Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/1DC048C8FDBA11ED81BCDA19C4F9AE02.roa
File: 1DC048C8FDBA11ED81BCDA19C4F9AE02.roa (raw, json)
Hash identifier: zDsTIzEu6mcHlAwQ3leMM9g7CreeHtcJFwgNPtU5NLI=
Subject key identifier: C2:B2:6E:AE:65:65:9B:D3:CE:5A:E3:6E:43:FC:2C:25:8A:33:35:A1
Certificate issuer: /CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Certificate serial: 7F
Authority key identifier: F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/1DC048C8FDBA11ED81BCDA19C4F9AE02.roa
Signing time: Mon 29 May 2023 00:45:33 +0000
ROA not before: Mon 29 May 2023 00:45:33 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 150683
IP address blocks: 103.19.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127 (0x7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Validity
Not Before: May 29 00:45:33 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6473f5ac-5511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7f:43:38:c9:28:18:60:cf:76:ef:99:d9:83:
36:7e:ce:95:90:bb:78:cf:67:37:0a:59:1a:5f:cf:
dd:e9:b4:02:2d:4b:14:84:ff:0f:8c:66:1d:1c:6c:
ed:00:78:a5:7b:f7:d8:53:40:35:19:1a:ad:06:4d:
0d:cd:2c:67:41:98:b9:dd:fc:0c:36:1b:be:41:d7:
e4:4c:7f:64:57:fa:fa:bb:70:a6:e6:15:5d:86:3a:
57:93:09:11:ab:6d:08:3e:e4:ae:4a:36:f2:1a:f4:
e5:86:f2:03:3c:04:c3:51:79:cc:e0:3c:3e:72:86:
e1:7b:90:67:42:68:3f:f8:65:52:73:18:ee:2b:e4:
99:02:dd:31:13:0a:f9:ec:32:6a:9c:e5:57:04:61:
1c:3b:75:b9:de:52:bd:f5:c0:c7:e6:2e:18:5b:e5:
89:78:aa:88:75:d3:c3:2f:95:7f:b8:2c:8a:b8:a0:
df:90:3d:c9:42:01:6d:63:3a:b8:75:0d:78:ba:9c:
ce:a6:36:0e:53:2e:e0:f1:d1:a3:bf:cc:82:2c:87:
06:b0:3d:59:b0:5b:0c:dd:1c:eb:ce:a5:62:57:60:
46:f8:9c:51:34:ee:51:be:b4:2c:db:c0:90:a3:9d:
a6:d8:e1:d8:3f:1b:86:c8:1a:25:47:f5:fd:c6:f7:
82:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B2:6E:AE:65:65:9B:D3:CE:5A:E3:6E:43:FC:2C:25:8A:33:35:A1
X509v3 Authority Key Identifier:
keyid:F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/1DC048C8FDBA11ED81BCDA19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.49.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:34:a1:31:b8:ac:f1:89:a6:22:bd:7c:68:bf:12:35:ce:f5:
e7:2c:f3:ca:d5:a4:a4:0f:d7:77:21:d4:42:84:ef:1d:69:c0:
03:82:0c:fb:69:d0:05:5d:9d:85:c0:25:2b:3b:0e:49:ff:47:
a2:c3:6c:f9:31:97:97:18:55:6f:0a:d9:1b:fe:85:e0:30:2c:
da:0e:64:51:f8:a6:ab:7f:35:0e:6b:9c:d1:53:f4:40:79:42:
2f:95:e0:12:f7:18:ca:ea:8f:7f:e8:c4:fe:79:7d:c4:a4:dd:
67:2e:a8:89:0e:cf:c1:4e:ed:9b:01:b9:52:7a:ff:7b:25:db:
0d:e7:fe:d7:bb:0a:be:e6:b8:73:b6:8d:89:81:b7:dd:6c:c5:
3c:b8:bf:a5:6d:0a:ee:cc:7e:30:cf:81:45:f9:dd:7e:5b:a9:
e7:54:29:65:66:9e:b8:10:7c:f4:98:ad:0c:21:d0:3f:c0:a3:
b0:39:c6:27:3b:b8:f9:3a:b2:0f:9d:97:3b:84:25:83:72:9e:
f6:ff:f0:1e:44:41:52:0e:a2:b0:e9:fd:a1:e5:a2:bb:2e:2f:
73:6d:4d:9b:68:fa:41:98:df:1b:44:67:89:61:b5:13:08:fd:
63:70:96:39:08:70:d7:64:fe:81:ea:e1:bc:38:8a:37:3a:2d:
95:ac:74:09
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RUY2NzExMC8GA1UEBRMoRjhENjkzQTI2OTY0Q0QzQzVBMTk5RDJDMjZFRDIyNjQ3
QTIwRTc3RTAeFw0yMzA1MjkwMDQ1MzNaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NzNmNWFjLTU1MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMf0M4ySgYYM9275nZgzZ+zpWQu3jPZzcKWRpfz93ptAItSxSE/w+MZh0cbO0A
eKV799hTQDUZGq0GTQ3NLGdBmLnd/Aw2G75B1+RMf2RX+vq7cKbmFV2GOleTCRGr
bQg+5K5KNvIa9OWG8gM8BMNReczgPD5yhuF7kGdCaD/4ZVJzGO4r5JkC3TETCvns
Mmqc5VcEYRw7dbneUr31wMfmLhhb5Yl4qoh108MvlX+4LIq4oN+QPclCAW1jOrh1
DXi6nM6mNg5TLuDx0aO/zIIshwawPVmwWwzdHOvOpWJXYEb4nFE07lG+tCzbwJCj
nabY4dg/G4bIGiVH9f3G94JvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwrJurmVl
m9POWuNuQ/wsJYozNaEwHwYDVR0jBBgwFoAU+NaTomlkzTxaGZ0sJu0iZHog534w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlFRjY3LzEyQ0U1OEMwNEJD
QjExRURCQkU1OTI1RUM0RjlBRTAyLy1OYVRvbWxrelR4YUdaMHNKdTBpWkhvZzUz
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLU5hVG9tbGt6VHhhR1owc0p1MGlaSG9nNTM0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RUY2Ny8xMkNFNThDMDRCQ0IxMUVEQkJFNTkyNUVDNEY5QUUwMi8xREMwNDhDOEZE
QkExMUVEODFCQ0RBMTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcTMTANBgkqhkiG9w0BAQsFAAOCAQEAKzShMbis8YmmIr18
aL8SNc715yzzytWkpA/XdyHUQoTvHWnAA4IM+2nQBV2dhcAlKzsOSf9HosNs+TGX
lxhVbwrZG/6F4DAs2g5kUfimq381Dmuc0VP0QHlCL5XgEvcYyuqPf+jE/nl9xKTd
Zy6oiQ7PwU7tmwG5Unr/eyXbDef+17sKvua4c7aNiYG33WzFPLi/pW0K7sx+MM+B
Rfndflup51QpZWaeuBB89JitDCHQP8CjsDnGJzu4+TqyD52XO4Qlg3Ke9v/wHkRB
Ug6isOn9oeWiuy4vc21Nm2j6QZjfG0RniWG1Ewj9Y3CWOQhw12T+gerhvDiKNzot
lax0CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org