Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/5E85BFE04BCD11EDA2E6375FC4F9AE02.roa
File: 5E85BFE04BCD11EDA2E6375FC4F9AE02.roa (raw, json)
Hash identifier: zahwlb63vMftIHtNDs1ZhvTlwBa+VxIs4xNSEA4aPUo=
Subject key identifier: 2A:EE:E3:41:52:00:87:63:29:35:BA:00:EE:96:16:FE:A5:BC:0D:ED
Certificate issuer: /CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Certificate serial: 02
Authority key identifier: F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/5E85BFE04BCD11EDA2E6375FC4F9AE02.roa
Signing time: Fri 14 Oct 2022 14:34:55 +0000
ROA not before: Fri 14 Oct 2022 14:34:55 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 150371
IP address blocks: 103.19.48.0/24 maxlen: 24
103.19.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Validity
Not Before: Oct 14 14:34:55 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6349738e-46ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d9:d4:6b:91:77:ec:09:6d:a8:01:35:f7:84:
77:68:b0:34:52:39:52:38:a1:55:6e:68:ad:00:49:
11:d0:61:b7:96:fc:f1:58:21:32:b7:c8:65:e4:74:
cf:f7:cb:5b:36:4b:45:d0:9d:0d:d3:c9:b7:67:17:
57:6e:8b:84:7b:19:48:82:bd:b3:4f:fe:d5:01:6e:
44:e6:5e:c1:fa:06:22:33:7e:b6:15:fc:3a:27:9f:
b2:0f:2e:41:9d:2b:6b:93:10:0c:d3:c4:fc:9f:15:
54:19:f3:7a:63:14:cc:95:a7:1e:37:ef:d5:af:39:
9e:e2:d9:d0:36:b3:59:cd:45:1e:7f:57:94:6b:92:
2d:c8:d8:29:bd:c3:e4:a3:6d:b1:4d:16:7d:a3:b0:
37:f3:a9:77:d8:60:78:64:49:09:86:14:7c:c7:5f:
7e:11:3f:cd:11:95:2c:dc:6d:2a:d9:ef:f1:1d:a2:
90:48:06:75:29:73:c8:8b:68:df:3f:d7:d6:4d:49:
de:36:b9:3f:db:6f:dd:bb:3b:37:6d:38:c3:72:15:
79:24:94:97:ab:4c:93:d2:26:e7:1b:9c:16:37:d3:
69:48:39:fc:b5:99:f0:aa:b2:4a:a5:b0:5f:ed:5d:
84:6e:af:49:e8:af:3f:17:f4:c2:b1:2a:d0:a3:b6:
bb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EE:E3:41:52:00:87:63:29:35:BA:00:EE:96:16:FE:A5:BC:0D:ED
X509v3 Authority Key Identifier:
keyid:F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/5E85BFE04BCD11EDA2E6375FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.48.0/23
Signature Algorithm: sha256WithRSAEncryption
65:06:0c:17:34:8c:c8:1e:5e:3d:0f:16:e6:da:ca:8b:41:e3:
11:79:b1:9e:32:89:20:39:8a:ef:cb:98:0c:79:ce:e0:7b:1b:
2a:ae:84:7d:b7:96:5f:d9:69:f5:5f:2e:37:e5:48:f6:0c:bc:
b5:a8:51:6d:10:8a:e8:89:a2:62:86:da:2a:72:0a:8a:05:9e:
b7:b2:59:c0:20:49:f4:3a:c6:f5:b3:ea:ae:1f:97:07:65:aa:
a9:d5:f9:89:0f:01:2a:9c:23:49:5c:7f:57:02:4a:d9:bb:75:
a5:ed:da:a9:a9:2e:10:d4:ee:f3:77:ae:9d:77:00:9a:e5:99:
4e:ea:4f:ef:83:89:3e:48:bd:64:60:e4:84:1f:01:b9:a7:40:
03:c5:40:d7:4b:24:72:e8:0b:23:49:97:22:1b:ca:d5:0f:54:
2f:67:35:4b:e2:67:79:43:2c:af:4d:70:16:e1:79:d4:ae:62:
cc:ab:5a:e5:19:ef:d8:08:e9:f3:4e:82:ff:87:10:3a:2a:f2:
ff:f1:83:6a:7c:a8:4e:6b:de:31:28:f6:49:93:d2:91:4c:5e:
fc:f0:06:8f:b2:cd:d6:62:c0:70:1b:a6:63:14:44:0d:63:cd:
1c:8d:8f:72:e4:34:5a:30:ba:1e:64:7f:67:04:46:a2:4a:57:
c4:d4:41:7d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RUY2NzExMC8GA1UEBRMoRjhENjkzQTI2OTY0Q0QzQzVBMTk5RDJDMjZFRDIyNjQ3
QTIwRTc3RTAeFw0yMjEwMTQxNDM0NTVaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNDk3MzhlLTQ2YWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDd2dRrkXfsCW2oATX3hHdosDRSOVI4oVVuaK0ASRHQYbeW/PFYITK3yGXkdM/3
y1s2S0XQnQ3TybdnF1dui4R7GUiCvbNP/tUBbkTmXsH6BiIzfrYV/Donn7IPLkGd
K2uTEAzTxPyfFVQZ83pjFMyVpx4379WvOZ7i2dA2s1nNRR5/V5Rrki3I2Cm9w+Sj
bbFNFn2jsDfzqXfYYHhkSQmGFHzHX34RP80RlSzcbSrZ7/EdopBIBnUpc8iLaN8/
19ZNSd42uT/bb927OzdtOMNyFXkklJerTJPSJucbnBY302lIOfy1mfCqskqlsF/t
XYRur0norz8X9MKxKtCjtrs7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKu7jQVIA
h2MpNboA7pYW/qW8De0wHwYDVR0jBBgwFoAU+NaTomlkzTxaGZ0sJu0iZHog534w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlFRjY3LzEyQ0U1OEMwNEJD
QjExRURCQkU1OTI1RUM0RjlBRTAyLy1OYVRvbWxrelR4YUdaMHNKdTBpWkhvZzUz
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLU5hVG9tbGt6VHhhR1owc0p1MGlaSG9nNTM0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RUY2Ny8xMkNFNThDMDRCQ0IxMUVEQkJFNTkyNUVDNEY5QUUwMi81RTg1QkZFMDRC
Q0QxMUVEQTJFNjM3NUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcTMDANBgkqhkiG9w0BAQsFAAOCAQEAZQYMFzSMyB5ePQ8W
5trKi0HjEXmxnjKJIDmK78uYDHnO4HsbKq6EfbeWX9lp9V8uN+VI9gy8tahRbRCK
6ImiYobaKnIKigWet7JZwCBJ9DrG9bPqrh+XB2WqqdX5iQ8BKpwjSVx/VwJK2bt1
pe3aqakuENTu83eunXcAmuWZTupP74OJPki9ZGDkhB8BuadAA8VA10skcugLI0mX
IhvK1Q9UL2c1S+JneUMsr01wFuF51K5izKta5Rnv2Ajp806C/4cQOiry//GDanyo
TmveMSj2SZPSkUxe/PAGj7LN1mLAcBumYxREDWPNHI2PcuQ0WjC6HmR/ZwRGokpX
xNRBfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org