Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/7DD5A8F40A8D11EE81C68577C4F9AE02.roa
File: 7DD5A8F40A8D11EE81C68577C4F9AE02.roa (raw, json)
Hash identifier: E+hRkapqMpgcdpQ8LinJUbIDS4wHD1hLDWHbVp/rLvU=
Subject key identifier: 26:66:3E:72:06:7B:F7:C1:EF:04:89:B4:61:78:1B:90:3A:F6:61:F3
Certificate issuer: /CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Certificate serial: 8B
Authority key identifier: F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/7DD5A8F40A8D11EE81C68577C4F9AE02.roa
Signing time: Wed 14 Jun 2023 08:28:52 +0000
ROA not before: Wed 14 Jun 2023 08:28:52 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 147066
IP address blocks: 103.19.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139 (0x8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E
Validity
Not Before: Jun 14 08:28:52 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64897a43-29af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:77:84:c0:ea:ca:e4:b3:fd:43:eb:21:bf:
7a:b5:50:b0:a3:de:d5:44:e9:ac:e6:a6:55:70:8b:
a6:4f:cb:bb:25:0d:8d:3e:df:f9:68:e8:a0:3a:01:
e0:63:30:ae:ab:10:6e:d6:51:77:eb:33:7b:f7:0d:
47:ed:7d:4b:db:6e:fc:b6:78:d6:77:21:db:e0:ff:
fb:1a:fb:c5:9a:5b:53:c9:e0:1e:a3:68:7e:c2:42:
02:16:84:9c:1f:36:d7:62:b9:22:7d:e5:13:5e:24:
75:16:f5:e9:85:59:38:43:96:02:27:b5:e1:66:58:
dc:04:7d:ba:e1:3e:18:14:7a:40:89:bd:6d:72:21:
a6:2c:30:4a:5e:1b:cc:b1:86:54:64:02:ad:08:a0:
d2:55:8a:02:76:bd:7c:2a:23:33:0a:c2:79:26:7d:
e6:a5:e5:d9:cf:74:cf:7e:89:02:46:60:9f:80:18:
7b:c8:0e:17:ac:1f:50:bf:de:25:02:0a:6c:ec:ce:
21:a8:16:17:d6:63:f3:5d:d8:2f:9e:11:77:dc:f9:
a2:e9:2b:ac:b0:68:31:9d:e8:13:e4:4b:6b:ad:ea:
10:5c:3f:56:a9:46:40:ae:c4:a9:3c:94:de:d7:8d:
2d:1f:e3:d8:90:d3:76:56:98:70:dd:00:7f:69:f4:
7d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:66:3E:72:06:7B:F7:C1:EF:04:89:B4:61:78:1B:90:3A:F6:61:F3
X509v3 Authority Key Identifier:
keyid:F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/7DD5A8F40A8D11EE81C68577C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.49.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:49:3b:a4:ea:d0:dc:3c:4e:66:1e:16:97:5f:c6:21:25:77:
b7:d1:88:7d:6b:4b:34:07:4b:34:88:c4:27:27:f4:fc:3b:a8:
b3:49:ce:c6:b0:18:b9:72:ef:98:32:b1:ec:c9:8a:d8:ce:3c:
fe:10:4e:90:d5:3f:1f:1c:42:46:5e:01:54:5c:f7:bc:07:6d:
23:1b:c3:51:84:63:2b:a1:84:98:e8:56:d7:b9:90:70:14:36:
99:0b:b7:c2:da:a2:1b:ca:cb:ce:de:15:88:44:1d:b3:88:5e:
77:88:26:ea:1c:58:be:60:45:67:d9:50:eb:51:49:13:f0:e3:
1e:84:ea:34:74:25:b7:5f:19:d8:c2:00:82:1b:94:a1:73:6c:
03:c6:0e:83:9e:62:a0:80:e2:12:c0:46:a8:43:f2:82:74:3c:
e4:03:13:12:53:25:7d:1b:b4:9a:2e:4f:b2:dc:c9:35:9f:87:
46:1c:36:e7:d0:15:55:8a:b1:95:aa:d8:53:54:8a:db:d7:64:
6f:21:df:7f:bd:67:f5:fd:f7:74:82:08:76:50:a4:3b:43:1d:
f2:cd:e3:be:b7:e3:c9:20:cb:c9:8f:c4:ba:9b:9b:e3:bf:6f:
5d:25:c7:5b:b0:4a:7c:08:66:12:00:7a:7a:04:d6:74:de:78:
50:f4:a2:40
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVGNjcxMTAvBgNVBAUTKEY4RDY5M0EyNjk2NENEM0M1QTE5OUQyQzI2RUQyMjY0
N0EyMEU3N0UwHhcNMjMwNjE0MDgyODUyWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg5N2E0My0yOWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZ93hMDqyuSz/UPrIb96tVCwo97VROms5qZVcIumT8u7JQ2NPt/5aOigOgHg
YzCuqxBu1lF36zN79w1H7X1L2278tnjWdyHb4P/7GvvFmltTyeAeo2h+wkICFoSc
HzbXYrkifeUTXiR1FvXphVk4Q5YCJ7XhZljcBH264T4YFHpAib1tciGmLDBKXhvM
sYZUZAKtCKDSVYoCdr18KiMzCsJ5Jn3mpeXZz3TPfokCRmCfgBh7yA4XrB9Qv94l
Agps7M4hqBYX1mPzXdgvnhF33Pmi6SussGgxnegT5EtrreoQXD9WqUZArsSpPJTe
140tH+PYkNN2Vphw3QB/afR9PwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCZmPnIG
e/fB7wSJtGF4G5A69mHzMB8GA1UdIwQYMBaAFPjWk6JpZM08WhmdLCbtImR6IOd+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUY2Ny8xMkNFNThDMDRC
Q0IxMUVEQkJFNTkyNUVDNEY5QUUwMi8tTmFUb21sa3pUeGFHWjBzSnUwaVpIb2c1
MzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1OYVRvbWxrelR4YUdaMHNKdTBpWkhvZzUzNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVGNjcvMTJDRTU4QzA0QkNCMTFFREJCRTU5MjVFQzRGOUFFMDIvN0RENUE4RjQw
QThEMTFFRTgxQzY4NTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnEzEwDQYJKoZIhvcNAQELBQADggEBAJpJO6Tq0Nw8TmYe
FpdfxiEld7fRiH1rSzQHSzSIxCcn9Pw7qLNJzsawGLly75gysezJitjOPP4QTpDV
Px8cQkZeAVRc97wHbSMbw1GEYyuhhJjoVte5kHAUNpkLt8LaohvKy87eFYhEHbOI
XneIJuocWL5gRWfZUOtRSRPw4x6E6jR0JbdfGdjCAIIblKFzbAPGDoOeYqCA4hLA
RqhD8oJ0POQDExJTJX0btJouT7LcyTWfh0YcNufQFVWKsZWq2FNUitvXZG8h33+9
Z/X993SCCHZQpDtDHfLN476348kgy8mPxLqbm+O/b10lx1uwSnwIZhIAenoE1nTe
eFD0okA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org