Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9180542/0A479C90CAE911E9BBE92183C4F9AE02/30D03F3C4CC111EC9B0F697EC4F9AE02.roa
File: 30D03F3C4CC111EC9B0F697EC4F9AE02.roa (raw, json)
Hash identifier: AnDbfLlgsrK6YySYJYTa7wpceWUsOQJy+GGILCl27bU=
Subject key identifier: FD:37:D0:1B:3E:54:DB:2A:30:EC:4F:D9:2E:7B:D5:2F:CC:8E:1C:5A
Certificate issuer: /CN=A9180542/serialNumber=AE54F61A8FBDFEB9EF034557BC89D7113B01503C
Certificate serial: 0335
Authority key identifier: AE:54:F6:1A:8F:BD:FE:B9:EF:03:45:57:BC:89:D7:11:3B:01:50:3C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rlT2Go-9_rnvA0VXvInXETsBUDw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9180542/0A479C90CAE911E9BBE92183C4F9AE02/30D03F3C4CC111EC9B0F697EC4F9AE02.roa
Signing time: Mon 02 Oct 2023 18:36:16 +0000
ROA not before: Mon 02 Oct 2023 18:36:16 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 136902
IP address blocks: 103.142.120.0/24 maxlen: 24
103.142.121.0/24 maxlen: 24
2001:df1:4080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 821 (0x335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9180542/serialNumber=AE54F61A8FBDFEB9EF034557BC89D7113B01503C
Validity
Not Before: Oct 2 18:36:16 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=651b0da0-8b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f0:98:e2:4a:5b:d1:4a:86:f4:94:ba:12:90:
03:a5:7a:c9:db:37:42:6e:e5:3d:3c:fb:c2:0f:c9:
14:e3:62:21:6f:87:cf:cf:e4:ad:f5:f0:34:33:26:
5f:c6:ff:7b:93:68:84:89:7b:36:a8:d6:6b:cc:3f:
b3:5d:88:07:3f:67:1e:7b:02:9d:c6:2c:cc:81:80:
a0:93:26:ff:a5:a7:14:90:0b:f6:cc:5a:43:c2:b9:
1d:5e:24:59:b3:a7:90:2f:35:51:19:a1:8a:25:78:
02:9b:88:a7:4b:ce:1f:da:88:37:a3:82:35:da:51:
56:ae:b3:bc:75:d8:d8:b7:8e:4c:98:6a:ce:16:cc:
fe:6d:5e:ae:20:b1:83:7f:63:c3:a7:65:c6:af:2c:
1a:f9:8e:ec:0b:0d:f2:a0:9b:63:1c:19:27:40:fd:
85:40:d2:49:68:c6:b5:3f:fa:72:29:f7:23:54:f0:
37:e1:47:92:43:c1:63:11:55:2e:95:df:95:3e:b6:
06:49:ba:4a:70:92:01:90:ca:40:a2:27:fe:bc:cd:
05:9f:b1:6f:ef:f4:b9:43:ea:70:de:c0:ec:32:cb:
b8:e2:f0:ad:4a:d8:73:4c:74:e9:f8:4e:be:3f:c0:
de:4c:33:17:3d:85:e4:19:ab:47:f0:a6:2d:69:a8:
e9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:37:D0:1B:3E:54:DB:2A:30:EC:4F:D9:2E:7B:D5:2F:CC:8E:1C:5A
X509v3 Authority Key Identifier:
keyid:AE:54:F6:1A:8F:BD:FE:B9:EF:03:45:57:BC:89:D7:11:3B:01:50:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9180542/0A479C90CAE911E9BBE92183C4F9AE02/rlT2Go-9_rnvA0VXvInXETsBUDw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rlT2Go-9_rnvA0VXvInXETsBUDw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9180542/0A479C90CAE911E9BBE92183C4F9AE02/30D03F3C4CC111EC9B0F697EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.142.120.0/23
