Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/6D8A6380FDE111E8B9B7F415C4F9AE02.roa
File: 6D8A6380FDE111E8B9B7F415C4F9AE02.roa (raw, json)
Hash identifier: /TAtdmLUu2fDwT1OsI3YFk3sWIy6l9eUfuQ9l/+j4LQ=
Subject key identifier: 01:44:86:E7:04:85:1A:66:DC:E9:EA:D9:E7:4E:B6:A2:B9:65:29:D1
Certificate issuer: /CN=A9193C85/serialNumber=185FF6647E1E9677501377B5515479B9E9461067
Certificate serial: 0A85
Authority key identifier: 18:5F:F6:64:7E:1E:96:77:50:13:77:B5:51:54:79:B9:E9:46:10:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GF_2ZH4elndQE3e1UVR5uelGEGc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/6D8A6380FDE111E8B9B7F415C4F9AE02.roa
Signing time: Wed 30 Dec 2020 06:43:04 +0000
ROA not before: Wed 30 Dec 2020 06:43:04 +0000
ROA not after: Wed 02 Mar 2022 00:00:00 +0000
asID: 45766
IP address blocks: 103.127.4.0/22 maxlen: 22
103.127.4.0/23 maxlen: 23
103.127.4.0/24 maxlen: 24
103.127.5.0/24 maxlen: 24
103.127.6.0/23 maxlen: 23
103.127.6.0/24 maxlen: 24
103.127.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2693 (0xa85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9193C85/serialNumber=185FF6647E1E9677501377B5515479B9E9461067
Validity
Not Before: Dec 30 06:43:04 2020 GMT
Not After : Mar 2 00:00:00 2022 GMT
Subject: CN=5fec2178-6e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:18:a0:ef:ba:12:37:5a:67:da:24:d2:2b:27:
1f:4b:9d:5e:29:e7:49:cd:3c:6b:d3:fc:df:95:d9:
74:94:05:ff:c6:9a:00:2c:5c:37:81:3f:aa:b5:59:
d2:c6:a3:39:33:35:a2:c2:6a:86:1d:4a:fa:5d:47:
7d:61:cc:44:e6:2e:c4:be:9b:74:5f:d1:07:29:c2:
75:c2:64:4f:f8:81:c2:7b:1c:47:61:38:cf:3c:0e:
cb:1d:ce:96:4b:99:29:20:07:98:fc:36:f2:33:b8:
72:3e:d2:49:5f:a1:2b:4e:36:09:80:61:bf:28:79:
93:d8:41:54:3f:83:cd:02:10:bf:48:7b:03:46:c2:
6a:f1:33:e5:8a:03:eb:3b:12:e5:00:b1:01:92:6b:
82:b0:a0:5c:69:d1:87:6d:fe:46:66:21:0d:91:6d:
e5:88:81:b9:65:a0:89:a4:32:d2:8c:0a:09:7e:fb:
6a:e4:6a:20:6d:ff:56:83:28:32:76:82:10:9c:34:
33:3f:de:a8:1e:2f:8b:fb:28:ef:a5:f0:71:2d:c8:
fd:3c:64:14:ac:7e:e8:1b:76:e5:c8:ae:70:d8:6d:
77:ef:3c:2b:48:c3:b7:05:14:6e:d0:a2:42:30:7f:
95:85:d8:09:4b:d6:a3:73:91:e4:28:2e:5e:0a:b7:
45:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:44:86:E7:04:85:1A:66:DC:E9:EA:D9:E7:4E:B6:A2:B9:65:29:D1
X509v3 Authority Key Identifier:
keyid:18:5F:F6:64:7E:1E:96:77:50:13:77:B5:51:54:79:B9:E9:46:10:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/GF_2ZH4elndQE3e1UVR5uelGEGc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GF_2ZH4elndQE3e1UVR5uelGEGc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/6D8A6380FDE111E8B9B7F415C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.4.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f5:ae:d1:43:f2:36:0a:86:3a:07:3f:f0:33:b4:8d:d0:97:
