Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A824/8BFF3BB46E7F11EA95EF1861C4F9AE02/14F059D8DE3411EB973C3B82C4F9AE02.roa
File: 14F059D8DE3411EB973C3B82C4F9AE02.roa (raw, json)
Hash identifier: ZnXxSme1pFaqCMj3GtC7p5nmU0yEaC8E8L6d7WTMx+s=
Subject key identifier: B2:B8:02:E2:39:70:61:3D:4C:0D:83:DD:1F:06:07:E7:11:0A:E9:D9
Certificate issuer: /CN=A919A824/serialNumber=61E4017AFF4776713CFDC8205CC2FB2178462BA1
Certificate serial: 06D1
Authority key identifier: 61:E4:01:7A:FF:47:76:71:3C:FD:C8:20:5C:C2:FB:21:78:46:2B:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YeQBev9HdnE8_cggXML7IXhGK6E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A824/8BFF3BB46E7F11EA95EF1861C4F9AE02/14F059D8DE3411EB973C3B82C4F9AE02.roa
Signing time: Wed 06 Apr 2022 09:49:28 +0000
ROA not before: Wed 06 Apr 2022 09:49:28 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 134780
IP address blocks: 103.149.0.0/23 maxlen: 23
103.149.0.0/24 maxlen: 24
103.149.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1745 (0x6d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A824/serialNumber=61E4017AFF4776713CFDC8205CC2FB2178462BA1
Validity
Not Before: Apr 6 09:49:28 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=624d6228-a040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1b:ec:55:8c:d1:12:c2:5c:bb:3f:fa:e3:fb:
f6:4f:87:8f:1e:26:dc:45:60:24:77:28:e8:e3:c1:
c5:0c:a2:d4:fc:74:55:eb:d9:ce:82:22:71:b1:7b:
5b:fc:a6:72:c7:ad:f1:dd:59:3a:15:b0:3a:14:e2:
a1:55:08:04:b6:26:7f:f9:97:c4:90:f2:8b:a2:77:
45:86:bc:b9:61:2c:d2:81:2f:2d:53:75:d0:91:c9:
70:4f:52:0d:f0:0c:95:bd:da:c3:f2:1b:60:08:05:
7e:07:87:63:66:5e:89:2a:89:e3:38:bc:6f:8a:27:
6d:e1:bf:60:42:6f:42:b5:d7:03:65:79:9d:c7:b8:
e7:23:f7:d6:54:36:a1:77:c5:aa:ad:30:c6:f9:6b:
64:02:1d:7e:d1:48:a3:3e:16:9b:f6:0b:27:c9:9b:
07:64:91:9b:eb:b5:e0:a3:ac:7a:b5:2e:73:2e:5d:
68:76:0d:1b:69:14:69:5d:9f:59:32:b4:69:1e:41:
cc:13:48:92:57:6b:aa:75:62:c0:82:84:24:72:fb:
f6:77:f7:10:4f:af:b0:9d:89:c4:79:9b:02:6e:b1:
2d:cb:1f:2c:e4:fd:c3:7d:07:0a:fa:29:ed:e3:3f:
96:2b:4f:97:7c:74:85:85:45:da:2b:5d:17:35:be:
44:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B8:02:E2:39:70:61:3D:4C:0D:83:DD:1F:06:07:E7:11:0A:E9:D9
X509v3 Authority Key Identifier:
keyid:61:E4:01:7A:FF:47:76:71:3C:FD:C8:20:5C:C2:FB:21:78:46:2B:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A824/8BFF3BB46E7F11EA95EF1861C4F9AE02/YeQBev9HdnE8_cggXML7IXhGK6E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YeQBev9HdnE8_cggXML7IXhGK6E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A824/8BFF3BB46E7F11EA95EF1861C4F9AE02/14F059D8DE3411EB973C3B82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.0.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:ea:c9:63:04:f0:e0:9c:a0:2c:7c:fc:d4:90:10:66:7e:17:
