Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/6CDFDEDE4F0811EDB2685976C4F9AE02.roa
File: 6CDFDEDE4F0811EDB2685976C4F9AE02.roa (raw, json)
Hash identifier: DmbWTojPcbDB8ZsLHGlfCBrdPQ7mg5EAcxRHP4fx0RM=
Subject key identifier: C2:5D:A8:EB:57:4C:08:78:82:60:2F:16:94:D0:09:1C:6C:8E:3E:1B
Certificate issuer: /CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Certificate serial: 5C
Authority key identifier: 8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/6CDFDEDE4F0811EDB2685976C4F9AE02.roa
Signing time: Tue 18 Oct 2022 17:15:13 +0000
ROA not before: Tue 18 Oct 2022 17:15:13 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 150296
IP address blocks: 103.20.198.0/24 maxlen: 24
2001:df1:bc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92 (0x5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A43EE/serialNumber=8EC333757E363A1711B00273250446FE1B4938DB
Validity
Not Before: Oct 18 17:15:13 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=634edf20-c174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a9:af:6e:f2:d1:2d:c5:80:af:8d:0c:46:f8:
05:7d:70:33:b5:4f:75:a3:3c:4b:8d:60:ea:f9:0a:
0b:db:c5:86:06:df:ef:65:2e:22:9f:c6:b3:15:85:
c5:af:bf:69:61:6c:10:8f:da:74:31:79:20:7f:cd:
09:6f:5b:20:cd:63:4e:20:97:53:04:8b:e2:df:41:
40:18:3f:26:e4:e0:e0:f4:ee:03:da:db:b3:97:8a:
17:b1:70:4d:81:78:ec:c4:e0:8b:4d:c3:15:35:91:
84:57:b7:09:0a:cb:f0:7c:37:35:c5:e4:6f:aa:98:
e1:e4:69:c5:f9:1e:27:4f:48:fa:37:d8:94:96:63:
43:00:eb:f9:bd:9b:0d:21:a9:7b:a7:7e:27:21:e8:
01:ff:0e:c0:4b:7f:ee:cd:b2:e5:98:41:52:81:b4:
16:fa:b5:02:db:87:b6:e2:90:5b:4f:3c:d9:7f:12:
a7:43:80:84:33:a1:b0:00:e5:dd:cc:ba:44:ff:bc:
fe:0f:55:5c:14:eb:8a:95:1d:7c:ff:0f:13:6c:ce:
30:62:83:ff:bd:ad:f7:b3:20:fa:c7:1c:d2:35:5f:
2d:c2:de:7d:b1:db:b1:8e:49:9d:76:e3:43:17:8d:
20:f0:ff:22:19:11:26:06:28:b1:a9:4d:30:4c:aa:
16:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5D:A8:EB:57:4C:08:78:82:60:2F:16:94:D0:09:1C:6C:8E:3E:1B
X509v3 Authority Key Identifier:
keyid:8E:C3:33:75:7E:36:3A:17:11:B0:02:73:25:04:46:FE:1B:49:38:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/jsMzdX42OhcRsAJzJQRG_htJONs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsMzdX42OhcRsAJzJQRG_htJONs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A43EE/01E4E69623CB11EDA8E3583EC4F9AE02/6CDFDEDE4F0811EDB2685976C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.198.0/24
IPv6:
2001:df1:bc0::/48
Signature Algorithm: sha256WithRSAEncryption
