Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/3B23681A808211EDA356685CC4F9AE02.roa
File: 3B23681A808211EDA356685CC4F9AE02.roa (raw, json)
Hash identifier: CMPn91vj3Ldf30NcE3+TRt+6bFT7rkvX2x9ciAIRe64=
Subject key identifier: 5D:E0:A4:DA:79:28:48:21:C1:0F:89:23:36:E3:35:E4:D3:12:1A:8B
Certificate issuer: /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial: 0545
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/3B23681A808211EDA356685CC4F9AE02.roa
Signing time: Tue 20 Dec 2022 16:20:35 +0000
ROA not before: Tue 20 Dec 2022 16:20:35 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 2914
IP address blocks: 103.110.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1349 (0x545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Validity
Not Before: Dec 20 16:20:35 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63a1e0d2-95fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:64:0d:20:c8:ef:4d:ca:5f:2e:e2:25:17:77:
20:f6:5b:3b:9c:1e:93:f7:e6:00:36:84:c1:40:80:
50:67:92:f1:2a:2c:53:50:db:12:37:f8:18:a2:8d:
0d:ed:0c:7c:d8:68:1f:ae:bb:d1:94:fa:4e:62:98:
31:aa:64:91:90:36:73:ac:65:51:86:36:74:8b:92:
b9:42:0a:dc:84:f7:e8:a6:82:0e:ef:24:07:e5:02:
4a:62:08:d0:69:bb:0a:43:93:99:56:b8:0f:0e:43:
12:01:99:88:2e:f6:73:91:82:15:11:c6:20:b0:37:
7f:25:7b:ae:b1:86:10:9c:b4:bb:18:2d:b1:1f:7c:
e4:b8:70:8e:e7:25:93:8e:20:52:00:9b:54:1d:13:
6f:d7:5f:f7:f0:da:77:1b:1b:18:1b:75:47:da:7d:
4a:a3:55:61:ce:36:ab:82:ad:82:5f:fa:2d:69:e7:
84:c3:45:2c:01:24:6a:ca:e1:21:e1:bb:42:cc:a5:
8a:59:27:d3:7b:4e:4f:9b:38:f8:6f:b4:66:b9:23:
21:4a:9a:d1:04:81:fa:19:22:62:19:c5:6f:9f:64:
2f:1b:91:aa:0e:97:65:bc:c9:2a:88:9d:e3:9a:4e:
63:53:ba:ca:0f:bf:60:c0:de:25:24:f3:2f:1f:4a:
65:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E0:A4:DA:79:28:48:21:C1:0F:89:23:36:E3:35:E4:D3:12:1A:8B
X509v3 Authority Key Identifier:
keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/3B23681A808211EDA356685CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.104.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:a7:93:95:b9:b5:48:b6:15:f4:4d:3b:d7:4e:64:ef:06:1a:
fd:ad:39:8a:32:71:5c:72:80:6e:c1:35:25:67:d6:ac:37:6b:
80:ff:33:78:65:72:b5:b7:d4:37:6f:0e:5b:0e:83:ad:a1:d5:
a9:c7:b6:6a:97:4b:af:72:90:7a:d7:1c:70:06:b1:e1:aa:87:
db:7f:80:54:aa:00:f8:13:4c:aa:6d:7e:1e:3b:1f:bb:9e:6a:
a7:01:83:66:5e:91:b8:55:1e:81:34:21:ec:54:83:a6:4d:41:
d5:a5:dc:26:8b:6f:5e:ab:42:38:ae:52:bf:7d:dd:d4:3a:c3:
04:ce:c6:a6:09:aa:f8:4c:0a:98:d2:75:13:76:be:97:06:41:
f8:f8:08:7e:1b:5f:c6:40:87:e9:6a:24:d0:1f:44:23:cf:f8:
98:11:00:66:ae:f0:b1:fb:0a:b2:33:d2:c4:30:09:83:2c:a7:
f1:ca:07:82:a5:7d:46:3e:eb:c6:a4:ea:9f:cb:17:61:5b:aa:
c1:d6:57:c0:a7:a1:80:11:69:13:0e:22:8e:57:59:e5:74:d7:
0e:f8:2a:e9:73:4a:c2:1b:8d:d9:93:76:cf:d2:5e:d6:2e:0f:
0b:6e:9f:c9:2e:89:51:b0:de:01:35:bf:43:2f:7e:ec:34:82:
a5:9e:33:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjIxMjIwMTYyMDM1WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ExZTBkMi05NWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvmQNIMjvTcpfLuIlF3cg9ls7nB6T9+YANoTBQIBQZ5LxKixTUNsSN/gYoo0N
7Qx82GgfrrvRlPpOYpgxqmSRkDZzrGVRhjZ0i5K5QgrchPfopoIO7yQH5QJKYgjQ
absKQ5OZVrgPDkMSAZmILvZzkYIVEcYgsDd/JXuusYYQnLS7GC2xH3zkuHCO5yWT
jiBSAJtUHRNv11/38Np3GxsYG3VH2n1Ko1Vhzjargq2CX/otaeeEw0UsASRqyuEh
4btCzKWKWSfTe05Pmzj4b7RmuSMhSprRBIH6GSJiGcVvn2QvG5GqDpdlvMkqiJ3j
mk5jU7rKD79gwN4lJPMvH0plaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF3gpNp5
KEghwQ+JIzbjNeTTEhqLMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvM0IyMzY4MUE4
MDgyMTFFREEzNTY2ODVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbmgwDQYJKoZIhvcNAQELBQADggEBAKCnk5W5tUi2FfRN
O9dOZO8GGv2tOYoycVxygG7BNSVn1qw3a4D/M3hlcrW31DdvDlsOg62h1anHtmqX
S69ykHrXHHAGseGqh9t/gFSqAPgTTKptfh47H7ueaqcBg2ZekbhVHoE0IexUg6ZN
QdWl3CaLb16rQjiuUr993dQ6wwTOxqYJqvhMCpjSdRN2vpcGQfj4CH4bX8ZAh+lq
JNAfRCPP+JgRAGau8LH7CrIz0sQwCYMsp/HKB4KlfUY+68ak6p/LF2FbqsHWV8Cn
oYARaRMOIo5XWeV01w74KulzSsIbjdmTds/SXtYuDwtun8kuiVGw3gE1v0Mvfuw0
gqWeM5I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org