Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/8CDABFB67B9911ED9113D638C4F9AE02.roa
File: 8CDABFB67B9911ED9113D638C4F9AE02.roa (raw, json)
Hash identifier: JXk7dMloM9vR2utCTLwHlK8ZhVo1wRUI0dLrc4s2tMk=
Subject key identifier: 25:4A:33:4A:AF:C2:D9:52:E9:38:F4:C9:A0:46:CA:6A:42:3F:20:1D
Certificate issuer: /CN=A91896D4/serialNumber=4AB7079A9699D2AB9D68DE4AE4327C40BB2C50DB
Certificate serial: 02
Authority key identifier: 4A:B7:07:9A:96:99:D2:AB:9D:68:DE:4A:E4:32:7C:40:BB:2C:50:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrcHmpaZ0qudaN5K5DJ8QLssUNs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/8CDABFB67B9911ED9113D638C4F9AE02.roa
Signing time: Wed 14 Dec 2022 10:24:54 +0000
ROA not before: Wed 14 Dec 2022 10:24:54 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 142301
IP address blocks: 103.167.208.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91896D4/serialNumber=4AB7079A9699D2AB9D68DE4AE4327C40BB2C50DB
Validity
Not Before: Dec 14 10:24:54 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6399a476-7eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0c:2b:fb:c9:d3:84:f4:d4:4a:a9:62:10:9b:
5d:f4:4b:c0:bf:c1:85:96:fe:5d:41:55:e2:06:a6:
19:ec:25:fb:dd:d7:2b:4d:50:a3:57:5d:26:57:74:
bf:c9:c4:da:73:19:a7:bb:0b:df:18:34:23:2f:00:
7f:99:b3:2c:6a:76:f0:34:16:e7:e4:c3:3b:af:c1:
4c:2b:4e:0e:07:4a:33:38:c8:4c:4e:9c:7f:4e:56:
ff:c0:31:78:39:ac:2e:a7:5b:b9:b7:e0:7a:b2:74:
61:12:21:fb:61:f8:ce:b5:cb:3c:92:43:56:23:00:
da:9b:75:3d:dc:6e:98:51:10:a0:3f:2b:e4:b9:81:
5e:9e:61:f3:95:55:b2:6e:8d:b4:30:f5:09:cc:26:
d7:0a:c5:93:65:b2:48:ff:17:66:d0:dd:58:17:22:
d8:da:5b:cc:b4:e9:77:6f:13:49:78:af:c1:ce:42:
7c:77:d8:4e:65:81:3f:98:29:57:0b:48:33:ff:b4:
fe:85:73:d7:47:a9:a9:11:8f:71:0d:04:89:ad:c9:
5d:27:db:c8:a9:39:df:4a:61:8d:a6:d7:41:d1:b2:
58:a7:ab:23:0f:9f:5d:bb:4b:84:75:77:8c:63:26:
b8:ee:10:d1:05:b6:e8:52:db:47:7c:17:e8:fe:a3:
19:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4A:33:4A:AF:C2:D9:52:E9:38:F4:C9:A0:46:CA:6A:42:3F:20:1D
X509v3 Authority Key Identifier:
keyid:4A:B7:07:9A:96:99:D2:AB:9D:68:DE:4A:E4:32:7C:40:BB:2C:50:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/SrcHmpaZ0qudaN5K5DJ8QLssUNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SrcHmpaZ0qudaN5K5DJ8QLssUNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91896D4/5E9E64347B9611ED8BDFE311C4F9AE02/8CDABFB67B9911ED9113D638C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.208.0/23
