Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/8831E5167ADB11ED96D52C3DC4F9AE02.roa
File: 8831E5167ADB11ED96D52C3DC4F9AE02.roa (raw, json)
Hash identifier: wUPyTTWnlPsQNrOV8MI/Sl/GwvOhY+ObuBacX5qaJ4s=
Subject key identifier: 49:D0:21:C7:67:EE:83:B0:6D:D2:C8:4C:4D:3C:CB:D5:28:98:65:36
Certificate issuer: /CN=A91A4D1F/serialNumber=7AF34A260E6A29E9D7BC8AB1AC2656E147B88A22
Certificate serial: 13
Authority key identifier: 7A:F3:4A:26:0E:6A:29:E9:D7:BC:8A:B1:AC:26:56:E1:47:B8:8A:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evNKJg5qKenXvIqxrCZW4Ue4iiI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/8831E5167ADB11ED96D52C3DC4F9AE02.roa
Signing time: Tue 13 Dec 2022 11:44:42 +0000
ROA not before: Tue 13 Dec 2022 11:44:42 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150435
IP address blocks: 103.41.94.0/24 maxlen: 24
103.41.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4D1F/serialNumber=7AF34A260E6A29E9D7BC8AB1AC2656E147B88A22
Validity
Not Before: Dec 13 11:44:42 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=639865aa-53be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:f6:a0:af:d5:6c:af:ab:94:1d:a6:63:25:
a0:93:70:64:f4:ea:fb:7b:24:21:d7:ba:4b:b5:9a:
87:dc:23:7d:d0:a4:e5:4c:39:33:81:da:81:08:cd:
0d:f9:74:a9:c2:3e:a4:0f:7d:dd:a5:d4:29:0c:03:
1a:2b:7e:0d:ac:e6:82:2c:5b:f6:d7:e7:e7:05:b3:
a9:b4:00:cd:fb:39:b6:53:94:1c:b3:9a:b3:86:33:
7b:75:75:b9:ee:d1:71:18:69:84:81:1f:66:27:a0:
15:6f:f1:a9:6a:d2:ea:01:42:4b:6c:11:b7:24:9a:
fb:eb:7a:6e:aa:65:e7:f9:6b:25:ec:1c:72:e2:56:
f7:3b:b0:ba:55:5f:82:5a:a5:f0:13:d4:3c:6f:0d:
ff:d2:ba:ad:51:ba:ca:85:f5:6c:9a:c1:42:f6:55:
15:ed:33:83:2a:88:2f:d2:30:ff:d9:5f:e5:17:42:
70:5b:47:b5:4a:cd:45:f6:e1:e8:76:1c:65:1f:1d:
db:b4:c4:ff:5a:ea:bd:96:64:5b:2c:3d:2f:65:e3:
f8:db:bb:de:63:00:1e:2a:3a:11:f9:37:50:32:7a:
20:95:61:4c:96:63:3d:a1:65:30:45:34:a0:0e:80:
28:ff:e0:69:93:c4:e1:89:0a:cb:c4:08:a3:b1:8e:
38:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D0:21:C7:67:EE:83:B0:6D:D2:C8:4C:4D:3C:CB:D5:28:98:65:36
X509v3 Authority Key Identifier:
keyid:7A:F3:4A:26:0E:6A:29:E9:D7:BC:8A:B1:AC:26:56:E1:47:B8:8A:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/evNKJg5qKenXvIqxrCZW4Ue4iiI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evNKJg5qKenXvIqxrCZW4Ue4iiI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/8831E5167ADB11ED96D52C3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.94.0/23
