Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194CBE/067F4720233011EBBA8C774BC4F9AE02/E8F68716283911ED91E3DF10C4F9AE02.roa
File: E8F68716283911ED91E3DF10C4F9AE02.roa (raw, json)
Hash identifier: kLQcisBSzcqmKy7zs+1+FdTqIxwRPVZMOQCGGstwkRo=
Subject key identifier: E8:11:C3:8B:0D:E5:74:E6:E9:07:AD:C2:69:AA:C5:B7:65:B2:DF:EE
Certificate issuer: /CN=A9194CBE/serialNumber=3BB051A7DABA687FE3A561E38F47B950467C571E
Certificate serial: 052E
Authority key identifier: 3B:B0:51:A7:DA:BA:68:7F:E3:A5:61:E3:8F:47:B9:50:46:7C:57:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O7BRp9q6aH_jpWHjj0e5UEZ8Vx4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9194CBE/067F4720233011EBBA8C774BC4F9AE02/E8F68716283911ED91E3DF10C4F9AE02.roa
Signing time: Fri 02 Sep 2022 06:20:57 +0000
ROA not before: Fri 02 Sep 2022 06:20:57 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 141411
IP address blocks: 103.158.124.0/23 maxlen: 23
103.158.124.0/24 maxlen: 24
103.158.125.0/24 maxlen: 24
2001:df5:4f80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1326 (0x52e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9194CBE/serialNumber=3BB051A7DABA687FE3A561E38F47B950467C571E
Validity
Not Before: Sep 2 06:20:57 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=6311a0c9-0aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:24:6e:8c:fe:4a:71:a7:22:99:0b:4d:94:31:
20:cc:8c:c8:e4:60:06:95:06:d6:73:66:dc:36:1e:
4d:d4:63:22:c9:74:fc:6c:62:91:1d:a5:89:60:60:
68:fb:19:5d:87:c0:2f:a5:fe:13:34:55:a0:b0:d0:
b5:12:53:0a:d6:2e:e6:ee:e1:51:4f:c6:09:6f:b6:
78:37:4c:41:91:e7:f2:64:88:50:b2:15:34:e6:cc:
7c:7a:ed:e5:5b:19:66:67:7a:01:d3:5a:61:bf:03:
e7:7b:81:d4:c7:9b:a7:f7:ac:d2:5f:a9:78:b5:f3:
83:29:ef:5b:71:45:14:68:91:21:1b:fd:9f:7f:2f:
00:de:71:25:1a:aa:89:55:46:a6:60:82:87:be:fd:
0e:37:30:2d:45:35:6d:6d:ba:9e:57:bd:8a:3e:96:
31:3c:66:de:c5:5a:d7:3f:95:ad:14:63:2e:23:c5:
57:8d:f3:5c:13:7d:84:94:ea:65:6c:5c:81:fc:21:
f9:e4:e5:37:81:8a:fa:a0:3d:c8:38:08:2d:94:35:
28:85:bb:7c:78:66:29:c1:04:a7:31:29:77:39:5b:
83:9d:f2:4b:ee:d5:8f:6e:b9:38:8b:3a:96:87:99:
8b:c7:e7:3a:78:5c:9b:b5:8e:91:c8:b0:28:19:ce:
c8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:11:C3:8B:0D:E5:74:E6:E9:07:AD:C2:69:AA:C5:B7:65:B2:DF:EE
X509v3 Authority Key Identifier:
keyid:3B:B0:51:A7:DA:BA:68:7F:E3:A5:61:E3:8F:47:B9:50:46:7C:57:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9194CBE/067F4720233011EBBA8C774BC4F9AE02/O7BRp9q6aH_jpWHjj0e5UEZ8Vx4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O7BRp9q6aH_jpWHjj0e5UEZ8Vx4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194CBE/067F4720233011EBBA8C774BC4F9AE02/E8F68716283911ED91E3DF10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.124.0/23
