Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/3C41B1FC808211EDA356685CC4F9AE02.roa
File: 3C41B1FC808211EDA356685CC4F9AE02.roa (raw, json)
Hash identifier: MdBL0og5VPzLeGeFsoE/OaKkDByJISRh0NIx188obUE=
Subject key identifier: 3F:B5:39:DB:36:19:2D:5D:5E:7B:02:C9:37:4B:AA:86:DA:0B:62:91
Certificate issuer: /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial: 0546
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/3C41B1FC808211EDA356685CC4F9AE02.roa
Signing time: Tue 20 Dec 2022 16:20:37 +0000
ROA not before: Tue 20 Dec 2022 16:20:37 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 61317
IP address blocks: 103.110.104.0/24 maxlen: 24
103.110.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1350 (0x546)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Validity
Not Before: Dec 20 16:20:37 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63a1e0d4-92ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:ad:55:d4:25:34:52:79:21:c6:fa:89:c7:
2a:f0:a9:33:6e:62:60:be:37:c6:c6:d9:0c:ea:dd:
92:74:2a:41:c6:3e:22:b5:c1:07:20:48:fe:c4:d5:
1c:3f:a4:61:ae:7e:b2:c1:ad:9e:ac:17:41:56:af:
f1:4e:86:a2:2f:de:d1:f5:68:78:d3:b6:e2:05:09:
1c:65:83:a7:61:a0:46:ec:01:1f:84:68:37:46:ba:
c2:1e:fa:31:74:be:46:3b:44:2c:43:4d:bc:6a:18:
64:85:d3:ed:75:0d:51:31:10:f9:bf:31:c7:7a:13:
b1:7c:26:40:19:95:ff:e0:55:1a:dd:b6:33:8d:21:
3e:df:51:1f:bc:00:39:a2:ad:e8:96:dc:9b:44:b8:
99:45:2a:14:7c:3b:7a:99:c0:21:c4:b9:f2:13:56:
6f:ca:32:68:be:e5:c9:d3:8e:9c:40:7b:17:20:ca:
a0:b6:51:2c:ba:f9:8d:14:7c:35:57:10:8a:d5:d4:
2f:7b:6c:8d:10:e6:5c:8e:09:ef:34:44:be:a6:4b:
52:38:aa:c8:d4:8a:7a:45:28:3f:2c:b8:dc:a1:c7:
d6:d3:58:f0:2b:b7:39:2f:12:fd:35:48:4e:3a:8f:
39:b9:e8:87:fe:d4:58:18:2f:bc:33:47:60:67:a1:
d3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B5:39:DB:36:19:2D:5D:5E:7B:02:C9:37:4B:AA:86:DA:0B:62:91
X509v3 Authority Key Identifier:
keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/3C41B1FC808211EDA356685CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.104.0/24
103.110.106.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:06:c9:c3:1f:cf:a6:a4:05:c5:c2:55:da:be:e1:24:6a:01:
c1:11:48:6b:20:45:b6:c3:8a:2c:23:6d:bd:e3:3e:ef:dd:61:
63:25:75:87:3e:35:6b:31:55:aa:3a:36:43:4a:94:d4:b4:0f:
f0:36:9f:fd:bf:2c:50:59:61:81:c8:13:2f:55:cd:f2:a5:63:
1e:4f:81:7d:fa:7d:78:95:c8:06:1a:bb:f8:2a:f4:bb:ba:26:
68:f3:7d:75:d2:ee:93:ba:5d:cf:86:75:4b:64:9c:f5:9e:62:
06:4c:be:46:4e:e2:8b:68:a6:c2:9f:20:c2:f0:a4:c8:cd:fc:
10:36:f0:e9:77:7f:cb:83:63:54:84:41:f4:e2:81:c6:96:38:
25:83:9f:91:51:4d:74:3b:a6:cf:3a:4a:d4:f0:01:51:f9:a4:
c3:dd:1a:d4:46:16:a1:d9:fd:e4:7d:d8:16:3c:4c:64:6f:23:
b4:e1:e6:b3:a1:a5:f4:f8:a2:65:b3:50:ba:0a:c0:5c:4f:29:
ed:85:dc:20:9b:0e:24:83:d1:57:ca:db:ec:95:32:2f:be:45:
59:1a:b3:1a:51:5f:61:06:76:5a:ff:75:99:1f:92:17:20:85:
90:87:09:03:9f:f1:ec:f5:f7:87:c6:c0:0f:fe:db:a7:63:08:
f9:6b:73:5a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjIxMjIwMTYyMDM3WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ExZTBkNC05MmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQStVdQlNFJ5Icb6iccq8KkzbmJgvjfGxtkM6t2SdCpBxj4itcEHIEj+xNUc
P6Rhrn6ywa2erBdBVq/xToaiL97R9Wh407biBQkcZYOnYaBG7AEfhGg3RrrCHvox
dL5GO0QsQ028ahhkhdPtdQ1RMRD5vzHHehOxfCZAGZX/4FUa3bYzjSE+31EfvAA5
oq3oltybRLiZRSoUfDt6mcAhxLnyE1ZvyjJovuXJ046cQHsXIMqgtlEsuvmNFHw1
VxCK1dQve2yNEOZcjgnvNES+pktSOKrI1Ip6RSg/LLjcocfW01jwK7c5LxL9NUhO
Oo85ueiH/tRYGC+8M0dgZ6HTdwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFD+1Ods2
GS1dXnsCyTdLqobaC2KRMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvM0M0MUIxRkM4
MDgyMTFFREEzNTY2ODVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnbmgDBABnbmowDQYJKoZIhvcNAQELBQADggEBACoGycMf
z6akBcXCVdq+4SRqAcERSGsgRbbDiiwjbb3jPu/dYWMldYc+NWsxVao6NkNKlNS0
D/A2n/2/LFBZYYHIEy9VzfKlYx5PgX36fXiVyAYau/gq9Lu6JmjzfXXS7pO6Xc+G
dUtknPWeYgZMvkZO4otopsKfIMLwpMjN/BA28Ol3f8uDY1SEQfTigcaWOCWDn5FR
TXQ7ps86StTwAVH5pMPdGtRGFqHZ/eR92BY8TGRvI7Th5rOhpfT4omWzULoKwFxP
Ke2F3CCbDiSD0VfK2+yVMi++RVkasxpRX2EGdlr/dZkfkhcghZCHCQOf8ez194fG
wA/+26djCPlrc1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org