3d:4e:29:24:0d:8a:45:c7:43:cc:a2:90:88:4b:da:f0:e5:09:
6f:0d:a8:53:9d:c5:1c:41:0d:f2:67:fc:06:d1:f2:18:d5:76:
e1:4a:4c:df:2f:57:30:b9:5c:9a:51:ff:8c:e5:ad:27:da:8b:
b4:00:3f:f3:89:a1:97:11:ef:24:b0:72:f8:a8:ad:ba:db:00:
9b:6a:76:69:98:a8:44:7e:75:f7:de:4b:92:41:57:55:4b:8e:
ba:2a:be:ec:88:40:bb:d4:37:d5:70:d6:6f:86:c9:b0:a0:13:
25:6c:6c:de:03:0d:4c:d7:3f:5c:a8:f8:2c:f8:67:6a:d4:b5:
17:a0:d8:20:8b:be:40:b2:50:18:be:ce:27:8a:43:39:f3:0d:
5e:70:61:4b:fc:b7:64:61:79:1c:c5:de:3b:5c:2e:ec:1c:68:
60:3d:92:97:28:3b:45:ca:38:d4:d1:c3:a3:9e:a4:a7:96:bb:
54:05:f9:2b:ba:1c:54:6d:18:2f:90:40:73:02:43:a7:24:ec:
8e:83:32:e3:3a:47:09:c8:89:e7:8a:e9:91:b6:5f:c9:1f:ec:
1c:9e:4d:6a:5d:8b:a4:e2:8c:99:e1:2e:a1:b1:33:b7:84:f1:
97:dc:36:82
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTNDODUxMTAvBgNVBAUTKDE4NUZGNjY0N0UxRTk2Nzc1MDEzNzdCNTUxNTQ3OUI5
RTk0NjEwNjcwHhcNMjAxMjMwMDY0MzA0WhcNMjIwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw01ZmVjMjE3OC02ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqRig77oSN1pn2iTSKycfS51eKedJzTxr0/zfldl0lAX/xpoALFw3gT+qtVnS
xqM5MzWiwmqGHUr6XUd9YcxE5i7Evpt0X9EHKcJ1wmRP+IHCexxHYTjPPA7LHc6W
S5kpIAeY/DbyM7hyPtJJX6ErTjYJgGG/KHmT2EFUP4PNAhC/SHsDRsJq8TPligPr
OxLlALEBkmuCsKBcadGHbf5GZiENkW3liIG5ZaCJpDLSjAoJfvtq5Gogbf9Wgygy
doIQnDQzP96oHi+L+yjvpfBxLcj9PGQUrH7oG3blyK5w2G137zwrSMO3BRRu0KJC
MH+VhdgJS9ajc5HkKC5eCrdFJQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAFEhucE
hRpm3Onq2edOtqK5ZSnRMB8GA1UdIwQYMBaAFBhf9mR+HpZ3UBN3tVFUebnpRhBn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5M0M4NS80RkY0Q0I3MkZE
RTAxMUU4OEVERTQ1MTNDNEY5QUUwMi9HRl8yWkg0ZWxuZFFFM2UxVVZSNXVlbEdF
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dGXzJaSDRlbG5kUUUzZTFVVlI1dWVsR0VHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTNDODUvNEZGNENCNzJGREUwMTFFODhFREU0NTEzQzRGOUFFMDIvNkQ4QTYzODBG
REUxMTFFOEI5QjdGNDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnfwQwDQYJKoZIhvcNAQELBQADggEBAEX1rtFD8jYKhjoH
P/AztI3Qlz1OKSQNikXHQ8yikIhL2vDlCW8NqFOdxRxBDfJn/AbR8hjVduFKTN8v
VzC5XJpR/4zlrSfai7QAP/OJoZcR7ySwcviorbrbAJtqdmmYqER+dffeS5JBV1VL
jroqvuyIQLvUN9Vw1m+GybCgEyVsbN4DDUzXP1yo+Cz4Z2rUtReg2CCLvkCyUBi+
zieKQznzDV5wYUv8t2RheRzF3jtcLuwcaGA9kpcoO0XKONTRw6OepKeWu1QF+Su6
HFRtGC+QQHMCQ6ck7I6DMuM6RwnIieeK6ZG2X8kf7ByeTWpdi6TijJnhLqGxM7eE
8ZfcNoI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org