Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191989/587414D2863B11EDB57E7C35C4F9AE02/E8000C4E866F11ED8EDFC568C4F9AE02.roa
File: E8000C4E866F11ED8EDFC568C4F9AE02.roa (raw, json)
Hash identifier: 6KLrQEvUKHeHfeyAthT9xcufJxYZat++tCNwi80/hK8=
Subject key identifier: BD:5E:8F:D9:DE:C6:1F:50:B4:30:A9:B1:A0:CB:C0:1E:3A:6E:04:AC
Certificate issuer: /CN=A9191989/serialNumber=98E54ED57250C612747E3CA296853EAF919059F5
Certificate serial: 04
Authority key identifier: 98:E5:4E:D5:72:50:C6:12:74:7E:3C:A2:96:85:3E:AF:91:90:59:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOVO1XJQxhJ0fjyiloU-r5GQWfU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191989/587414D2863B11EDB57E7C35C4F9AE02/E8000C4E866F11ED8EDFC568C4F9AE02.roa
Signing time: Wed 28 Dec 2022 05:24:31 +0000
ROA not before: Wed 28 Dec 2022 05:24:31 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 149152
IP address blocks: 103.59.170.0/23 maxlen: 23
2400:cee0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191989/serialNumber=98E54ED57250C612747E3CA296853EAF919059F5
Validity
Not Before: Dec 28 05:24:31 2022 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63abd30f-e988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:63:9b:eb:10:b1:2e:34:f5:82:1e:93:d9:d4:
6f:96:7a:6b:f5:0f:5c:62:f2:c0:bb:cf:db:b9:6e:
94:7e:26:91:c8:2f:f1:65:00:21:63:65:6c:5a:78:
61:82:a2:fb:08:2e:4a:15:6c:03:92:6a:81:37:d7:
b7:05:3a:24:2e:19:5b:dc:84:04:4d:c3:c9:9d:fe:
63:03:d6:07:ff:15:3a:39:a0:d6:eb:74:6a:0e:04:
81:77:e5:75:ec:04:20:90:56:f7:8c:9e:00:1a:61:
fd:ea:a1:58:8e:51:8f:fd:e9:94:e8:ae:fd:1c:d4:
2b:e4:6a:af:4c:24:47:9e:7a:ec:31:3b:02:a2:9d:
76:6c:0e:a3:57:94:17:9c:1f:f0:ef:9a:fc:b7:2c:
a2:ad:a4:aa:7d:05:6c:75:4b:98:23:d9:ec:42:3f:
23:b4:25:da:38:e4:7b:6e:9b:ce:41:8b:03:57:c5:
f3:a2:49:b6:17:cd:db:61:91:40:24:09:de:d5:de:
57:de:e3:c6:b8:19:49:2e:00:80:ee:fd:1b:b5:75:
78:ec:e3:ec:c6:26:6f:9e:b1:c2:1c:36:2b:d4:27:
a3:fb:d2:60:e2:6d:1a:1d:50:17:fa:f9:72:59:89:
25:bc:21:69:bf:b6:73:35:ba:9f:46:12:0c:39:2f:
57:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5E:8F:D9:DE:C6:1F:50:B4:30:A9:B1:A0:CB:C0:1E:3A:6E:04:AC
X509v3 Authority Key Identifier:
keyid:98:E5:4E:D5:72:50:C6:12:74:7E:3C:A2:96:85:3E:AF:91:90:59:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191989/587414D2863B11EDB57E7C35C4F9AE02/mOVO1XJQxhJ0fjyiloU-r5GQWfU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOVO1XJQxhJ0fjyiloU-r5GQWfU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191989/587414D2863B11EDB57E7C35C4F9AE02/E8000C4E866F11ED8EDFC568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.59.170.0/23
