E3Yi01MmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA03YQFCi5zlQ5sROfxuJXKfGWMxM3zsbDd7Dg1GnuZgXHWmjVc4BK77+3F0Yd
pGpSIHurBfb+59FrIr590SVnJovcSckTpBe5Sv0pSe5fvvGl/Th3me28CAiO5zEz
/Ic1wLtleiNXgM3rwx2p6yNsastNfPw5PM8gjl6hbCk5ZJtBKuglxgSw08tq+K2a
hBi+YNNeKZTJaMI4t5WA3JIYJHmfn0wOcP2nxtpXFwYk/7pRvH9lr4prfuA59OIn
FokyYfvq2jS/zqs85o5OcHDH9SQ1OBJueG82YD6mhNcqhapkX+gU5JsJNbUsschS
doXeaUo/cn7Erwv8nAV1AaaR3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEMvsdCv
pzJbFRZ6Ec8YuFA86iviMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvMUE2NDE1MDg5
RThGMTFFRUJBQ0MxNTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbmowDQYJKoZIhvcNAQELBQADggEBAEW6H5fTYh726gAI
v/BIE7hrSV+CU1036OnLS8fv1g2Gk423OrrRK8QG5u8y1/FA2wkAKp+Nkjgfhnls
IbZjO9dd3CUnyic6KsbQr1QMytWGEI4+vFrPEDGEBnPgdrCPqVf+6Yq2tv8IrUGL
M/Jxy2oT+NxoBJALlb/abWdR7DepwIx7XVPOrCmZtYsz5l7ty8q0rkBLjUA5eI6e
pLelcI89gx2/kGRFa4yK97XMm08m+RljgiII2Cfp084gioWRDmkkuAsDOZYEu8ZT
ev9TgQGPjzzxL9Nyn9LO7LIA89KT18IWmi+1Z35UydfPXKZp002x5Dmylt6GSAVM
Lto+JOg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org