Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D118/BB81A51462BF11EAAA3A8945C4F9AE02/D6318A9C1E0A11EDA6D07579C4F9AE02.roa
File: D6318A9C1E0A11EDA6D07579C4F9AE02.roa (raw, json)
Hash identifier: HoXrF5YEWM6/42o8+V215mF4xUgTQtn55hihSVWubd4=
Subject key identifier: 41:92:46:E4:F0:A7:E7:52:B1:07:6A:29:1F:DB:01:A4:6D:E0:3F:48
Certificate issuer: /CN=A919D118/serialNumber=085E0C500F3D47DD34B244BD3929CEFDADD96C3D
Certificate serial: 086A
Authority key identifier: 08:5E:0C:50:0F:3D:47:DD:34:B2:44:BD:39:29:CE:FD:AD:D9:6C:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CF4MUA89R900skS9OSnO_a3ZbD0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D118/BB81A51462BF11EAAA3A8945C4F9AE02/D6318A9C1E0A11EDA6D07579C4F9AE02.roa
Signing time: Thu 22 Sep 2022 08:18:14 +0000
ROA not before: Thu 22 Sep 2022 08:18:14 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 137018
IP address blocks: 103.149.60.0/24 maxlen: 24
103.149.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2154 (0x86a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D118/serialNumber=085E0C500F3D47DD34B244BD3929CEFDADD96C3D
Validity
Not Before: Sep 22 08:18:14 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=632c1a46-bbc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:06:b4:9a:a2:be:4f:cc:d2:9e:9b:f7:52:21:
41:ec:e5:4e:2f:53:93:c2:f0:cb:c4:00:74:67:f0:
b3:4e:ab:e2:51:d4:6e:81:0c:4d:91:9c:78:95:74:
22:5d:b7:43:c8:f4:df:54:98:ab:a3:a2:23:e8:08:
9f:e8:aa:c6:d3:5b:e5:5e:f6:17:86:70:69:75:1f:
db:08:dd:80:13:c7:e5:3e:e8:ec:7d:61:9f:3c:b2:
68:08:de:00:b2:92:7d:62:69:a5:2e:ed:17:cf:a7:
cc:87:bd:c8:14:2c:3b:df:c6:f2:b0:33:38:8e:f7:
76:f9:04:5d:63:ce:27:e2:8c:6a:0e:8d:68:0e:fe:
99:b7:06:57:b6:dd:25:00:fc:a3:43:2a:5c:74:fd:
ed:9f:ae:99:9c:1a:26:92:7e:a8:54:3e:8f:c8:f5:
79:a7:20:8d:09:9a:74:4b:05:ae:ec:50:3d:8c:f2:
99:fc:b9:08:d2:cd:87:a3:af:74:ad:67:f2:5d:1a:
98:fd:85:aa:97:aa:39:b2:39:26:0d:2d:0f:76:c6:
a2:20:d1:78:22:fa:e5:b2:36:3f:b2:bd:8c:9e:12:
9a:a2:8f:6f:cb:4b:f6:75:b0:98:de:a2:ca:7d:7e:
66:81:66:2d:27:50:7a:5c:89:5a:9a:61:17:92:7b:
b4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:92:46:E4:F0:A7:E7:52:B1:07:6A:29:1F:DB:01:A4:6D:E0:3F:48
X509v3 Authority Key Identifier:
keyid:08:5E:0C:50:0F:3D:47:DD:34:B2:44:BD:39:29:CE:FD:AD:D9:6C:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D118/BB81A51462BF11EAAA3A8945C4F9AE02/CF4MUA89R900skS9OSnO_a3ZbD0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CF4MUA89R900skS9OSnO_a3ZbD0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D118/BB81A51462BF11EAAA3A8945C4F9AE02/D6318A9C1E0A11EDA6D07579C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.60.0/23
