Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9187E45/5F6AB10C529711ECA377E670C4F9AE02/321C3BA8460611EE85F84D80C4F9AE02.roa
File: 321C3BA8460611EE85F84D80C4F9AE02.roa (raw, json)
Hash identifier: kpSjDOFwn62ouLzC90vRM+X5ERPmCHbZKRBU6QQL8nU=
Subject key identifier: 7D:06:BB:9F:71:F0:E8:44:8C:16:3A:E1:8F:33:C7:86:1F:85:7D:5D
Certificate issuer: /CN=A9187E45/serialNumber=B7C2BECC97B42379C44AD1AEB5E073E2A3DA511E
Certificate serial: 0335
Authority key identifier: B7:C2:BE:CC:97:B4:23:79:C4:4A:D1:AE:B5:E0:73:E2:A3:DA:51:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8K-zJe0I3nEStGuteBz4qPaUR4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9187E45/5F6AB10C529711ECA377E670C4F9AE02/321C3BA8460611EE85F84D80C4F9AE02.roa
Signing time: Tue 29 Aug 2023 00:56:29 +0000
ROA not before: Tue 29 Aug 2023 00:56:29 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 149794
IP address blocks: 103.174.210.0/24 maxlen: 24
103.176.189.0/24 maxlen: 24
2400:7060::/32 maxlen: 32
2400:7060::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 821 (0x335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9187E45/serialNumber=B7C2BECC97B42379C44AD1AEB5E073E2A3DA511E
Validity
Not Before: Aug 29 00:56:29 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64ed423c-5cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ae:24:94:0e:4c:4c:ce:6c:c7:d8:b0:fc:17:
71:4e:a1:b1:99:25:65:6a:e4:6a:ec:3e:71:81:c4:
93:56:18:eb:2d:2b:00:31:e8:1e:7c:5d:24:a1:e0:
fa:80:58:8d:44:f6:1c:e1:82:15:28:27:d3:48:75:
b4:d2:67:43:42:46:b8:35:de:c2:b4:b1:b3:aa:b7:
27:4a:fc:b6:a1:6d:7b:b5:67:4f:e3:fb:ae:1c:4f:
42:bc:29:f1:3b:7b:0c:2f:0b:32:d0:03:e7:82:5c:
4b:3c:7d:12:b8:a5:19:f0:d8:d4:a1:76:c4:94:90:
36:c0:77:c0:52:3e:f3:d9:ca:6a:ce:11:a3:8e:4d:
87:f2:3d:a9:74:09:df:71:ff:c7:62:d5:51:72:1e:
c3:41:3d:55:ef:1a:0f:b4:c4:cb:db:3d:48:6d:02:
60:1e:4b:d4:6f:f0:77:13:c4:03:03:c1:38:e5:93:
4d:74:b6:83:7a:65:b3:32:7a:99:99:52:70:75:46:
49:11:ae:3f:e5:d6:11:f4:fd:5a:92:4d:7b:14:a1:
89:00:6b:98:e4:18:8b:02:be:2a:2d:63:32:32:47:
bb:fd:ee:3e:6f:85:82:79:21:f3:43:90:e5:05:83:
fe:aa:9d:07:ca:e9:75:31:98:39:a1:6c:3e:d5:df:
e4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:06:BB:9F:71:F0:E8:44:8C:16:3A:E1:8F:33:C7:86:1F:85:7D:5D
X509v3 Authority Key Identifier:
keyid:B7:C2:BE:CC:97:B4:23:79:C4:4A:D1:AE:B5:E0:73:E2:A3:DA:51:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9187E45/5F6AB10C529711ECA377E670C4F9AE02/t8K-zJe0I3nEStGuteBz4qPaUR4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t8K-zJe0I3nEStGuteBz4qPaUR4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9187E45/5F6AB10C529711ECA377E670C4F9AE02/321C3BA8460611EE85F84D80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.210.0/24
