Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/62BD58BA449011EC9C3C3648C4F9AE02.roa
File: 62BD58BA449011EC9C3C3648C4F9AE02.roa (raw, json)
Hash identifier: IM3cAQaxHFQuZFEQKZwuAn9h9VAPZ5lFWTVUmHPbtGg=
Subject key identifier: 1D:A9:CE:83:7A:E9:0C:2E:39:21:98:72:D4:F2:77:33:AB:58:C6:FD
Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial: 0885
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/62BD58BA449011EC9C3C3648C4F9AE02.roa
Signing time: Fri 17 Dec 2021 13:17:23 +0000
ROA not before: Fri 17 Dec 2021 13:17:23 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 134599
IP address blocks: 103.214.200.0/24 maxlen: 24
103.214.203.0/24 maxlen: 24
144.48.150.0/24 maxlen: 24
144.48.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2181 (0x885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Validity
Not Before: Dec 17 13:17:23 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=61bc8de3-a41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:13:8f:04:59:25:13:9b:58:97:9a:a0:32:
39:8d:f7:8b:21:13:c2:1c:d0:78:85:d5:50:6e:9c:
44:09:1e:78:e8:30:4d:80:b1:5f:82:1e:8d:72:19:
b1:88:36:79:98:d9:42:1d:80:a4:e8:45:8e:fd:a5:
2a:b6:b3:1a:7f:6e:8e:9e:a7:d0:10:8b:c9:bf:2a:
bd:54:97:e7:34:4a:0e:f0:a2:0e:24:fb:ed:5e:c8:
45:ba:11:ff:95:b5:86:22:73:29:d5:cf:29:7d:d5:
71:96:17:fc:2f:f2:6b:76:dc:f4:c8:4d:ee:49:a5:
86:43:ba:4a:7e:89:da:07:5a:02:89:f6:63:f6:04:
08:18:1f:7b:8b:2f:a8:38:75:59:d9:a5:82:a1:ac:
50:ba:15:b1:a3:8c:98:27:68:51:46:00:16:01:35:
b6:09:22:bb:8f:17:a8:d0:c0:09:6d:04:86:49:56:
e6:e5:3c:89:4b:14:21:68:29:5d:d1:8e:db:ef:2b:
6a:6c:1d:81:1d:9a:c8:d9:d5:42:88:36:e2:2e:e7:
70:2a:86:46:d1:83:30:06:62:5c:ed:1a:e4:7c:ca:
e8:09:f1:f3:6a:3b:49:ca:b4:2d:61:18:14:79:89:
45:b0:0f:9c:66:ae:18:74:1e:93:5f:e3:3e:88:0a:
4a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A9:CE:83:7A:E9:0C:2E:39:21:98:72:D4:F2:77:33:AB:58:C6:FD
X509v3 Authority Key Identifier:
keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/62BD58BA449011EC9C3C3648C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.200.0/24
103.214.203.0/24
144.48.150.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:1e:fd:02:29:88:33:dc:db:43:c7:67:04:13:8c:0d:5b:66:
cd:79:9d:e4:16:fb:66:42:30:64:c6:38:e3:23:01:75:c7:ad:
c8:79:14:b3:30:90:58:bf:8f:b1:61:ab:ed:44:f0:3a:37:9a:
a0:8e:6d:82:fc:64:c5:ad:37:3d:5c:42:69:46:05:53:36:49:
f7:85:af:7f:25:3f:da:41:95:2f:49:50:78:ba:8f:3d:b5:f1:
40:3e:01:4b:75:3e:5f:e6:dc:b4:05:bc:eb:f2:3e:67:1d:9f:
15:c6:f9:f8:4e:ed:64:a5:07:32:82:02:0f:14:cd:3d:65:e4:
f7:dd:1c:db:a2:2c:84:a1:d4:e7:86:e1:5e:a0:73:24:31:1a:
01:c0:c5:8d:36:7c:b4:eb:4e:3c:26:74:ee:71:93:dc:6c:69:
e6:b4:c2:74:e0:f9:2c:c7:f3:b2:4a:7a:66:e5:8d:a0:ec:b8:
e5:f8:d9:6a:67:ce:90:be:ab:cc:5d:96:bc:42:a2:c4:b0:fb:
f1:7c:a9:ed:a9:a0:85:53:85:d4:66:96:25:be:6b:65:0b:20:
6d:57:31:f9:26:e6:90:db:fb:24:6a:13:8f:eb:06:6a:87:19:
ad:3e:f0:fc:74:f7:b3:2d:8d:97:2a:32:8c:9e:c7:e4:44:cd:
ad:0d:f8:72
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjExMjE3MTMxNzIzWhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWJjOGRlMy1hNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvpgTjwRZJRObWJeaoDI5jfeLIRPCHNB4hdVQbpxECR546DBNgLFfgh6Nchmx
iDZ5mNlCHYCk6EWO/aUqtrMaf26OnqfQEIvJvyq9VJfnNEoO8KIOJPvtXshFuhH/
lbWGInMp1c8pfdVxlhf8L/Jrdtz0yE3uSaWGQ7pKfonaB1oCifZj9gQIGB97iy+o
OHVZ2aWCoaxQuhWxo4yYJ2hRRgAWATW2CSK7jxeo0MAJbQSGSVbm5TyJSxQhaCld
0Y7b7ytqbB2BHZrI2dVCiDbiLudwKoZG0YMwBmJc7RrkfMroCfHzajtJyrQtYRgU
eYlFsA+cZq4YdB6TX+M+iApKpwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB2pzoN6
6QwuOSGYctTydzOrWMb9MB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvNjJCRDU4QkE0
NDkwMTFFQzlDM0MzNjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABn1sgDBABn1ssDBAGQMJYwDQYJKoZIhvcNAQELBQADggEB
AC0e/QIpiDPc20PHZwQTjA1bZs15neQW+2ZCMGTGOOMjAXXHrch5FLMwkFi/j7Fh
q+1E8Do3mqCObYL8ZMWtNz1cQmlGBVM2SfeFr38lP9pBlS9JUHi6jz218UA+AUt1
Pl/m3LQFvOvyPmcdnxXG+fhO7WSlBzKCAg8UzT1l5PfdHNuiLISh1OeG4V6gcyQx
GgHAxY02fLTrTjwmdO5xk9xsaea0wnTg+SzH87JKembljaDsuOX42WpnzpC+q8xd
lrxCosSw+/F8qe2poIVThdRmliW+a2ULIG1XMfkm5pDb+yRqE4/rBmqHGa0+8Px0
97MtjZcqMoyex+REza0N+HI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org