f8:a0:7a:51:e5:f7:64:36:f1:f4:5b:0d:d9:af:82:ba:69:bd:
ed:d4:94:a5:eb:f5:b9:af:c1:e3:f4:50:c4:d0:1a:18:c9:d9:
9f:8c:67:fa:9e:60:ef:72:b6:b8:41:dc:bd:46:06:36:5f:b3:
9b:65:6c:fc:b6:ad:7d:bc:1f:cd:3b:97:d5:81:38:5e:1a:23:
58:78:59:27:6a:1f:9c:36:66:43:14:03:aa:3c:2d:2d:a5:6b:
34:0a:8d:3f:44:86:e9:34:26:19:be:be:c6:5b:ef:60:41:35:
6d:03:29:7b:b2:32:24:fd:6f:4e:9b:7c:36:d9:9b:9d:79:cf:
86:24:b7:fe:64:8b:9d:aa:e5:75:e9:81:13:ed:6f:9a:a6:0f:
73:f1:ad:64:33:28:31:39:77:fd:89:ab:ef:15:b8:5b:ec:dd:
a0:13:f4:98:be:2b:29:c3:16:9f:6b:99:0f:36:4d:76:2e:f5:
96:bd:74:9e:cd:3e:33:d1:6d:e6:91:fc:75:41:40:92:f9:b0:
b5:ed:bd:d4:a6:51:14:3d:e3:be:9c:43:9c:db:4f:d1:a3:38:
ac:f5:c8:3a:6c:17:42:88:f4:ce:c9:5d:bc:00:82:ca:9c:1a:
72:33:3e:0f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBtEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE4MjQxMTAvBgNVBAUTKDYxRTQwMTdBRkY0Nzc2NzEzQ0ZEQzgyMDVDQzJGQjIx
Nzg0NjJCQTEwHhcNMjIwNDA2MDk0OTI4WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRkNjIyOC1hMDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwRvsVYzREsJcuz/64/v2T4ePHibcRWAkdyjo48HFDKLU/HRV69nOgiJxsXtb
/KZyx63x3Vk6FbA6FOKhVQgEtiZ/+ZfEkPKLondFhry5YSzSgS8tU3XQkclwT1IN
8AyVvdrD8htgCAV+B4djZl6JKonjOLxviidt4b9gQm9CtdcDZXmdx7jnI/fWVDah
d8WqrTDG+WtkAh1+0UijPhab9gsnyZsHZJGb67Xgo6x6tS5zLl1odg0baRRpXZ9Z
MrRpHkHME0iSV2uqdWLAgoQkcvv2d/cQT6+wnYnEeZsCbrEtyx8s5P3DfQcK+int
4z+WK0+XfHSFhUXaK10XNb5E4wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLK4AuI5
cGE9TA2D3R8GB+cRCunZMB8GA1UdIwQYMBaAFGHkAXr/R3ZxPP3IIFzC+yF4Riuh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTgyNC84QkZGM0JCNDZF
N0YxMUVBOTVFRjE4NjFDNEY5QUUwMi9ZZVFCZXY5SGRuRThfY2dnWE1MN0lYaEdL
NkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1llUUJldjlIZG5FOF9jZ2dYTUw3SVhoR0s2RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE4MjQvOEJGRjNCQjQ2RTdGMTFFQTk1RUYxODYxQzRGOUFFMDIvMTRGMDU5RDhE
RTM0MTFFQjk3M0MzQjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlQAwDQYJKoZIhvcNAQELBQADggEBAB7qyWME8OCcoCx8
/NSQEGZ+F/igelHl92Q28fRbDdmvgrppve3UlKXr9bmvweP0UMTQGhjJ2Z+MZ/qe
YO9ytrhB3L1GBjZfs5tlbPy2rX28H807l9WBOF4aI1h4WSdqH5w2ZkMUA6o8LS2l
azQKjT9Ehuk0Jhm+vsZb72BBNW0DKXuyMiT9b06bfDbZm515z4Ykt/5ki52q5XXp
gRPtb5qmD3PxrWQzKDE5d/2Jq+8VuFvs3aAT9Ji+KynDFp9rmQ82TXYu9Za9dJ7N
PjPRbeaR/HVBQJL5sLXtvdSmURQ9476cQ5zbT9GjOKz1yDpsF0KI9M7JXbwAgsqc
GnIzPg8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-ams.rpki-client.org