Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/5A48F0D6CE3C11EDA2BCE171C4F9AE02.roa
File: 5A48F0D6CE3C11EDA2BCE171C4F9AE02.roa (raw, json)
Hash identifier: 9m0fnc6v2MbVVpzW5qjaiOOFSWvnndprHUn03UKDXYc=
Subject key identifier: 82:A7:5B:2B:12:A1:61:07:51:F0:44:CB:A5:80:6E:66:15:27:B4:CE
Certificate issuer: /CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Certificate serial: 59
Authority key identifier: F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/5A48F0D6CE3C11EDA2BCE171C4F9AE02.roa
Signing time: Wed 29 Mar 2023 14:16:53 +0000
ROA not before: Wed 29 Mar 2023 14:16:53 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 131471
IP address blocks: 103.19.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89 (0x59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Validity
Not Before: Mar 29 14:16:53 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64244854-3bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:69:ea:22:04:3a:0d:cc:2b:54:6a:02:68:14:
c3:66:12:e7:43:96:97:31:a6:cd:60:c1:1b:69:76:
7e:0b:ea:c6:78:40:10:23:e2:56:7b:89:ca:f5:f7:
80:43:89:e6:b2:5d:4f:5b:c6:bb:4a:03:33:51:48:
7f:86:c1:37:f0:09:f8:14:fb:4b:2b:1b:26:5c:59:
ab:3b:98:d6:90:a9:09:a0:09:5b:60:79:3f:cb:0b:
76:1b:aa:9b:17:c0:20:c9:69:72:c0:84:bf:7b:71:
eb:7d:d3:3c:a6:5f:30:d8:b5:37:a8:ee:26:84:52:
1f:0f:09:1d:25:ed:50:18:fd:f7:22:3c:97:ff:74:
4c:94:66:d5:a0:cd:5c:81:09:6a:9c:8c:6e:07:30:
f1:bb:95:02:b5:3a:92:8f:cc:f0:b2:3e:f5:99:55:
5e:b5:f9:7e:60:76:34:3c:08:b0:6b:66:8c:59:bd:
04:d4:7f:33:45:70:97:f7:e4:34:a1:39:80:fa:d9:
bb:31:e6:01:df:c5:81:48:3a:e1:e6:e6:8f:c5:19:
dc:ff:c8:9c:06:1e:6a:e7:d2:9f:86:d9:62:b0:ea:
ec:5f:56:96:73:09:56:26:3d:5d:5b:d3:ce:f4:bb:
59:12:0b:03:05:7f:be:4f:e6:ce:af:3a:f7:35:e6:
fd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A7:5B:2B:12:A1:61:07:51:F0:44:CB:A5:80:6E:66:15:27:B4:CE
X509v3 Authority Key Identifier:
keyid:F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/5A48F0D6CE3C11EDA2BCE171C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:71:fe:e1:81:5c:5b:25:b2:35:ee:f6:16:a8:5e:f6:9b:28:
5c:7e:7d:95:9e:3f:d7:c8:42:47:b8:64:4c:77:2c:ac:29:cc:
46:a7:ef:78:4d:b5:fd:73:65:46:33:62:d1:7e:fd:73:27:7a:
d3:2c:79:db:fa:b6:48:9a:a6:1e:38:fd:90:99:6d:b0:09:c2:
5d:93:cb:69:66:91:5c:75:a2:f7:08:4c:0e:cc:20:fd:5f:21:
91:b0:13:3d:2b:03:27:16:f8:70:3d:b6:a7:26:d5:73:20:6f:
52:06:46:20:f4:f2:38:64:7e:68:fe:54:23:09:84:e4:11:97:
cf:88:ee:a1:cc:ff:94:8f:f0:4e:07:c8:d0:a8:75:ba:23:fd:
dd:e2:7d:98:90:4e:d2:b1:88:5a:af:0e:92:b9:70:4a:35:21:
42:50:f7:83:a0:a5:19:9e:75:17:44:20:ef:f8:a0:4d:eb:01:
04:3d:55:a4:90:2e:d3:f0:2a:1a:3c:8b:b0:e4:2b:de:36:f7:
a3:38:34:77:49:a2:a7:f8:89:f1:e3:c0:77:f3:30:e2:f1:b7:
d1:a4:83:46:a0:e7:86:ee:5d:f0:d6:6f:19:dc:24:f3:15:da:
8d:0a:44:4f:de:70:f3:c2:40:76:c4:6c:49:64:2f:e2:f2:c7:
ef:b2:18:d1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RUY2NzExMC8GA1UEBRMoRjhENjkzQTI2OTY0Q0QzQzVBMTk5RDJDMjZFRDIyNjQ3
QTIwRTc3RTAeFw0yMzAzMjkxNDE2NTNaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MjQ0ODU0LTNiYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYaeoiBDoNzCtUagJoFMNmEudDlpcxps1gwRtpdn4L6sZ4QBAj4lZ7icr194BD
ieayXU9bxrtKAzNRSH+GwTfwCfgU+0srGyZcWas7mNaQqQmgCVtgeT/LC3YbqpsX
wCDJaXLAhL97cet90zymXzDYtTeo7iaEUh8PCR0l7VAY/fciPJf/dEyUZtWgzVyB
CWqcjG4HMPG7lQK1OpKPzPCyPvWZVV61+X5gdjQ8CLBrZoxZvQTUfzNFcJf35DSh
OYD62bsx5gHfxYFIOuHm5o/FGdz/yJwGHmrn0p+G2WKw6uxfVpZzCVYmPV1b0870
u1kSCwMFf75P5s6vOvc15v2bAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgqdbKxKh
YQdR8ETLpYBuZhUntM4wHwYDVR0jBBgwFoAU+NaTomlkzTxaGZ0sJu0iZHog534w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlFRjY3LzEyQ0U1OEMwNEJD
QjExRURCQkU1OTI1RUM0RjlBRTAyLy1OYVRvbWxrelR4YUdaMHNKdTBpWkhvZzUz
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLU5hVG9tbGt6VHhhR1owc0p1MGlaSG9nNTM0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RUY2Ny8xMkNFNThDMDRCQ0IxMUVEQkJFNTkyNUVDNEY5QUUwMi81QTQ4RjBENkNF
M0MxMUVEQTJCQ0UxNzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcTMTANBgkqhkiG9w0BAQsFAAOCAQEATnH+4YFcWyWyNe72
Fqhe9psoXH59lZ4/18hCR7hkTHcsrCnMRqfveE21/XNlRjNi0X79cyd60yx52/q2
SJqmHjj9kJltsAnCXZPLaWaRXHWi9whMDswg/V8hkbATPSsDJxb4cD22pybVcyBv
UgZGIPTyOGR+aP5UIwmE5BGXz4juocz/lI/wTgfI0Kh1uiP93eJ9mJBO0rGIWq8O
krlwSjUhQlD3g6ClGZ51F0Qg7/igTesBBD1VpJAu0/AqGjyLsOQr3jb3ozg0d0mi
p/iJ8ePAd/Mw4vG30aSDRqDnhu5d8NZvGdwk8xXajQpET95w88JAdsRsSWQv4vLH
77IY0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org