103.176.189.0/24
IPv6:
2400:7060::/32
Signature Algorithm: sha256WithRSAEncryption
d2:ea:9d:c0:2a:46:2f:1d:04:01:fa:d0:8e:bf:07:b8:58:5e:
95:f6:07:0e:40:01:b7:9f:73:8f:43:70:18:74:47:98:c9:f9:
6e:e4:0e:ad:22:cd:54:04:25:01:a0:4f:c0:84:f1:80:6e:17:
81:c3:a3:df:d4:fd:8b:72:ec:45:5e:c5:8a:ed:83:b1:c7:36:
85:fc:23:d4:96:e6:e3:c1:cd:23:20:21:5f:07:0c:cd:ca:ce:
02:33:3a:60:78:f6:d9:f8:2c:c1:3c:4c:08:bf:47:f6:0a:39:
40:14:37:e8:2e:47:a0:0e:cc:94:ed:8f:17:ca:21:1b:1e:d5:
b9:48:69:10:22:af:df:f9:d4:0a:be:96:c9:15:3e:61:b1:c6:
f3:9d:c3:78:e8:83:ad:61:05:5b:38:54:96:25:ff:7b:46:b0:
90:6f:65:a9:07:88:68:5f:65:69:68:61:ca:94:9d:2f:f6:57:
90:d0:a5:6d:0f:8d:ac:62:ac:99:dd:61:ca:d3:8a:9a:e6:be:
8e:13:70:b5:51:13:ee:38:35:03:69:a4:eb:24:69:94:92:3c:
43:0d:f8:9f:4d:3b:f1:5b:d2:b3:63:0b:b5:a7:30:d3:0d:e4:
a9:5c:03:ed:91:ce:18:6d:ff:8f:b7:de:66:b0:29:82:0b:e5:
d7:95:ec:42
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODdFNDUxMTAvBgNVBAUTKEI3QzJCRUNDOTdCNDIzNzlDNDRBRDFBRUI1RTA3M0Uy
QTNEQTUxMUUwHhcNMjMwODI5MDA1NjI5WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVkNDIzYy01Y2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA364klA5MTM5sx9iw/BdxTqGxmSVlauRq7D5xgcSTVhjrLSsAMegefF0koeD6
gFiNRPYc4YIVKCfTSHW00mdDQka4Nd7CtLGzqrcnSvy2oW17tWdP4/uuHE9CvCnx
O3sMLwsy0APnglxLPH0SuKUZ8NjUoXbElJA2wHfAUj7z2cpqzhGjjk2H8j2pdAnf
cf/HYtVRch7DQT1V7xoPtMTL2z1IbQJgHkvUb/B3E8QDA8E45ZNNdLaDemWzMnqZ
mVJwdUZJEa4/5dYR9P1akk17FKGJAGuY5BiLAr4qLWMyMke7/e4+b4WCeSHzQ5Dl
BYP+qp0Hyul1MZg5oWw+1d/kIQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFH0Gu59x
8OhEjBY64Y8zx4YfhX1dMB8GA1UdIwQYMBaAFLfCvsyXtCN5xErRrrXgc+Kj2lEe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4N0U0NS81RjZBQjEwQzUy
OTcxMUVDQTM3N0U2NzBDNEY5QUUwMi90OEstekplMEkzbkVTdEd1dGVCejRxUGFV
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q4Sy16SmUwSTNuRVN0R3V0ZUJ6NHFQYVVSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODdFNDUvNUY2QUIxMEM1Mjk3MTFFQ0EzNzdFNjcwQzRGOUFFMDIvMzIxQzNCQTg0
NjA2MTFFRTg1Rjg0RDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnrtIDBABnsL0wDQQCAAIwBwMFACQAcGAwDQYJKoZIhvcN
AQELBQADggEBANLqncAqRi8dBAH60I6/B7hYXpX2Bw5AAbefc49DcBh0R5jJ+W7k
Dq0izVQEJQGgT8CE8YBuF4HDo9/U/Yty7EVexYrtg7HHNoX8I9SW5uPBzSMgIV8H
DM3KzgIzOmB49tn4LME8TAi/R/YKOUAUN+guR6AOzJTtjxfKIRse1blIaRAir9/5
1Aq+lskVPmGxxvOdw3jog61hBVs4VJYl/3tGsJBvZakHiGhfZWloYcqUnS/2V5DQ
pW0PjaxirJndYcrTiprmvo4TcLVRE+44NQNppOskaZSSPEMN+J9NO/Fb0rNjC7Wn
MNMN5KlcA+2Rzhht/4+33mawKYIL5deV7EI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org