Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4FBBA4B2543D11EC986FD119C4F9AE02.roa
File: 4FBBA4B2543D11EC986FD119C4F9AE02.roa (raw, json)
Hash identifier: DB1pnLzBXy15c+M6Dcfpqmf9m1oZJTrNpkB42mSZ0Iw=
Subject key identifier: BE:93:67:55:20:79:9A:2A:16:C0:73:7A:AC:DE:69:F4:41:38:DA:51
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 42CA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4FBBA4B2543D11EC986FD119C4F9AE02.roa
Signing time: Fri 03 Dec 2021 13:31:25 +0000
ROA not before: Fri 03 Dec 2021 13:31:25 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 147268
IP address blocks: 103.176.254.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17098 (0x42ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 3 13:31:25 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61aa1c2d-3fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:30:01:82:da:ce:18:95:2e:51:d1:cc:df:d5:
92:73:2f:85:cb:49:ce:0c:6e:bf:bf:43:df:fd:e1:
86:36:9c:57:84:2a:a6:01:e1:b3:c6:3c:54:5d:bc:
7e:e6:c3:dc:1e:e3:38:26:bd:61:bd:90:0e:11:2e:
66:5e:7c:a4:10:04:d8:2b:ef:1c:4d:2f:af:b9:5a:
03:aa:35:44:a7:57:d7:3f:cd:57:b9:6c:82:9f:2f:
cf:e0:5c:14:0f:9b:d0:04:29:f5:dd:d0:93:b2:e6:
a3:43:15:84:fc:10:0e:5d:ea:15:0c:3f:bf:fe:28:
fa:12:e5:bf:25:11:ed:05:4f:9a:61:22:c6:ee:98:
ef:1a:af:7b:ae:6b:35:9e:11:28:d2:e5:3d:23:eb:
66:4c:59:a9:5f:e5:95:02:24:1d:4a:92:fe:27:a6:
fe:80:7e:4f:3c:58:87:8d:36:f6:92:d8:0f:da:8f:
64:cd:8b:91:71:b0:fa:f5:8b:66:e7:fa:65:53:51:
8d:c3:5b:7a:20:dd:40:24:36:d6:ce:e9:b7:5f:b6:
64:78:58:4d:f9:47:c1:9e:95:d3:02:4a:aa:b4:75:
4d:98:92:e9:5d:59:2d:af:f5:25:a5:8b:c9:22:16:
f9:dd:0e:72:8b:23:dd:3c:7f:03:4c:bf:b1:f0:26:
84:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:93:67:55:20:79:9A:2A:16:C0:73:7A:AC:DE:69:F4:41:38:DA:51
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4FBBA4B2543D11EC986FD119C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:a7:d9:25:9d:1d:2f:12:86:73:af:f1:07:2b:c5:a7:13:2a:
5e:4d:2e:ed:9a:60:fc:90:5b:93:b8:b7:d3:ec:43:ad:ff:be:
87:0b:66:c5:e9:70:b9:63:6e:da:db:18:fc:75:c6:07:24:86:
95:8b:6c:f4:fe:26:89:c9:ae:7e:bc:d7:fe:79:f3:87:81:f5:
74:31:71:24:5c:51:6b:01:22:99:ef:ee:39:f4:79:51:5e:cc:
7a:01:0d:3a:c0:ae:7a:c8:a3:b6:aa:26:dd:08:99:24:74:e0:
25:99:32:57:69:1e:49:52:37:1f:f7:cb:31:7e:d5:fe:c8:1d:
ae:53:44:61:0a:2c:9b:47:68:5e:18:d3:7d:04:a8:1d:9e:45:
e0:a1:ac:2c:09:2b:e9:1a:37:14:94:7f:5a:38:9c:9f:e4:f7:
74:6c:f7:af:5f:14:17:69:f4:01:2e:68:1f:53:d9:03:dc:d2:
54:3e:91:73:ca:5c:4d:ae:9e:de:ec:12:80:04:c5:5e:19:9b:
22:32:9b:30:a1:6d:c3:50:96:9d:e5:a5:6f:40:c7:78:8e:e7:
0b:a2:49:97:83:d2:90:0a:f9:19:3f:bc:bd:82:62:f7:3d:79:
44:f5:2d:75:88:06:52:3b:71:c0:22:92:e8:a6:e9:31:a9:9f:
55:91:ad:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICQsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjExMjAzMTMzMTI1WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWFhMWMyZC0zZmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7DABgtrOGJUuUdHM39WScy+Fy0nODG6/v0Pf/eGGNpxXhCqmAeGzxjxUXbx+
5sPcHuM4Jr1hvZAOES5mXnykEATYK+8cTS+vuVoDqjVEp1fXP81XuWyCny/P4FwU
D5vQBCn13dCTsuajQxWE/BAOXeoVDD+//ij6EuW/JRHtBU+aYSLG7pjvGq97rms1
nhEo0uU9I+tmTFmpX+WVAiQdSpL+J6b+gH5PPFiHjTb2ktgP2o9kzYuRcbD69Ytm
5/plU1GNw1t6IN1AJDbWzum3X7ZkeFhN+UfBnpXTAkqqtHVNmJLpXVktr/UlpYvJ
Ihb53Q5yiyPdPH8DTL+x8CaEdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFL6TZ1Ug
eZoqFsBzeqzeafRBONpRMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEZCQkE0QjI1
NDNEMTFFQzk4NkZEMTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsP4wDQYJKoZIhvcNAQELBQADggEBALKn2SWdHS8ShnOv
8QcrxacTKl5NLu2aYPyQW5O4t9PsQ63/vocLZsXpcLljbtrbGPx1xgckhpWLbPT+
JonJrn681/5584eB9XQxcSRcUWsBIpnv7jn0eVFezHoBDTrArnrIo7aqJt0ImSR0
4CWZMldpHklSNx/3yzF+1f7IHa5TRGEKLJtHaF4Y030EqB2eReChrCwJK+kaNxSU
f1o4nJ/k93Rs969fFBdp9AEuaB9T2QPc0lQ+kXPKXE2unt7sEoAExV4ZmyIymzCh
bcNQlp3lpW9Ax3iO5wuiSZeD0pAK+Rk/vL2CYvc9eUT1LXWIBlI7ccAikuim6TGp
n1WRrZs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org