Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/C2A065DEC09411ED8C5B6C4AC4F9AE02.roa
File: C2A065DEC09411ED8C5B6C4AC4F9AE02.roa (raw, json)
Hash identifier: wyyWE32rgnYz/rlNw8bTIwbeavdoR+JlEPOAwAv4u4Y=
Subject key identifier: 0D:5C:72:F2:CE:5E:1F:7E:CC:22:EF:22:74:B3:95:0A:80:BF:D0:22
Certificate issuer: /CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
Certificate serial: 0128
Authority key identifier: E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/C2A065DEC09411ED8C5B6C4AC4F9AE02.roa
Signing time: Sun 12 Mar 2023 05:14:27 +0000
ROA not before: Sun 12 Mar 2023 05:14:27 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 150683
IP address blocks: 103.189.68.0/24 maxlen: 24
103.189.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296 (0x128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197202/serialNumber=E3CF45F8051063BBDB317FDD151132A94004FD5B
Validity
Not Before: Mar 12 05:14:27 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=640d5fb3-77b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b9:e5:23:11:6a:54:d5:30:bf:00:55:e1:b8:
0b:90:a4:f8:c5:fe:2d:01:be:f7:d9:de:eb:b0:09:
b8:e1:07:b8:e9:66:65:74:e9:68:52:c3:a6:3a:d1:
70:94:5f:b0:e9:16:6e:88:c6:a6:11:95:90:fe:b5:
21:20:6b:e5:ed:41:f4:b4:2a:e6:7e:32:5c:94:e8:
52:b1:22:0d:93:14:2f:4a:19:cc:5d:45:ea:fd:54:
83:ad:25:23:af:87:c5:8b:2e:cf:c2:b5:31:b8:2e:
02:49:dd:e5:a1:8c:33:a7:e9:1e:cc:69:fd:83:51:
51:73:1f:78:7d:ec:3c:de:9d:af:5e:17:73:db:4e:
7e:a6:93:f2:ea:a4:1b:25:bb:18:8d:69:f7:04:f3:
55:c0:fc:6f:ec:36:44:75:30:45:04:61:99:04:c0:
f6:c1:ad:6e:36:f3:96:34:16:cf:33:2f:eb:2c:fa:
cb:86:77:4c:ea:ce:e8:7a:9a:db:5f:31:d9:c3:b0:
04:4d:1e:b8:d2:19:34:83:07:85:da:62:6d:84:91:
47:93:c6:74:82:77:1c:02:b5:53:ef:d6:09:77:a0:
13:c2:28:e7:56:e4:20:a4:01:47:08:55:b3:5d:04:
8f:ee:9c:34:31:a4:f6:7e:68:7a:d7:ac:3a:27:ff:
5c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5C:72:F2:CE:5E:1F:7E:CC:22:EF:22:74:B3:95:0A:80:BF:D0:22
X509v3 Authority Key Identifier:
keyid:E3:CF:45:F8:05:10:63:BB:DB:31:7F:DD:15:11:32:A9:40:04:FD:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/489F-AUQY7vbMX_dFREyqUAE_Vs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/489F-AUQY7vbMX_dFREyqUAE_Vs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197202/0AFECA70F70811EC9849F35EC4F9AE02/C2A065DEC09411ED8C5B6C4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.68.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:54:c3:b0:43:0c:e5:d1:07:4c:0c:80:cd:b9:ee:dc:23:f5:
95:68:dc:39:11:31:08:8d:b6:1f:3d:9b:0f:12:0d:43:b3:61:
89:77:7e:b0:a4:e5:d6:3e:79:4c:37:3b:45:c9:ed:82:d7:b8:
42:c0:96:35:61:46:ea:47:e3:8e:3c:2d:0d:68:a4:fc:13:90:
2f:7d:5a:57:ab:d6:ff:c5:49:1d:b0:d5:6e:90:2c:b5:a5:8f:
15:19:80:1a:af:51:99:fc:db:29:c9:91:6e:3b:da:ce:d8:3c:
1b:f7:5c:ee:73:a6:74:97:cd:4d:24:4f:94:47:7f:e6:4d:48:
e7:66:6e:86:1f:78:ec:1d:4b:c5:42:02:b0:81:b8:15:73:3c:
89:9d:09:92:66:8d:c6:09:dc:cc:5c:de:0f:48:f5:e1:ea:ca:
74:8c:98:f1:7b:af:54:0e:7a:22:b0:dd:99:1b:b3:02:af:9c:
8d:6b:34:7f:3f:18:36:f9:0f:79:85:d4:d7:d1:f9:a2:9a:da:
dc:c3:aa:e7:92:28:5b:96:61:b9:a3:e4:ca:28:0c:0a:fb:22:
43:17:5d:34:96:c6:b3:84:d7:73:08:de:76:bf:23:5e:bb:27:
f3:a7:96:5c:d5:95:3a:0f:ce:32:c3:06:5e:08:ce:fb:5b:5a:
66:96:8e:9f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcyMDIxMTAvBgNVBAUTKEUzQ0Y0NUY4MDUxMDYzQkJEQjMxN0ZERDE1MTEzMkE5
NDAwNEZENUIwHhcNMjMwMzEyMDUxNDI3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBkNWZiMy03N2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybnlIxFqVNUwvwBV4bgLkKT4xf4tAb732d7rsAm44Qe46WZldOloUsOmOtFw
lF+w6RZuiMamEZWQ/rUhIGvl7UH0tCrmfjJclOhSsSINkxQvShnMXUXq/VSDrSUj
r4fFiy7PwrUxuC4CSd3loYwzp+kezGn9g1FRcx94few83p2vXhdz205+ppPy6qQb
JbsYjWn3BPNVwPxv7DZEdTBFBGGZBMD2wa1uNvOWNBbPMy/rLPrLhndM6s7oeprb
XzHZw7AETR640hk0gweF2mJthJFHk8Z0gnccArVT79YJd6ATwijnVuQgpAFHCFWz
XQSP7pw0MaT2fmh616w6J/9cEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFA1ccvLO
Xh9+zCLvInSzlQqAv9AiMB8GA1UdIwQYMBaAFOPPRfgFEGO72zF/3RURMqlABP1b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzIwMi8wQUZFQ0E3MEY3
MDgxMUVDOTg0OUYzNUVDNEY5QUUwMi80ODlGLUFVUVk3dmJNWF9kRlJFeXFVQUVf
VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQ4OUYtQVVRWTd2Yk1YX2RGUkV5cVVBRV9Wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcyMDIvMEFGRUNBNzBGNzA4MTFFQzk4NDlGMzVFQzRGOUFFMDIvQzJBMDY1REVD
MDk0MTFFRDhDNUI2QzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnvUQwDQYJKoZIhvcNAQELBQADggEBACtUw7BDDOXRB0wM
gM257twj9ZVo3DkRMQiNth89mw8SDUOzYYl3frCk5dY+eUw3O0XJ7YLXuELAljVh
RupH4448LQ1opPwTkC99Wler1v/FSR2w1W6QLLWljxUZgBqvUZn82ynJkW472s7Y
PBv3XO5zpnSXzU0kT5RHf+ZNSOdmboYfeOwdS8VCArCBuBVzPImdCZJmjcYJ3Mxc
3g9I9eHqynSMmPF7r1QOeiKw3ZkbswKvnI1rNH8/GDb5D3mF1NfR+aKa2tzDqueS
KFuWYbmj5MooDAr7IkMXXTSWxrOE13MI3na/I167J/OnllzVlToPzjLDBl4Izvtb
WmaWjp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org