Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/607E2CE8B93D11EBAB7A7F46C4F9AE02.roa
File: 607E2CE8B93D11EBAB7A7F46C4F9AE02.roa (raw, json)
Hash identifier: 5z/Gk9I4LUbJzY6R0hHKk9UsMRIUHIZEOahGreVfUCw=
Subject key identifier: 59:2C:5B:66:89:2F:53:48:5F:CE:F5:43:6B:8A:B9:C4:E3:59:42:03
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 2F30
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/607E2CE8B93D11EBAB7A7F46C4F9AE02.roa
Signing time: Tue 25 May 2021 16:04:07 +0000
ROA not before: Tue 25 May 2021 16:04:07 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 133707
IP address blocks: 103.47.124.0/24 maxlen: 24
103.47.125.0/24 maxlen: 24
103.47.126.0/24 maxlen: 24
103.47.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12080 (0x2f30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 25 16:04:07 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60ad1ff7-b4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:50:cf:f4:67:8f:f4:fa:93:ee:67:9c:82:88:
1c:4c:46:91:2a:fa:de:a1:3c:42:e5:3a:ea:10:03:
05:72:5a:e7:85:9b:d3:93:7e:54:79:7e:32:12:ab:
ce:34:14:89:22:67:d3:de:c9:f2:d0:56:43:a8:68:
bd:ea:85:20:91:f5:21:9f:ba:aa:3c:5b:63:a0:f9:
d2:15:e5:82:40:77:da:42:ac:f4:63:9a:c3:ce:8b:
a6:af:bd:15:cf:d7:ec:83:82:e0:c4:20:87:1a:f7:
cb:91:21:f4:d2:9b:17:25:14:ef:e4:6d:78:39:c2:
d7:a2:bd:49:ab:97:9b:e0:02:de:f2:78:47:dd:be:
47:e9:cc:5b:c9:9c:ac:07:46:a4:fc:a7:60:85:ef:
e1:ca:26:83:bb:b2:54:c7:d2:43:d7:2b:f6:13:72:
5e:21:21:38:b8:8d:d7:ad:a1:e1:19:60:61:47:9b:
6d:59:5e:7b:81:cf:9b:29:ba:3c:32:56:19:fc:11:
23:8c:bd:54:51:ca:9b:cc:1c:22:48:e3:7f:21:1b:
4d:97:27:08:2c:2d:8f:f7:66:82:24:0c:51:1f:af:
b3:9f:69:0b:ae:6a:92:57:85:9e:11:d1:cf:3b:3f:
1c:95:6b:0a:87:39:40:07:2d:11:85:7f:e3:01:c3:
ba:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2C:5B:66:89:2F:53:48:5F:CE:F5:43:6B:8A:B9:C4:E3:59:42:03
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/607E2CE8B93D11EBAB7A7F46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.47.124.0/22
Signature Algorithm: sha256WithRSAEncryption
88:5c:ed:03:c8:08:2d:1b:a9:3b:9f:0a:a7:a3:32:67:c2:fc:
a5:2d:a6:83:19:cb:94:94:bc:10:bb:6c:b3:56:4d:c2:b7:20:
b8:81:bf:98:03:b4:79:99:39:7e:04:23:e7:79:c7:60:ff:28:
5f:06:c9:0f:20:91:4a:b1:d7:1c:b2:37:05:c2:20:3c:83:ac:
76:32:c9:a6:42:bb:31:af:49:fc:c6:c0:db:a9:1c:89:a9:55:
cd:07:fd:a9:59:73:75:5f:de:52:9d:d7:07:eb:5b:df:33:10:
02:71:db:11:1b:2e:ba:de:9b:01:16:0e:42:8d:3f:92:9f:12:
90:da:d2:28:a1:eb:90:9f:a4:4a:90:ba:9e:cc:fe:54:29:6b:
14:2a:9b:8b:b3:09:9d:ba:b6:7a:43:58:92:06:32:58:31:0b:
b6:ee:da:d4:70:ba:14:eb:98:8e:63:2a:f2:33:32:06:01:b5:
89:36:5b:3e:21:ea:5d:21:73:45:84:c0:89:0b:03:60:df:5f:
82:e3:79:8a:a1:09:32:7d:fa:a6:a7:84:fb:da:91:ed:ac:4f:
19:13:b5:08:06:fa:0b:7f:d6:ad:57:ce:5f:94:d2:f0:17:54:
45:32:db:2c:54:a1:81:32:df:54:b3:31:09:2c:bc:0d:2d:30:
b7:37:fa:53
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICLzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjEwNTI1MTYwNDA3WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGFkMWZmNy1iNGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx1DP9GeP9PqT7mecgogcTEaRKvreoTxC5TrqEAMFclrnhZvTk35UeX4yEqvO
NBSJImfT3sny0FZDqGi96oUgkfUhn7qqPFtjoPnSFeWCQHfaQqz0Y5rDzoumr70V
z9fsg4LgxCCHGvfLkSH00psXJRTv5G14OcLXor1Jq5eb4ALe8nhH3b5H6cxbyZys
B0ak/Kdghe/hyiaDu7JUx9JD1yv2E3JeISE4uI3XraHhGWBhR5ttWV57gc+bKbo8
MlYZ/BEjjL1UUcqbzBwiSON/IRtNlycILC2P92aCJAxRH6+zn2kLrmqSV4WeEdHP
Oz8clWsKhzlABy0RhX/jAcO6FQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFksW2aJ
L1NIX871Q2uKucTjWUIDMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjA3RTJDRThC
OTNEMTFFQkFCN0E3RjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnL3wwDQYJKoZIhvcNAQELBQADggEBAIhc7QPICC0bqTuf
CqejMmfC/KUtpoMZy5SUvBC7bLNWTcK3ILiBv5gDtHmZOX4EI+d5x2D/KF8GyQ8g
kUqx1xyyNwXCIDyDrHYyyaZCuzGvSfzGwNupHImpVc0H/alZc3Vf3lKd1wfrW98z
EAJx2xEbLrremwEWDkKNP5KfEpDa0iih65CfpEqQup7M/lQpaxQqm4uzCZ26tnpD
WJIGMlgxC7bu2tRwuhTrmI5jKvIzMgYBtYk2Wz4h6l0hc0WEwIkLA2DfX4LjeYqh
CTJ9+qanhPvake2sTxkTtQgG+gt/1q1Xzl+U0vAXVEUy2yxUoYEy31SzMQksvA0t
MLc3+lM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org