Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/89AF486443B111ECAE23A45EC4F9AE02.roa
File: 89AF486443B111ECAE23A45EC4F9AE02.roa (raw, json)
Hash identifier: RmUwfSIr6fnBbWPiR70GVLFT9j4wvohLIbKqLGfT8rY=
Subject key identifier: EA:A4:09:F5:BE:98:D8:FC:F1:3D:EB:E6:A5:EC:A6:3C:12:C8:99:3A
Certificate issuer: /CN=A919ECE7/serialNumber=77370BC07305D19DBDACCE4BF7209E1EB6D40E33
Certificate serial: 024C
Authority key identifier: 77:37:0B:C0:73:05:D1:9D:BD:AC:CE:4B:F7:20:9E:1E:B6:D4:0E:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dzcLwHMF0Z29rM5L9yCeHrbUDjM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/89AF486443B111ECAE23A45EC4F9AE02.roa
Signing time: Fri 12 Nov 2021 13:49:21 +0000
ROA not before: Fri 12 Nov 2021 13:49:21 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 134176
IP address blocks: 103.42.30.0/24 maxlen: 24
103.42.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 588 (0x24c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919ECE7/serialNumber=77370BC07305D19DBDACCE4BF7209E1EB6D40E33
Validity
Not Before: Nov 12 13:49:21 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=618e70e1-d7d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:02:12:96:c6:2b:12:b7:a7:1f:eb:5d:d3:d3:
8a:46:b3:8a:58:60:c4:29:2e:ec:bf:c0:54:fa:77:
d5:97:f9:1c:51:1c:e5:9c:37:dd:5e:e0:09:ca:4e:
06:54:35:c5:22:03:c4:bd:92:55:28:de:35:65:fa:
0f:9f:e7:1d:07:9c:ab:3c:d3:ff:ab:58:ca:fe:22:
8a:83:e5:01:23:20:90:1f:ee:66:6e:2a:b5:dd:d1:
bf:aa:b0:ee:93:df:0e:46:a8:65:70:bd:2a:94:f4:
7d:0c:69:67:41:bf:01:ee:54:a5:65:d9:a1:b5:49:
80:b1:18:a8:86:33:77:d1:24:9a:20:8c:a9:21:53:
c4:41:6c:13:fc:a4:39:0d:00:a9:66:ed:66:73:13:
e7:45:71:f8:ba:df:25:d1:68:ee:2f:61:0e:37:25:
5d:b3:db:9c:f2:51:91:60:bb:07:6b:95:3d:99:47:
07:8a:c7:a4:81:e7:3b:ad:1d:1a:40:c2:1a:a7:96:
0f:c0:5a:18:8a:5d:10:8f:fa:39:ab:d1:0f:64:b6:
c7:9c:25:a4:e6:07:e6:7d:8e:d6:d9:19:ef:61:bd:
e3:8a:45:81:06:27:83:a9:c9:dd:1a:83:6c:00:83:
82:3e:46:7f:9d:6d:ba:10:a5:f2:50:8e:cd:a7:a4:
27:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A4:09:F5:BE:98:D8:FC:F1:3D:EB:E6:A5:EC:A6:3C:12:C8:99:3A
X509v3 Authority Key Identifier:
keyid:77:37:0B:C0:73:05:D1:9D:BD:AC:CE:4B:F7:20:9E:1E:B6:D4:0E:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/dzcLwHMF0Z29rM5L9yCeHrbUDjM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dzcLwHMF0Z29rM5L9yCeHrbUDjM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919ECE7/5E05DBA45FAC11EB8494452FC4F9AE02/89AF486443B111ECAE23A45EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.30.0/23