Signature Algorithm: sha256WithRSAEncryption
40:f3:ed:aa:f6:44:87:9c:38:f1:6f:08:4e:e2:25:98:86:76:
c8:5c:ab:64:76:75:89:82:ac:2a:b6:04:3b:89:bd:54:8c:42:
3a:8b:a0:c4:e4:a4:2a:4f:9e:06:d4:fe:04:f0:24:5b:2b:d1:
7e:f9:14:96:f8:d9:52:4f:31:9a:b3:06:57:30:41:fe:54:6d:
ec:56:cd:b0:33:5f:36:7f:12:d4:6e:19:6c:2a:d0:91:dd:ef:
cb:55:43:8e:4b:a2:30:12:9f:ad:2f:9b:54:38:62:58:4d:29:
0e:5f:a9:59:5a:d6:f8:db:df:af:f5:32:0d:eb:3e:e9:53:18:
a5:dd:83:bc:b4:56:3a:3e:46:b9:d6:b3:69:45:2c:ec:cb:c3:
be:92:4d:ea:19:ac:a0:5c:5a:cf:3c:18:86:9c:0d:b3:7e:34:
ce:79:88:74:8a:a1:73:e5:c4:8c:7b:bf:71:ee:73:91:9b:8a:
d8:19:9f:84:8e:2c:2d:f9:c8:58:84:85:3c:3c:50:16:d0:28:
8f:10:99:24:64:10:11:dd:0c:ae:6a:a5:13:52:f3:67:dd:d0:
db:06:aa:56:20:05:57:6d:57:4b:1a:12:1d:18:53:c5:f3:44:
5b:02:f6:95:63:16:70:d8:a1:97:84:d3:9a:c9:14:7b:c6:df:
e8:7a:a2:d5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NEQxRjExMC8GA1UEBRMoN0FGMzRBMjYwRTZBMjlFOUQ3QkM4QUIxQUMyNjU2RTE0
N0I4OEEyMjAeFw0yMjEyMTMxMTQ0NDJaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTg2NWFhLTUzYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCl8fagr9Vsr6uUHaZjJaCTcGT06vt7JCHXuku1mofcI33QpOVMOTOB2oEIzQ35
dKnCPqQPfd2l1CkMAxorfg2s5oIsW/bX5+cFs6m0AM37ObZTlByzmrOGM3t1dbnu
0XEYaYSBH2YnoBVv8alq0uoBQktsEbckmvvrem6qZef5ayXsHHLiVvc7sLpVX4Ja
pfAT1DxvDf/Suq1RusqF9WyawUL2VRXtM4MqiC/SMP/ZX+UXQnBbR7VKzUX24eh2
HGUfHdu0xP9a6r2WZFssPS9l4/jbu95jAB4qOhH5N1AyeiCVYUyWYz2hZTBFNKAO
gCj/4GmTxOGJCsvECKOxjji3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUSdAhx2fu
g7Bt0shMTTzL1SiYZTYwHwYDVR0jBBgwFoAUevNKJg5qKenXvIqxrCZW4Ue4iiIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0RDFGLzQ5MTUyQTQ0Njgw
NDExRURBMkQyQkQzQ0M0RjlBRTAyL2V2TktKZzVxS2VuWHZJcXhyQ1pXNFVlNGlp
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZXZOS0pnNXFLZW5YdklxeHJDWlc0VWU0aWlJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NEQxRi80OTE1MkE0NDY4MDQxMUVEQTJEMkJEM0NDNEY5QUUwMi84ODMxRTUxNjdB
REIxMUVEOTZENTJDM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcpXjANBgkqhkiG9w0BAQsFAAOCAQEAQPPtqvZEh5w48W8I
TuIlmIZ2yFyrZHZ1iYKsKrYEO4m9VIxCOougxOSkKk+eBtT+BPAkWyvRfvkUlvjZ
Uk8xmrMGVzBB/lRt7FbNsDNfNn8S1G4ZbCrQkd3vy1VDjkuiMBKfrS+bVDhiWE0p
Dl+pWVrW+Nvfr/UyDes+6VMYpd2DvLRWOj5GudazaUUs7MvDvpJN6hmsoFxazzwY
hpwNs340znmIdIqhc+XEjHu/ce5zkZuK2BmfhI4sLfnIWISFPDxQFtAojxCZJGQQ
Ed0MrmqlE1LzZ93Q2waqViAFV21XSxoSHRhTxfNEWwL2lWMWcNihl4TTmskUe8bf
6Hqi1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org