Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/FB97C5A4F71111ED95D7CC69C4F9AE02.roa
File: FB97C5A4F71111ED95D7CC69C4F9AE02.roa (raw, json)
Hash identifier: TBAGF9dQvImQGzWqFfcOoNKPor0SINLz8CFhxtNPa84=
Subject key identifier: 64:98:AC:FB:A0:DE:F3:7B:5E:FF:0E:5F:F8:1C:6C:C6:48:A7:EE:27
Certificate issuer: /CN=A91A4D1F/serialNumber=7AF34A260E6A29E9D7BC8AB1AC2656E147B88A22
Certificate serial: 69
Authority key identifier: 7A:F3:4A:26:0E:6A:29:E9:D7:BC:8A:B1:AC:26:56:E1:47:B8:8A:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evNKJg5qKenXvIqxrCZW4Ue4iiI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/FB97C5A4F71111ED95D7CC69C4F9AE02.roa
Signing time: Sat 20 May 2023 17:27:05 +0000
ROA not before: Sat 20 May 2023 17:27:05 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150435
IP address blocks: 103.41.94.0/23 maxlen: 23
103.41.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105 (0x69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4D1F/serialNumber=7AF34A260E6A29E9D7BC8AB1AC2656E147B88A22
Validity
Not Before: May 20 17:27:05 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=646902e9-5b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:af:1f:9a:6d:47:6f:a4:3f:d5:0b:81:38:28:
90:38:52:b8:c8:a0:70:93:81:40:db:7f:9a:a4:af:
74:6f:4a:56:51:48:dd:c1:0b:a9:c9:09:d8:7d:2f:
b7:9c:4d:98:37:80:3e:69:ec:8a:f8:7f:6f:4a:a9:
4b:84:aa:e8:4d:f0:8a:00:fd:f5:4b:e8:17:5e:e1:
a7:33:66:c7:4d:1c:df:52:29:ad:a1:c2:b0:63:4a:
71:2a:0c:e7:79:44:63:2a:f8:50:d4:8d:8d:66:d4:
81:38:83:2d:a0:fb:10:90:75:58:f3:4b:ba:68:6f:
2e:a2:75:76:f1:7f:98:23:58:ae:af:f6:2b:89:16:
97:97:92:32:fd:00:72:90:52:5b:4f:b8:16:24:bd:
ef:3c:54:85:8f:dc:ba:01:65:b9:af:26:a1:e6:5f:
3c:d9:85:47:22:0b:73:9b:f7:6e:e5:cf:15:cc:34:
a4:12:71:9e:40:ca:1c:b7:7c:e5:da:8d:c1:ba:46:
92:94:9c:97:43:de:d8:fe:e4:77:f5:78:81:87:54:
cf:e2:a0:9e:6a:e3:bd:19:06:65:76:37:83:3a:e1:
15:4f:22:f6:4d:c8:ef:51:9b:70:cc:36:18:56:c9:
d5:c3:84:52:61:2d:27:3b:32:88:db:34:b4:52:79:
30:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:98:AC:FB:A0:DE:F3:7B:5E:FF:0E:5F:F8:1C:6C:C6:48:A7:EE:27
X509v3 Authority Key Identifier:
keyid:7A:F3:4A:26:0E:6A:29:E9:D7:BC:8A:B1:AC:26:56:E1:47:B8:8A:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/evNKJg5qKenXvIqxrCZW4Ue4iiI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/evNKJg5qKenXvIqxrCZW4Ue4iiI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4D1F/49152A44680411EDA2D2BD3CC4F9AE02/FB97C5A4F71111ED95D7CC69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.94.0/23