IPv6:
2001:df1:4080::/48
Signature Algorithm: sha256WithRSAEncryption
a6:7a:dd:09:71:f7:ab:55:4a:e8:ff:94:a2:85:19:40:31:59:
29:04:cb:1c:31:9c:92:b6:1e:7a:0d:4b:2e:83:3c:58:28:86:
2f:51:a7:28:a4:b3:b1:63:03:58:7a:22:ed:8c:9e:8a:ea:a1:
50:15:ff:7c:30:0a:4a:2f:36:09:70:d4:e5:8d:ac:91:66:2e:
75:a5:17:86:fe:d7:16:28:41:7d:ab:1c:ac:bf:8e:cb:b2:68:
0e:01:6a:69:aa:fd:24:e1:d3:74:4f:c6:c2:35:23:7f:95:ea:
9f:ba:97:75:3f:53:30:df:5c:5b:83:d7:d2:e5:46:d2:fb:5e:
35:7d:76:20:48:78:79:37:d9:2d:12:91:15:d0:58:98:8b:4d:
51:2d:3c:a7:d8:e9:b2:1a:d9:33:81:0f:ce:33:bd:04:ca:bf:
4d:94:3c:0c:c0:5b:01:c1:a7:16:59:cb:14:ab:ae:a0:c8:52:
b9:9c:dd:43:ce:99:23:4c:e8:59:ff:60:95:3c:e7:7f:66:cd:
f0:db:77:9d:f3:d5:f6:e5:36:e1:6b:f0:bf:dc:a5:0c:64:20:
58:52:91:6c:92:21:15:b9:c7:9f:25:74:9d:e0:1f:a0:cd:3e:
81:b6:6b:6e:2d:8d:62:88:79:23:87:2d:ef:ab:d7:d3:69:68:
31:2d:d0:68
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODA1NDIxMTAvBgNVBAUTKEFFNTRGNjFBOEZCREZFQjlFRjAzNDU1N0JDODlENzEx
M0IwMTUwM0MwHhcNMjMxMDAyMTgzNjE2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFiMGRhMC04YjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9fCY4kpb0UqG9JS6EpADpXrJ2zdCbuU9PPvCD8kU42Ihb4fPz+St9fA0MyZf
xv97k2iEiXs2qNZrzD+zXYgHP2ceewKdxizMgYCgkyb/pacUkAv2zFpDwrkdXiRZ
s6eQLzVRGaGKJXgCm4inS84f2og3o4I12lFWrrO8ddjYt45MmGrOFsz+bV6uILGD
f2PDp2XGrywa+Y7sCw3yoJtjHBknQP2FQNJJaMa1P/pyKfcjVPA34UeSQ8FjEVUu
ld+VPrYGSbpKcJIBkMpAoif+vM0Fn7Fv7/S5Q+pw3sDsMsu44vCtSthzTHTp+E6+
P8DeTDMXPYXkGatH8KYtaajpJQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFP030Bs+
VNsqMOxP2S571S/MjhxaMB8GA1UdIwQYMBaAFK5U9hqPvf657wNFV7yJ1xE7AVA8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDU0Mi8wQTQ3OUM5MENB
RTkxMUU5QkJFOTIxODNDNEY5QUUwMi9ybFQyR28tOV9ybnZBMFZYdkluWEVUc0JV
RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JsVDJHby05X3JudkEwVlh2SW5YRVRzQlVEdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODA1NDIvMEE0NzlDOTBDQUU5MTFFOUJCRTkyMTgzQzRGOUFFMDIvMzBEMDNGM0M0
Q0MxMTFFQzlCMEY2OTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnjngwDwQCAAIwCQMHACABDfFAgDANBgkqhkiG9w0BAQsF
AAOCAQEApnrdCXH3q1VK6P+UooUZQDFZKQTLHDGckrYeeg1LLoM8WCiGL1GnKKSz
sWMDWHoi7YyeiuqhUBX/fDAKSi82CXDU5Y2skWYudaUXhv7XFihBfascrL+Oy7Jo
DgFqaar9JOHTdE/GwjUjf5Xqn7qXdT9TMN9cW4PX0uVG0vteNX12IEh4eTfZLRKR
FdBYmItNUS08p9jpshrZM4EPzjO9BMq/TZQ8DMBbAcGnFlnLFKuuoMhSuZzdQ86Z
I0zoWf9glTznf2bN8Nt3nfPV9uU24Wvwv9ylDGQgWFKRbJIhFbnHnyV0neAfoM0+
gbZrbi2NYoh5I4ct76vX02loMS3QaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org