Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/C4F877D2310E11EEAA828140C4F9AE02.roa
File: C4F877D2310E11EEAA828140C4F9AE02.roa (raw, json)
Hash identifier: 8/4ak+NrGFthi8o9M6gKJ8nh4DAYJXzLqXlOmR+P1FQ=
Subject key identifier: 7B:62:C6:46:99:AE:46:31:F6:DB:2A:3B:8B:02:B3:41:7C:F5:27:CE
Certificate issuer: /CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
Certificate serial: 03
Authority key identifier: 59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/C4F877D2310E11EEAA828140C4F9AE02.roa
Signing time: Wed 02 Aug 2023 08:30:00 +0000
ROA not before: Wed 02 Aug 2023 08:30:00 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 51722
IP address blocks: 103.99.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A27AB/serialNumber=59D588125A716698738D1D1E9E6D8A68D7409B27
Validity
Not Before: Aug 2 08:30:00 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64ca1408-ff69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c6:ba:9d:f9:b8:85:c8:8f:2d:20:6b:28:7a:
e4:b6:2d:58:86:70:49:ab:90:bb:a6:6f:eb:fa:d5:
47:4d:7f:bb:55:7b:91:97:da:bf:90:ea:d1:ca:d9:
51:e1:63:ac:a1:06:8a:3e:bf:35:50:82:fe:25:22:
ea:06:73:72:2e:a7:f5:39:15:5e:b4:c5:81:b6:34:
36:37:a6:2d:70:38:2c:cd:9d:12:0c:2e:8b:78:12:
24:8e:8c:6f:08:42:32:30:0a:db:b0:91:c9:14:bc:
90:c0:a8:d4:13:85:18:56:20:c1:ff:a0:d9:8d:a1:
1f:8b:e7:68:16:9c:09:e3:4b:b4:0c:e9:af:8b:b7:
2c:97:42:60:37:d2:8a:dd:97:3c:20:c9:47:25:47:
70:d8:ba:f2:07:eb:7d:22:a6:96:d2:9a:97:ea:d3:
b1:c4:e5:08:ec:a4:3f:8c:49:42:66:8a:f2:2f:3c:
80:75:49:18:2c:de:1a:df:41:de:c8:28:8b:4f:dd:
e6:7c:4f:53:ae:db:97:d2:67:2c:23:9a:39:ad:96:
09:39:5b:c2:e9:43:ab:b4:33:1f:de:af:c3:e8:96:
76:61:16:5c:08:01:7e:62:49:7f:1a:2f:48:b7:5f:
d6:9c:37:3b:cd:d1:a6:4a:77:e1:85:ae:6b:7f:56:
37:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:62:C6:46:99:AE:46:31:F6:DB:2A:3B:8B:02:B3:41:7C:F5:27:CE
X509v3 Authority Key Identifier:
keyid:59:D5:88:12:5A:71:66:98:73:8D:1D:1E:9E:6D:8A:68:D7:40:9B:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/WdWIElpxZphzjR0enm2KaNdAmyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WdWIElpxZphzjR0enm2KaNdAmyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A27AB/6F6E9828310E11EE889FF03FC4F9AE02/C4F877D2310E11EEAA828140C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.55.0/24
Signature Algorithm: sha256WithRSAEncryption
99:58:32:7a:ab:a6:1e:a7:e1:2f:08:99:a6:0c:cb:ce:03:a8:
c8:22:f4:05:4a:22:d9:f6:e4:93:5e:2c:d4:dc:87:66:ba:5e:
ca:83:83:18:8d:58:73:16:dc:67:05:f3:85:ee:ea:dc:34:51:
9d:6f:c6:38:77:b9:37:41:e4:67:ed:6d:2b:6c:0f:c5:cd:b2:
8f:e2:3e:4e:c4:dd:28:f0:21:03:29:dd:4d:8b:1d:76:f8:cd:
b2:a8:96:60:77:1d:3a:0e:f0:04:e1:d4:91:ff:07:9c:d4:69:
01:f2:9c:50:39:ab:9c:cf:59:20:dc:9c:ca:27:36:6b:53:3b:
d0:32:f2:1e:0f:67:2d:2a:2c:23:61:a5:ea:9f:a8:02:3c:e8:
4c:5c:40:73:70:2e:3a:b6:2b:57:dc:11:01:9d:8b:d7:03:84:
74:c8:5d:17:d1:3e:91:85:a5:93:fb:0b:d0:e4:2a:9b:a8:94:
69:5b:0b:39:02:e2:ba:26:3f:ac:be:98:40:be:d3:5f:b0:13:
b8:30:04:c9:2c:be:83:11:0d:7b:a9:0a:7e:82:28:71:39:92:
c5:5f:95:f5:b8:a6:88:92:91:9c:1a:45:9c:46:5e:70:19:80:
77:58:53:66:ce:d9:12:27:d7:de:24:34:72:0c:90:78:da:c2:
ab:87:fc:de
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MjdBQjExMC8GA1UEBRMoNTlENTg4MTI1QTcxNjY5ODczOEQxRDFFOUU2RDhBNjhE
NzQwOUIyNzAeFw0yMzA4MDIwODMwMDBaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0Y2ExNDA4LWZmNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmxrqd+biFyI8tIGsoeuS2LViGcEmrkLumb+v61UdNf7tVe5GX2r+Q6tHK2VHh
Y6yhBoo+vzVQgv4lIuoGc3Iup/U5FV60xYG2NDY3pi1wOCzNnRIMLot4EiSOjG8I
QjIwCtuwkckUvJDAqNQThRhWIMH/oNmNoR+L52gWnAnjS7QM6a+LtyyXQmA30ord
lzwgyUclR3DYuvIH630ippbSmpfq07HE5QjspD+MSUJmivIvPIB1SRgs3hrfQd7I
KItP3eZ8T1Ou25fSZywjmjmtlgk5W8LpQ6u0Mx/er8PolnZhFlwIAX5iSX8aL0i3
X9acNzvN0aZKd+GFrmt/VjdLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUe2LGRpmu
RjH22yo7iwKzQXz1J84wHwYDVR0jBBgwFoAUWdWIElpxZphzjR0enm2KaNdAmycw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyN0FCLzZGNkU5ODI4MzEw
RTExRUU4ODlGRjAzRkM0RjlBRTAyL1dkV0lFbHB4WnBoempSMGVubTJLYU5kQW15
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV2RXSUVscHhacGh6alIwZW5tMkthTmRBbXljLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MjdBQi82RjZFOTgyODMxMEUxMUVFODg5RkYwM0ZDNEY5QUUwMi9DNEY4NzdEMjMx
MEUxMUVFQUE4MjgxNDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdjNzANBgkqhkiG9w0BAQsFAAOCAQEAmVgyequmHqfhLwiZ
pgzLzgOoyCL0BUoi2fbkk14s1NyHZrpeyoODGI1YcxbcZwXzhe7q3DRRnW/GOHe5
N0HkZ+1tK2wPxc2yj+I+TsTdKPAhAyndTYsddvjNsqiWYHcdOg7wBOHUkf8HnNRp
AfKcUDmrnM9ZINycyic2a1M70DLyHg9nLSosI2Gl6p+oAjzoTFxAc3AuOrYrV9wR
AZ2L1wOEdMhdF9E+kYWlk/sL0OQqm6iUaVsLOQLiuiY/rL6YQL7TX7ATuDAEySy+
gxENe6kKfoIocTmSxV+V9bimiJKRnBpFnEZecBmAd1hTZs7ZEifX3iQ0cgyQeNrC
q4f83g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org