Signature Algorithm: sha256WithRSAEncryption
60:8b:12:4f:97:d1:d6:a4:bb:dd:5a:bb:18:10:a1:cb:43:8a:
28:ba:3c:02:87:58:43:e9:df:13:22:53:9f:57:67:ef:dd:63:
e4:a4:1c:b4:7c:66:7c:7f:27:49:d3:25:d7:39:7c:c1:7e:58:
69:27:3d:ac:99:ae:1e:cc:eb:02:2b:52:e2:96:ca:c0:33:bb:
06:a2:c1:bd:b0:7f:3b:02:ef:3e:5e:45:ba:3c:03:64:6f:49:
76:d9:01:c3:d1:ff:e3:bd:72:aa:09:e7:d0:cf:64:71:fd:de:
df:56:a0:a0:98:81:57:05:d8:a3:53:b7:28:3d:87:37:6e:d6:
a2:cc:64:e7:30:e4:7b:13:16:a0:72:30:34:df:92:b1:fb:2c:
36:cb:cf:e7:e7:09:ec:26:52:1f:e5:7a:fc:13:13:48:70:f4:
f5:49:0a:99:7c:03:f3:1c:1a:fd:33:92:da:7c:01:6a:bf:c5:
9d:a6:f8:9f:d9:a1:bd:fe:ee:ee:1d:12:45:0d:fd:80:1c:b1:
b4:ff:bb:ac:74:ae:74:fd:2d:1f:42:87:16:f0:ef:ad:97:d1:
f9:02:dc:50:6c:e5:77:73:03:cf:34:09:c5:62:f9:96:86:95:
1e:a5:9e:48:d3:d6:24:e3:10:7b:71:ce:0f:c4:e4:41:79:ec:
e1:25:2d:b3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
OTZENDExMC8GA1UEBRMoNEFCNzA3OUE5Njk5RDJBQjlENjhERTRBRTQzMjdDNDBC
QjJDNTBEQjAeFw0yMjEyMTQxMDI0NTRaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTlhNDc2LTdlYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDeDCv7ydOE9NRKqWIQm130S8C/wYWW/l1BVeIGphnsJfvd1ytNUKNXXSZXdL/J
xNpzGae7C98YNCMvAH+ZsyxqdvA0FufkwzuvwUwrTg4HSjM4yExOnH9OVv/AMXg5
rC6nW7m34HqydGESIfth+M61yzySQ1YjANqbdT3cbphREKA/K+S5gV6eYfOVVbJu
jbQw9QnMJtcKxZNlskj/F2bQ3VgXItjaW8y06XdvE0l4r8HOQnx32E5lgT+YKVcL
SDP/tP6Fc9dHqakRj3ENBImtyV0n28ipOd9KYY2m10HRslinqyMPn127S4R1d4xj
JrjuENEFtuhS20d8F+j+oxlxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJUozSq/C
2VLpOPTJoEbKakI/IB0wHwYDVR0jBBgwFoAUSrcHmpaZ0qudaN5K5DJ8QLssUNsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg5NkQ0LzVFOUU2NDM0N0I5
NjExRUQ4QkRGRTMxMUM0RjlBRTAyL1NyY0htcGFaMHF1ZGFONUs1REo4UUxzc1VO
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU3JjSG1wYVowcXVkYU41SzVESjhRTHNzVU5zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
OTZENC81RTlFNjQzNDdCOTYxMUVEOEJERkUzMTFDNEY5QUUwMi84Q0RBQkZCNjdC
OTkxMUVEOTExM0Q2MzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWen0DANBgkqhkiG9w0BAQsFAAOCAQEAYIsST5fR1qS73Vq7
GBChy0OKKLo8AodYQ+nfEyJTn1dn791j5KQctHxmfH8nSdMl1zl8wX5YaSc9rJmu
HszrAitS4pbKwDO7BqLBvbB/OwLvPl5FujwDZG9JdtkBw9H/471yqgnn0M9kcf3e
31agoJiBVwXYo1O3KD2HN27Wosxk5zDkexMWoHIwNN+SsfssNsvP5+cJ7CZSH+V6
/BMTSHD09UkKmXwD8xwa/TOS2nwBar/Fnab4n9mhvf7u7h0SRQ39gByxtP+7rHSu
dP0tH0KHFvDvrZfR+QLcUGzld3MDzzQJxWL5loaVHqWeSNPWJOMQe3HOD8TkQXns
4SUtsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org