IPv6:
2400:cee0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:d7:ca:be:10:df:53:c3:ef:f2:c7:2e:4f:1b:3c:fc:46:f2:
af:94:58:ae:41:7e:e3:4d:52:c1:61:27:68:da:ba:22:0f:ea:
6b:00:ff:94:90:3e:99:27:cf:3d:92:75:f0:ac:e8:30:6c:0b:
31:cb:3b:be:a3:89:4d:ab:68:97:5a:11:82:2f:4e:93:1f:58:
9d:9a:30:20:fc:17:06:02:88:7d:03:6f:53:24:8d:99:07:6f:
e5:8e:5b:5e:f8:55:54:6b:91:71:9a:c2:35:d5:c4:0a:a4:25:
5e:c4:a4:31:57:a6:e7:26:9c:bf:34:87:1a:cb:b5:36:1b:55:
0d:83:36:df:c6:e0:1a:0d:45:56:a9:81:a1:33:35:eb:48:70:
d2:52:a5:fd:a5:99:7b:66:30:f8:e0:a8:2c:a0:b5:b2:77:46:
e6:7f:c4:e8:8c:71:7a:ed:82:14:e7:72:66:44:92:5f:d4:37:
97:39:99:ff:01:e5:03:df:1c:bf:9d:6f:89:de:69:87:1c:24:
23:fb:f7:98:be:d2:08:cd:97:5a:26:8d:99:f1:ac:82:b5:76:
08:f7:56:36:4f:28:6f:47:0a:2d:bc:99:90:22:6d:a5:d4:d0:
d4:0a:57:37:2b:01:f3:10:26:db:a4:67:43:d8:50:ad:19:a6:
4f:ae:37:29
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MTk4OTExMC8GA1UEBRMoOThFNTRFRDU3MjUwQzYxMjc0N0UzQ0EyOTY4NTNFQUY5
MTkwNTlGNTAeFw0yMjEyMjgwNTI0MzFaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYWJkMzBmLWU5ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlY5vrELEuNPWCHpPZ1G+Wemv1D1xi8sC7z9u5bpR+JpHIL/FlACFjZWxaeGGC
ovsILkoVbAOSaoE317cFOiQuGVvchARNw8md/mMD1gf/FTo5oNbrdGoOBIF35XXs
BCCQVveMngAaYf3qoViOUY/96ZTorv0c1Cvkaq9MJEeeeuwxOwKinXZsDqNXlBec
H/Dvmvy3LKKtpKp9BWx1S5gj2exCPyO0Jdo45Htum85BiwNXxfOiSbYXzdthkUAk
Cd7V3lfe48a4GUkuAIDu/Ru1dXjs4+zGJm+escIcNivUJ6P70mDibRodUBf6+XJZ
iSW8IWm/tnM1up9GEgw5L1elAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUvV6P2d7G
H1C0MKmxoMvAHjpuBKwwHwYDVR0jBBgwFoAUmOVO1XJQxhJ0fjyiloU+r5GQWfUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkxOTg5LzU4NzQxNEQyODYz
QjExRURCNTdFN0MzNUM0RjlBRTAyL21PVk8xWEpReGhKMGZqeWlsb1UtcjVHUVdm
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbU9WTzFYSlF4aEowZmp5aWxvVS1yNUdRV2ZVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MTk4OS81ODc0MTREMjg2M0IxMUVEQjU3RTdDMzVDNEY5QUUwMi9FODAwMEM0RTg2
NkYxMUVEOEVERkM1NjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWc7qjANBAIAAjAHAwUAJADO4DANBgkqhkiG9w0BAQsFAAOC
AQEAftfKvhDfU8Pv8scuTxs8/Ebyr5RYrkF+401SwWEnaNq6Ig/qawD/lJA+mSfP
PZJ18KzoMGwLMcs7vqOJTatol1oRgi9Okx9YnZowIPwXBgKIfQNvUySNmQdv5Y5b
XvhVVGuRcZrCNdXECqQlXsSkMVem5yacvzSHGsu1NhtVDYM238bgGg1FVqmBoTM1
60hw0lKl/aWZe2Yw+OCoLKC1sndG5n/E6Ixxeu2CFOdyZkSSX9Q3lzmZ/wHlA98c
v51vid5phxwkI/v3mL7SCM2XWiaNmfGsgrV2CPdWNk8ob0cKLbyZkCJtpdTQ1ApX
NysB8xAm26RnQ9hQrRmmT643KQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org