IPv6:
2001:df5:4f80::/48
Signature Algorithm: sha256WithRSAEncryption
65:40:ac:6b:a9:be:ea:bb:fb:f9:83:cd:9e:db:77:a7:cf:6f:
5e:35:47:9e:a4:e2:64:19:8c:aa:f8:60:00:45:b4:7a:29:dd:
47:5e:7c:9c:06:b1:50:26:b4:bf:9c:46:3f:bd:95:ca:71:76:
be:3e:8d:4f:fc:98:46:74:ad:7d:ae:73:56:26:d9:43:8a:89:
1c:6c:92:c0:0c:90:10:11:f8:f0:c5:96:44:5a:cf:6a:91:a2:
b8:05:57:78:24:f7:22:4c:bd:fb:83:59:83:18:8e:0a:49:f1:
07:0f:8b:5c:e3:23:19:ea:00:94:3c:51:a6:b7:a0:d1:52:4c:
b7:bf:74:04:5c:5b:a6:a7:60:16:8e:04:f2:5f:b9:0e:0d:46:
d8:9c:4b:bf:ed:74:58:11:54:17:ae:39:ef:be:7c:fe:63:c4:
8b:ac:b3:a1:59:82:29:4a:94:55:e6:8f:b8:4a:d9:e2:ab:d1:
8e:2f:51:0c:10:0c:72:6d:8d:73:63:68:6f:90:18:9b:d3:ee:
df:b4:17:12:39:35:5a:5b:e3:90:90:91:65:bf:76:69:95:32:
13:6b:ce:99:49:91:06:78:f5:81:48:e6:e7:ba:52:fe:7c:2b:
8f:e6:31:dd:46:9b:85:51:51:6c:65:57:22:c5:4d:86:0f:85:
0f:46:af:bb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTRDQkUxMTAvBgNVBAUTKDNCQjA1MUE3REFCQTY4N0ZFM0E1NjFFMzhGNDdCOTUw
NDY3QzU3MUUwHhcNMjIwOTAyMDYyMDU3WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzExYTBjOS0wYWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0iRujP5KcacimQtNlDEgzIzI5GAGlQbWc2bcNh5N1GMiyXT8bGKRHaWJYGBo
+xldh8Avpf4TNFWgsNC1ElMK1i7m7uFRT8YJb7Z4N0xBkefyZIhQshU05sx8eu3l
WxlmZ3oB01phvwPne4HUx5un96zSX6l4tfODKe9bcUUUaJEhG/2ffy8A3nElGqqJ
VUamYIKHvv0ONzAtRTVtbbqeV72KPpYxPGbexVrXP5WtFGMuI8VXjfNcE32ElOpl
bFyB/CH55OU3gYr6oD3IOAgtlDUohbt8eGYpwQSnMSl3OVuDnfJL7tWPbrk4izqW
h5mLx+c6eFybtY6RyLAoGc7IsQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOgRw4sN
5XTm6Qetwmmqxbdlst/uMB8GA1UdIwQYMBaAFDuwUafaumh/46Vh449HuVBGfFce
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NENCRS8wNjdGNDcyMDIz
MzAxMUVCQkE4Qzc3NEJDNEY5QUUwMi9PN0JScDlxNmFIX2pwV0hqajBlNVVFWjhW
eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL083QlJwOXE2YUhfanBXSGpqMGU1VUVaOFZ4NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTRDQkUvMDY3RjQ3MjAyMzMwMTFFQkJBOEM3NzRCQzRGOUFFMDIvRThGNjg3MTYy
ODM5MTFFRDkxRTNERjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnnnwwDwQCAAIwCQMHACABDfVPgDANBgkqhkiG9w0BAQsF
AAOCAQEAZUCsa6m+6rv7+YPNntt3p89vXjVHnqTiZBmMqvhgAEW0eindR158nAax
UCa0v5xGP72VynF2vj6NT/yYRnStfa5zVibZQ4qJHGySwAyQEBH48MWWRFrPapGi
uAVXeCT3Iky9+4NZgxiOCknxBw+LXOMjGeoAlDxRpreg0VJMt790BFxbpqdgFo4E
8l+5Dg1G2JxLv+10WBFUF6457758/mPEi6yzoVmCKUqUVeaPuErZ4qvRji9RDBAM
cm2Nc2Nob5AYm9Pu37QXEjk1WlvjkJCRZb92aZUyE2vOmUmRBnj1gUjm57pS/nwr
j+Yx3UabhVFRbGVXIsVNhg+FD0avuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org