Signature Algorithm: sha256WithRSAEncryption
69:65:ae:cf:57:1d:f2:de:35:c8:a0:28:79:3e:f5:b9:32:79:
15:d4:0a:69:7b:74:0f:38:72:a7:4b:75:a9:78:b5:bd:57:32:
e8:ae:0f:ab:cf:a1:17:be:95:a9:af:c1:30:ad:4a:84:22:c5:
d7:1f:84:16:d4:bc:7a:37:43:66:ab:0a:06:07:92:a1:94:c7:
08:09:e0:8a:f9:eb:db:a1:44:0e:cb:98:42:96:2a:5b:6b:0c:
c8:f8:d8:d1:4b:a9:eb:17:0d:9c:b4:27:8b:66:10:fd:81:2a:
01:ba:e8:b9:46:e1:54:90:0a:6c:77:1e:be:40:bb:ba:19:73:
dd:a0:f7:3f:ef:dc:75:4f:ab:5a:09:e7:46:8a:9a:fc:fb:ee:
a0:8d:21:5a:14:1c:a0:a8:77:41:e4:23:8f:a0:b0:70:44:c2:
c0:67:01:c9:9a:64:04:63:7e:6f:8f:a5:72:b2:c8:70:30:14:
65:b6:74:e0:93:96:be:40:80:2c:cb:3f:4c:19:50:7a:ef:e3:
48:e5:e5:39:e5:e4:7f:f1:cf:58:46:84:ae:ae:02:25:34:46:
84:4e:5f:61:69:7a:58:c1:74:c6:64:4e:80:68:63:ee:e4:1e:
2b:5a:5d:f8:33:c4:ab:bc:f9:de:85:69:92:51:97:02:a9:28:
02:27:8f:08
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAkwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVDRTcxMTAvBgNVBAUTKDc3MzcwQkMwNzMwNUQxOURCREFDQ0U0QkY3MjA5RTFF
QjZENDBFMzMwHhcNMjExMTEyMTM0OTIxWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MThlNzBlMS1kN2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3AISlsYrErenH+td09OKRrOKWGDEKS7sv8BU+nfVl/kcURzlnDfdXuAJyk4G
VDXFIgPEvZJVKN41ZfoPn+cdB5yrPNP/q1jK/iKKg+UBIyCQH+5mbiq13dG/qrDu
k98ORqhlcL0qlPR9DGlnQb8B7lSlZdmhtUmAsRiohjN30SSaIIypIVPEQWwT/KQ5
DQCpZu1mcxPnRXH4ut8l0WjuL2EONyVds9uc8lGRYLsHa5U9mUcHisekgec7rR0a
QMIap5YPwFoYil0Qj/o5q9EPZLbHnCWk5gfmfY7W2RnvYb3jikWBBieDqcndGoNs
AIOCPkZ/nW26EKXyUI7Np6QnSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOqkCfW+
mNj88T3r5qXspjwSyJk6MB8GA1UdIwQYMBaAFHc3C8BzBdGdvazOS/cgnh621A4z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUNFNy81RTA1REJBNDVG
QUMxMUVCODQ5NDQ1MkZDNEY5QUUwMi9kemNMd0hNRjBaMjlyTTVMOXlDZUhyYlVE
ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R6Y0x3SE1GMFoyOXJNNUw5eUNlSHJiVURqTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVDRTcvNUUwNURCQTQ1RkFDMTFFQjg0OTQ0NTJGQzRGOUFFMDIvODlBRjQ4NjQ0
M0IxMTFFQ0FFMjNBNDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnKh4wDQYJKoZIhvcNAQELBQADggEBAGllrs9XHfLeNcig
KHk+9bkyeRXUCml7dA84cqdLdal4tb1XMuiuD6vPoRe+lamvwTCtSoQixdcfhBbU
vHo3Q2arCgYHkqGUxwgJ4Ir569uhRA7LmEKWKltrDMj42NFLqesXDZy0J4tmEP2B
KgG66LlG4VSQCmx3Hr5Au7oZc92g9z/v3HVPq1oJ50aKmvz77qCNIVoUHKCod0Hk
I4+gsHBEwsBnAcmaZARjfm+PpXKyyHAwFGW2dOCTlr5AgCzLP0wZUHrv40jl5Tnl
5H/xz1hGhK6uAiU0RoROX2FpeljBdMZkToBoY+7kHitaXfgzxKu8+d6FaZJRlwKp
KAInjwg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-fra.rpki-client.org