23:a0:e6:b7:bf:ae:1b:4b:4c:52:e0:8a:d6:9d:1f:21:aa:54:
e8:07:fb:b6:7c:4b:d5:47:b9:f0:b7:42:cd:4a:f1:6c:72:84:
43:3a:43:82:b0:dc:ff:8a:c8:a7:37:06:4a:75:12:46:6f:c6:
b3:ca:bb:ee:36:1e:9f:ec:80:05:5d:fc:f0:26:e2:d8:1f:5a:
83:d6:3f:7d:a8:b5:af:30:69:fe:83:37:95:6d:cc:f1:8c:5c:
f1:e1:51:fa:10:de:97:92:ef:b5:01:21:fb:09:55:cf:e7:3d:
da:d5:fa:d1:21:30:a5:81:43:57:7f:6c:28:31:61:ba:b5:26:
de:76:42:65:19:71:7c:77:06:0b:e8:3c:ea:56:2e:00:5f:5e:
71:c0:3c:c6:22:c9:c3:09:fb:9a:c4:4b:80:db:dc:0e:ae:be:
1f:a1:3a:e6:7c:fe:94:52:0e:2b:95:2a:dc:ff:ae:55:e7:9d:
f5:8e:8d:e3:eb:58:9f:5c:99:8b:6f:7e:06:3d:f1:85:c9:31:
1a:4d:b9:88:48:27:70:4c:a2:18:25:13:b1:69:c3:fe:89:fa:
d8:eb:9b:ff:24:5c:d1:60:78:75:34:df:ce:08:0b:1c:fc:a3:
8a:33:ca:be:40:06:31:58:ec:a6:a5:90:cd:5b:d5:72:05:74:
c8:b3:03:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NDNFRTExMC8GA1UEBRMoOEVDMzMzNzU3RTM2M0ExNzExQjAwMjczMjUwNDQ2RkUx
QjQ5MzhEQjAeFw0yMjEwMTgxNzE1MTNaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNGVkZjIwLWMxNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQqa9u8tEtxYCvjQxG+AV9cDO1T3WjPEuNYOr5CgvbxYYG3+9lLiKfxrMVhcWv
v2lhbBCP2nQxeSB/zQlvWyDNY04gl1MEi+LfQUAYPybk4OD07gPa27OXihexcE2B
eOzE4ItNwxU1kYRXtwkKy/B8NzXF5G+qmOHkacX5HidPSPo32JSWY0MA6/m9mw0h
qXunfich6AH/DsBLf+7NsuWYQVKBtBb6tQLbh7bikFtPPNl/EqdDgIQzobAA5d3M
ukT/vP4PVVwU64qVHXz/DxNszjBig/+9rfezIPrHHNI1Xy3C3n2x27GOSZ1240MX
jSDw/yIZESYGKLGpTTBMqhaHAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUwl2o61dM
CHiCYC8WlNAJHGyOPhswHwYDVR0jBBgwFoAUjsMzdX42OhcRsAJzJQRG/htJONsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0M0VFLzAxRTRFNjk2MjND
QjExRURBOEUzNTgzRUM0RjlBRTAyL2pzTXpkWDQyT2hjUnNBSnpKUVJHX2h0Sk9O
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvanNNemRYNDJPaGNSc0FKekpRUkdfaHRKT05zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NDNFRS8wMUU0RTY5NjIzQ0IxMUVEQThFMzU4M0VDNEY5QUUwMi82Q0RGREVERTRG
MDgxMUVEQjI2ODU5NzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGcUxjAPBAIAAjAJAwcAIAEN8QvAMA0GCSqGSIb3DQEBCwUA
A4IBAQAjoOa3v64bS0xS4IrWnR8hqlToB/u2fEvVR7nwt0LNSvFscoRDOkOCsNz/
isinNwZKdRJGb8azyrvuNh6f7IAFXfzwJuLYH1qD1j99qLWvMGn+gzeVbczxjFzx
4VH6EN6Xku+1ASH7CVXP5z3a1frRITClgUNXf2woMWG6tSbedkJlGXF8dwYL6Dzq
Vi4AX15xwDzGIsnDCfuaxEuA29wOrr4foTrmfP6UUg4rlSrc/65V5531jo3j61if
XJmLb34GPfGFyTEaTbmISCdwTKIYJROxacP+ifrY65v/JFzRYHh1NN/OCAsc/KOK
M8q+QAYxWOympZDNW9VyBXTIswPZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org