Signature Algorithm: sha256WithRSAEncryption
18:08:a5:73:f8:98:5f:7a:1b:05:8e:3b:e5:47:70:25:7d:e9:
69:9c:09:29:d1:e4:b1:2a:16:cc:0c:41:98:cd:e4:7d:20:d6:
c5:2d:6a:5e:09:10:01:7b:bd:62:88:fc:b4:b5:e6:d4:84:80:
e6:4a:e0:84:f2:48:62:bf:1a:4b:cf:cd:d6:84:74:c2:51:d3:
89:22:a2:82:4d:3d:6f:76:38:40:a9:22:d1:25:38:ed:64:e1:
d3:b3:c1:57:d7:6e:53:5b:e3:89:51:15:a0:68:39:2f:63:42:
e9:62:ea:2b:28:1d:05:e8:08:96:b8:ed:f7:78:be:ff:01:76:
59:92:5c:2e:fe:66:37:60:13:ce:a8:3f:27:f5:81:f3:d3:8a:
24:7d:b2:19:1d:9d:bc:f6:a5:5e:63:e9:82:e7:17:5b:30:be:
7a:a2:33:53:80:56:9e:b6:f2:61:24:10:bd:d3:33:10:79:4a:
49:be:5b:a0:be:8f:8c:af:e3:8a:9c:0a:c5:0e:c1:92:a8:60:
20:3c:9f:45:58:81:98:ae:d5:52:58:61:e8:ad:dd:77:18:c5:
48:b5:5b:b9:41:c2:50:09:1f:9f:04:41:53:8d:c7:2a:27:5a:
ad:e3:2c:5c:a3:86:b4:23:04:38:97:83:d7:a3:fc:01:f1:20:
84:7f:eb:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCGowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQxMTgxMTAvBgNVBAUTKDA4NUUwQzUwMEYzRDQ3REQzNEIyNDRCRDM5MjlDRUZE
QUREOTZDM0QwHhcNMjIwOTIyMDgxODE0WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJjMWE0Ni1iYmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Qa0mqK+T8zSnpv3UiFB7OVOL1OTwvDLxAB0Z/CzTqviUdRugQxNkZx4lXQi
XbdDyPTfVJiro6Ij6Aif6KrG01vlXvYXhnBpdR/bCN2AE8flPujsfWGfPLJoCN4A
spJ9YmmlLu0Xz6fMh73IFCw738bysDM4jvd2+QRdY84n4oxqDo1oDv6ZtwZXtt0l
APyjQypcdP3tn66ZnBomkn6oVD6PyPV5pyCNCZp0SwWu7FA9jPKZ/LkI0s2Ho690
rWfyXRqY/YWql6o5sjkmDS0PdsaiINF4IvrlsjY/sr2MnhKaoo9vy0v2dbCY3qLK
fX5mgWYtJ1B6XIlammEXknu0cwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEGSRuTw
p+dSsQdqKR/bAaRt4D9IMB8GA1UdIwQYMBaAFAheDFAPPUfdNLJEvTkpzv2t2Ww9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDExOC9CQjgxQTUxNDYy
QkYxMUVBQUEzQTg5NDVDNEY5QUUwMi9DRjRNVUE4OVI5MDBza1M5T1NuT19hM1pi
RDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NGNE1VQTg5UjkwMHNrUzlPU25PX2EzWmJEMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQxMTgvQkI4MUE1MTQ2MkJGMTFFQUFBM0E4OTQ1QzRGOUFFMDIvRDYzMThBOUMx
RTBBMTFFREE2RDA3NTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlTwwDQYJKoZIhvcNAQELBQADggEBABgIpXP4mF96GwWO
O+VHcCV96WmcCSnR5LEqFswMQZjN5H0g1sUtal4JEAF7vWKI/LS15tSEgOZK4ITy
SGK/GkvPzdaEdMJR04kiooJNPW92OECpItElOO1k4dOzwVfXblNb44lRFaBoOS9j
Quli6isoHQXoCJa47fd4vv8BdlmSXC7+ZjdgE86oPyf1gfPTiiR9shkdnbz2pV5j
6YLnF1swvnqiM1OAVp628mEkEL3TMxB5Skm+W6C+j4yv44qcCsUOwZKoYCA8n0VY
gZiu1VJYYeit3XcYxUi1W7lBwlAJH58EQVONxyonWq3jLFyjhrQjBDiXg9ej/AHx
IIR/6/A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org