Signature Algorithm: sha256WithRSAEncryption
64:18:7b:38:8d:f7:22:cd:94:58:8a:9b:02:70:8a:f4:c8:52:
ce:9e:61:ab:39:b0:88:8a:92:44:a2:9e:0d:e4:b9:a2:73:ee:
1c:94:2c:96:1a:66:44:0e:49:b8:02:c0:24:68:28:39:e5:fa:
89:d3:32:6c:1a:b3:ed:cb:ac:e0:e4:55:11:5d:a0:02:d2:fc:
c0:bf:cb:78:39:e3:a9:a2:cd:4d:c5:b1:91:86:06:f6:e1:71:
fc:ac:26:84:28:54:e1:46:e9:fa:c6:f0:20:3c:73:f9:fe:09:
5e:f6:e2:26:0a:9c:25:35:7d:40:e2:12:59:1a:17:fd:ed:de:
a0:8a:8b:7e:03:02:48:7c:c7:34:d4:fb:17:6b:0f:1e:c7:c8:
75:a5:d6:a6:dd:3d:96:55:0c:a4:38:28:89:a2:90:a8:e4:f6:
83:c3:51:f4:f8:bc:50:50:c4:a7:76:cc:af:57:8e:9c:1a:f6:
d9:78:7a:fa:97:21:70:73:95:7d:11:25:f5:d0:9d:53:e1:9a:
e5:3c:08:30:f3:fd:89:02:af:6b:87:6c:f2:26:15:ce:57:5f:
3f:3d:5e:a5:94:75:86:08:68:a3:f5:dc:7c:92:d9:a7:d7:65:
49:e0:5c:87:d1:c7:9d:c7:cd:be:0f:e3:e0:ab:ec:47:f7:0b:
fb:a1:5b:f5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBaTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NEQxRjExMC8GA1UEBRMoN0FGMzRBMjYwRTZBMjlFOUQ3QkM4QUIxQUMyNjU2RTE0
N0I4OEEyMjAeFw0yMzA1MjAxNzI3MDVaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NjkwMmU5LTViOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDArx+abUdvpD/VC4E4KJA4UrjIoHCTgUDbf5qkr3RvSlZRSN3BC6nJCdh9L7ec
TZg3gD5p7Ir4f29KqUuEquhN8IoA/fVL6Bde4aczZsdNHN9SKa2hwrBjSnEqDOd5
RGMq+FDUjY1m1IE4gy2g+xCQdVjzS7poby6idXbxf5gjWK6v9iuJFpeXkjL9AHKQ
UltPuBYkve88VIWP3LoBZbmvJqHmXzzZhUciC3Ob927lzxXMNKQScZ5Ayhy3fOXa
jcG6RpKUnJdD3tj+5Hf1eIGHVM/ioJ5q470ZBmV2N4M64RVPIvZNyO9Rm3DMNhhW
ydXDhFJhLSc7MojbNLRSeTB7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZJis+6De
83te/w5f+Bxsxkin7icwHwYDVR0jBBgwFoAUevNKJg5qKenXvIqxrCZW4Ue4iiIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0RDFGLzQ5MTUyQTQ0Njgw
NDExRURBMkQyQkQzQ0M0RjlBRTAyL2V2TktKZzVxS2VuWHZJcXhyQ1pXNFVlNGlp
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZXZOS0pnNXFLZW5YdklxeHJDWlc0VWU0aWlJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NEQxRi80OTE1MkE0NDY4MDQxMUVEQTJEMkJEM0NDNEY5QUUwMi9GQjk3QzVBNEY3
MTExMUVEOTVEN0NDNjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcpXjANBgkqhkiG9w0BAQsFAAOCAQEAZBh7OI33Is2UWIqb
AnCK9MhSzp5hqzmwiIqSRKKeDeS5onPuHJQslhpmRA5JuALAJGgoOeX6idMybBqz
7cus4ORVEV2gAtL8wL/LeDnjqaLNTcWxkYYG9uFx/KwmhChU4Ubp+sbwIDxz+f4J
XvbiJgqcJTV9QOISWRoX/e3eoIqLfgMCSHzHNNT7F2sPHsfIdaXWpt09llUMpDgo
iaKQqOT2g8NR9Pi8UFDEp3bMr1eOnBr22Xh6+pchcHOVfREl9dCdU+Ga5TwIMPP9
iQKva4ds8iYVzldfPz1epZR1hghoo/XcfJLZp9dlSeBch9HHncfNvg/j4KvsR/cL
+6Fb9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org