Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88E7E62AD05B11ECA09BF261C4F9AE02.roa
File: 88E7E62AD05B11ECA09BF261C4F9AE02.roa (raw, json)
Hash identifier: Sh+mJOmK1OkrftPXlufa+znZJBebnZZMzOIYI92m49w=
Subject key identifier: 63:CA:C9:36:E4:FB:BD:B0:56:68:2F:22:64:24:76:88:F0:E3:5F:61
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3A04
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88E7E62AD05B11ECA09BF261C4F9AE02.roa
Signing time: Tue 10 May 2022 12:20:10 +0000
ROA not before: Tue 10 May 2022 12:20:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14852 (0x3a04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: May 10 12:20:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=627a587a-a14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:49:6f:c9:61:35:4e:2d:ad:ef:d6:c9:4d:ee:
76:30:96:a0:d1:4b:9f:a8:b2:0e:c3:24:5e:71:53:
44:f4:a2:ee:ea:40:3c:1c:ff:ca:f4:e0:9d:0a:3a:
ac:2a:f4:4d:62:37:dc:cd:70:14:3a:5b:64:c4:f4:
c1:26:f6:fc:2b:44:e0:fe:d6:4f:b3:0d:1d:4f:b1:
ca:59:60:35:e7:b4:e6:e6:94:7b:12:1c:d6:dc:81:
e3:1f:19:99:29:90:0c:4b:4b:44:6d:c4:79:a6:d7:
13:02:6f:fd:08:17:11:8b:2d:64:b2:f8:90:e9:d9:
a2:b2:37:f2:65:6b:e8:a0:15:03:06:e3:9c:9a:f0:
45:c1:2b:30:2e:78:1f:13:7e:cd:73:86:c8:64:a3:
4d:6a:41:fe:79:c7:5e:75:fa:87:9d:96:c8:05:a4:
81:be:f8:e0:39:95:74:11:e9:42:8f:e2:93:95:eb:
60:c4:cf:20:b0:a8:d9:85:72:57:ee:12:5f:ad:c9:
e3:07:07:c2:76:a4:7b:4e:0b:97:fa:0f:41:8e:60:
82:17:8f:41:e1:3d:f8:d8:9c:e1:0c:51:06:8b:e2:
44:77:71:d5:3d:e4:2c:c7:8c:ea:3f:ed:d8:7e:93:
91:38:c5:63:cc:c2:3c:ae:1e:da:82:4f:a4:56:1e:
49:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CA:C9:36:E4:FB:BD:B0:56:68:2F:22:64:24:76:88:F0:E3:5F:61
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/88E7E62AD05B11ECA09BF261C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/24
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
cd:ba:54:06:11:11:75:40:1e:e8:cb:30:9a:dd:81:f0:5c:62:
f4:ab:aa:29:2d:7b:b3:26:20:a1:ae:c5:fa:3e:84:1e:1b:9e:
b4:ef:ad:30:2d:00:ae:d6:16:41:79:1a:b5:d0:2b:60:5d:d9:
db:d9:16:0a:34:f1:32:94:72:40:ce:26:5e:e0:a5:aa:b9:76:
4e:75:77:5e:89:e0:ca:a6:34:09:a8:19:52:f0:09:e0:56:fd:
5e:e1:e0:78:01:9d:90:a5:8a:35:1c:4a:de:bb:20:b0:39:7a:
1b:06:2e:22:e6:a8:3f:3c:65:3a:88:0a:02:99:45:f6:49:92:
7e:7a:e1:40:f4:74:f4:b4:67:1d:6b:5b:18:b9:25:fe:11:01:
96:ca:92:55:24:5d:d5:f6:29:d7:0e:c9:50:b5:22:8e:c9:d9:
6f:74:b5:e2:74:94:4b:e0:93:ea:48:84:7a:5c:1b:d4:b3:3d:
86:67:f3:9c:40:d5:87:e4:94:cb:9c:21:5b:6e:51:6a:66:2a:
9a:41:f8:a9:45:05:08:9b:7a:ed:2c:15:49:ff:07:a2:58:7e:
07:43:be:97:39:6e:34:d1:dc:07:fa:b8:af:8e:c1:29:13:8b:
4d:de:b0:89:ba:47:93:06:16:0e:f9:2d:69:78:5a:d6:0e:e4:
bf:a8:72:89
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNTEwMTIyMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdhNTg3YS1hMTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx0lvyWE1Ti2t79bJTe52MJag0UufqLIOwyRecVNE9KLu6kA8HP/K9OCdCjqs
KvRNYjfczXAUOltkxPTBJvb8K0Tg/tZPsw0dT7HKWWA157Tm5pR7EhzW3IHjHxmZ
KZAMS0tEbcR5ptcTAm/9CBcRiy1ksviQ6dmisjfyZWvooBUDBuOcmvBFwSswLngf
E37Nc4bIZKNNakH+ecdedfqHnZbIBaSBvvjgOZV0EelCj+KTletgxM8gsKjZhXJX
7hJfrcnjBwfCdqR7TguX+g9BjmCCF49B4T342JzhDFEGi+JEd3HVPeQsx4zqP+3Y
fpOROMVjzMI8rh7agk+kVh5JwQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGPKyTbk
+72wVmgvImQkdojw419hMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvODhFN0U2MkFE
MDVCMTFFQ0EwOUJGMjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAzbpUBhERdUAe6Mswmt2B8Fxi9KuqKS17syYgoa7F+j6EHhuetO+tMC0A
rtYWQXkatdArYF3Z29kWCjTxMpRyQM4mXuClqrl2TnV3XongyqY0CagZUvAJ4Fb9
XuHgeAGdkKWKNRxK3rsgsDl6GwYuIuaoPzxlOogKAplF9kmSfnrhQPR09LRnHWtb
GLkl/hEBlsqSVSRd1fYp1w7JULUijsnZb3S14nSUS+CT6kiEelwb1LM9hmfznEDV
h+SUy5whW25RamYqmkH4qUUFCJt67SwVSf8Holh+B0O+lzluNNHcB/q4r47BKROL
Td6wibpHkwYWDvktaXha1g7kv6hyiQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-fra.rpki-client.org