Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/08A561CC40C111EEB5487568C4F9AE02.roa
File: 08A561CC40C111EEB5487568C4F9AE02.roa (raw, json)
Hash identifier: d5KMQPUPcY+BHbI8Z5Z8FbSGjzfFmvDHpvBSBydTBjU=
Subject key identifier: DC:0E:A3:82:15:2F:BD:05:0E:92:1D:58:7D:A1:5F:60:F3:A5:56:D2
Certificate issuer: /CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
Certificate serial: 10
Authority key identifier: 59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/08A561CC40C111EEB5487568C4F9AE02.roa
Signing time: Tue 22 Aug 2023 07:53:51 +0000
ROA not before: Tue 22 Aug 2023 07:53:51 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 211252
IP address blocks: 103.99.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
Validity
Not Before: Aug 22 07:53:51 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64e4698f-b6eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:55:d4:a6:a2:76:2d:3c:54:18:40:d3:a5:06:
fb:ca:3f:a2:d1:dc:5a:78:66:6f:75:e4:82:bd:0f:
8b:4a:ad:f5:5c:59:00:3e:ae:f2:fe:b4:fa:fe:1d:
fc:26:ca:e3:5c:f1:8d:a7:c6:c1:31:b5:95:3e:9b:
80:30:5d:07:56:6d:0e:8a:75:51:19:97:71:c7:2a:
5c:6d:e1:b6:e8:bb:0b:42:f4:f5:02:73:77:11:5c:
ff:5e:01:2d:0b:40:4b:ff:28:86:a9:6a:01:1d:a9:
45:8a:39:4a:45:44:c9:5d:e2:f4:59:25:e7:0b:11:
87:f9:ae:6c:68:41:37:f7:67:c2:46:3b:2b:3a:7c:
ff:60:76:f1:77:03:39:29:a6:c1:2d:7c:c0:4c:bc:
4e:c9:4f:9f:9c:98:2c:69:0b:4c:dc:ca:6e:fb:10:
cd:30:65:e8:b8:b7:17:1b:ad:d1:ff:53:09:5f:9a:
69:76:20:e5:08:3b:74:6c:1f:0b:ae:6a:ca:36:23:
50:aa:5c:68:95:80:d4:f0:a5:1f:f0:27:b2:13:67:
c2:24:d4:ac:92:b3:04:42:f2:7c:43:7d:3b:65:3c:
70:3b:b3:6f:41:eb:16:b1:54:ec:ec:2d:4f:ab:dc:
af:28:be:29:21:06:c6:29:8c:0b:a2:67:d2:eb:c5:
8a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0E:A3:82:15:2F:BD:05:0E:92:1D:58:7D:A1:5F:60:F3:A5:56:D2
X509v3 Authority Key Identifier:
keyid:59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/WdWIElpxZphzjR0enm2KaNdAmyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/08A561CC40C111EEB5487568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.54.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ba:7a:f1:39:20:e9:48:0f:3b:c8:e0:ea:99:5d:7e:5f:27:
ec:b7:8f:07:d9:6d:80:4d:e0:00:a8:97:1c:25:63:0c:bc:92:
10:16:f0:c3:f3:c5:9e:90:33:03:cd:ca:6a:b6:31:b5:36:03:
ca:97:ca:59:78:9b:38:89:67:49:dc:af:b8:9d:e3:6c:eb:3a:
48:cb:9b:c6:55:04:45:d6:5e:9f:da:21:6d:11:26:85:53:cb:
a0:7a:80:fe:ee:71:86:03:85:68:8c:9f:78:82:af:59:9f:ee:
c2:de:eb:c2:e8:8b:71:eb:ff:03:9b:f5:33:32:7f:a9:79:68:
81:9a:4c:74:7b:b1:a0:34:33:18:1b:12:63:1b:30:3c:75:4c:
23:d8:8b:58:55:3d:9b:a8:1e:bf:41:a0:f3:99:8e:ca:c4:f9:
78:af:ce:a4:f7:ac:3f:65:fc:35:50:b5:9b:6e:da:f8:fa:01:
32:a6:5d:c5:0a:71:e1:6c:23:25:15:0b:79:7a:47:47:6c:5a:
e3:25:d7:82:5b:fa:87:e7:68:26:ac:91:d0:e4:5c:01:51:5f:
a1:a4:74:9a:88:45:d0:ad:b8:b3:96:9e:e7:87:c2:b4:b3:93:
ea:e4:c7:a3:43:19:09:12:89:a5:32:e9:fd:b5:d6:30:bf:df:
da:c4:b0:09
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MjdBQjExMC8GA1UEBRMoNTlENTg4MTI1QTcxNjY5ODczOEQxRDFFOUU2RDhBNjhE
NzQwOUIyNzAeFw0yMzA4MjIwNzUzNTFaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTQ2OThmLWI2ZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDvVdSmonYtPFQYQNOlBvvKP6LR3Fp4Zm915IK9D4tKrfVcWQA+rvL+tPr+Hfwm
yuNc8Y2nxsExtZU+m4AwXQdWbQ6KdVEZl3HHKlxt4bbouwtC9PUCc3cRXP9eAS0L
QEv/KIapagEdqUWKOUpFRMld4vRZJecLEYf5rmxoQTf3Z8JGOys6fP9gdvF3Azkp
psEtfMBMvE7JT5+cmCxpC0zcym77EM0wZei4txcbrdH/Uwlfmml2IOUIO3RsHwuu
aso2I1CqXGiVgNTwpR/wJ7ITZ8Ik1KySswRC8nxDfTtlPHA7s29B6xaxVOzsLU+r
3K8ovikhBsYpjAuiZ9LrxYqdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3A6jghUv
vQUOkh1YfaFfYPOlVtIwHwYDVR0jBBgwFoAUWdWIElpxZphzjR0enm2KaNdAmycw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyN0FCLzZGNkU5ODI4MzEw
RTExRUU4ODlGRjAzRkM0RjlBRTAyL1dkV0lFbHB4WnBoempSMGVubTJLYU5kQW15
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV2RXSUVscHhacGh6alIwZW5tMkthTmRBbXljLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MjdBQi82RjZFOTgyODMxMEUxMUVFODg5RkYwM0ZDNEY5QUUwMi8wOEE1NjFDQzQw
QzExMUVFQjU0ODc1NjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdjNjANBgkqhkiG9w0BAQsFAAOCAQEAkLp68Tkg6UgPO8jg
6pldfl8n7LePB9ltgE3gAKiXHCVjDLySEBbww/PFnpAzA83KarYxtTYDypfKWXib
OIlnSdyvuJ3jbOs6SMubxlUERdZen9ohbREmhVPLoHqA/u5xhgOFaIyfeIKvWZ/u
wt7rwuiLcev/A5v1MzJ/qXlogZpMdHuxoDQzGBsSYxswPHVMI9iLWFU9m6gev0Gg
85mOysT5eK/OpPesP2X8NVC1m27a+PoBMqZdxQpx4WwjJRULeXpHR2xa4yXXglv6
h+doJqyR0ORcAVFfoaR0mohF0K24s5ae54fCtLOT6uTHo0MZCRKJpTLp/bXWML/f
2sSwCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org