Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/80B1B7D88C3011EDBA232975C4F9AE02.roa
File: 80B1B7D88C3011EDBA232975C4F9AE02.roa (raw, json)
Hash identifier: +TA8ME/L6CC4/vPDpPnBKhpIB3I9wsNibXnvlQ8mkZw=
Subject key identifier: D0:7C:16:DC:04:E8:EC:02:9E:ED:16:B6:16:A9:07:D8:8E:37:E9:B9
Certificate issuer: /CN=A91A6EA0/serialNumber=0CCAB9447A17AC3C8A787BE947EC5D6F4A895CE9
Certificate serial: 02
Authority key identifier: 0C:CA:B9:44:7A:17:AC:3C:8A:78:7B:E9:47:EC:5D:6F:4A:89:5C:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DMq5RHoXrDyKeHvpR-xdb0qJXOk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/80B1B7D88C3011EDBA232975C4F9AE02.roa
Signing time: Wed 04 Jan 2023 13:05:46 +0000
ROA not before: Wed 04 Jan 2023 13:05:46 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150402
IP address blocks: 103.30.72.0/24 maxlen: 24
103.30.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6EA0/serialNumber=0CCAB9447A17AC3C8A787BE947EC5D6F4A895CE9
Validity
Not Before: Jan 4 13:05:46 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63b579aa-0735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:80:b3:bd:e3:33:9e:2d:09:d9:d6:fb:25:
84:6a:30:5f:06:22:96:1a:11:83:64:39:6b:ff:10:
cc:60:a2:9c:ef:dd:f6:71:55:fc:9a:d9:d3:d7:fc:
24:cd:ec:ab:1b:33:3f:62:ab:fe:80:fc:d0:95:fb:
41:61:61:ec:cb:4e:c6:3c:43:e1:92:1c:e6:ed:91:
32:e5:69:d9:f3:96:1b:2e:3b:6f:29:c3:e5:8a:c1:
92:d2:79:3b:0b:9d:bc:d8:0b:8c:fc:08:93:e9:d9:
06:f8:08:05:6f:43:93:b2:1c:4a:79:47:08:18:a4:
79:ef:fb:b2:08:a4:f2:58:6e:b1:26:47:5d:06:db:
53:4a:aa:9c:3c:ed:9e:bd:92:3a:25:24:96:e8:d7:
ce:76:f5:b8:23:77:42:be:1e:fb:af:8b:68:fb:35:
13:eb:d7:45:a0:c0:90:e7:f3:5e:38:61:7a:51:d0:
c0:a0:35:e9:9c:15:a4:3a:69:db:99:9f:e7:27:1c:
93:1e:85:45:c4:1e:f2:f6:5e:68:3e:fc:a2:cc:2a:
81:44:1f:57:78:1d:bc:f3:73:ef:01:fe:c6:8f:9c:
75:5c:77:bd:34:da:e5:69:11:7d:c6:9f:d9:af:5d:
3f:84:9b:5a:ff:20:00:09:12:8e:94:6a:de:a2:d7:
49:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7C:16:DC:04:E8:EC:02:9E:ED:16:B6:16:A9:07:D8:8E:37:E9:B9
X509v3 Authority Key Identifier:
keyid:0C:CA:B9:44:7A:17:AC:3C:8A:78:7B:E9:47:EC:5D:6F:4A:89:5C:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/DMq5RHoXrDyKeHvpR-xdb0qJXOk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DMq5RHoXrDyKeHvpR-xdb0qJXOk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/80B1B7D88C3011EDBA232975C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.30.72.0/23
Signature Algorithm: sha256WithRSAEncryption
cb:db:a0:bf:96:8b:3c:26:38:ae:95:db:0c:b7:6c:79:24:0b:
10:40:39:f6:39:33:74:a3:8e:bb:35:bc:79:1b:e1:43:0b:48:
34:ba:18:44:ce:0f:3b:6f:ae:f2:6f:44:0d:6a:a6:ed:b8:b9:
24:76:08:58:43:84:60:93:35:f4:5c:98:28:f0:80:c0:3e:00:
23:b7:60:44:b7:23:00:a1:af:32:65:e9:01:ca:59:8d:62:41:
56:51:de:e7:31:d3:28:b8:2a:29:5d:00:ea:52:81:ee:f5:79:
47:cf:91:61:ed:20:ad:5d:d3:77:71:0d:a7:2f:82:52:0f:d0:
07:84:f8:9d:32:29:75:ad:bf:6f:8f:e8:ad:6c:69:66:2b:31:
52:44:69:4a:2f:ba:5b:5f:1e:d6:fe:76:0c:19:48:b7:e8:77:
9c:2a:34:02:09:9e:b2:a4:df:0c:ad:b4:36:c8:0d:e2:9c:c6:
1a:23:e9:41:9b:cd:d4:b0:91:ed:ed:0a:30:5d:fb:7d:e3:ac:
fa:94:ea:3d:e4:28:b3:2b:9b:06:da:cf:a8:6e:f0:02:43:19:
6f:61:a7:79:fd:d3:7e:05:52:2c:67:30:d6:e2:af:1c:50:b8:
06:9e:8e:0a:42:47:b1:5a:9e:06:4a:41:a5:23:66:aa:e9:56:
5d:21:e7:ce
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NkVBMDExMC8GA1UEBRMoMENDQUI5NDQ3QTE3QUMzQzhBNzg3QkU5NDdFQzVENkY0
QTg5NUNFOTAeFw0yMzAxMDQxMzA1NDZaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYjU3OWFhLTA3MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIvYCzveMzni0J2db7JYRqMF8GIpYaEYNkOWv/EMxgopzv3fZxVfya2dPX/CTN
7KsbMz9iq/6A/NCV+0FhYezLTsY8Q+GSHObtkTLladnzlhsuO28pw+WKwZLSeTsL
nbzYC4z8CJPp2Qb4CAVvQ5OyHEp5RwgYpHnv+7IIpPJYbrEmR10G21NKqpw87Z69
kjolJJbo18529bgjd0K+Hvuvi2j7NRPr10WgwJDn8144YXpR0MCgNemcFaQ6aduZ
n+cnHJMehUXEHvL2Xmg+/KLMKoFEH1d4Hbzzc+8B/saPnHVcd7002uVpEX3Gn9mv
XT+Em1r/IAAJEo6Uat6i10nRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU0HwW3ATo
7AKe7Ra2FqkH2I436bkwHwYDVR0jBBgwFoAUDMq5RHoXrDyKeHvpR+xdb0qJXOkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE2RUEwL0Y5MTQwMEMyOEMy
QzExRUQ5NjM4RTY3MkM0RjlBRTAyL0RNcTVSSG9YckR5S2VIdnBSLXhkYjBxSlhP
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRE1xNVJIb1hyRHlLZUh2cFIteGRiMHFKWE9rLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NkVBMC9GOTE0MDBDMjhDMkMxMUVEOTYzOEU2NzJDNEY5QUUwMi84MEIxQjdEODhD
MzAxMUVEQkEyMzI5NzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWceSDANBgkqhkiG9w0BAQsFAAOCAQEAy9ugv5aLPCY4rpXb
DLdseSQLEEA59jkzdKOOuzW8eRvhQwtINLoYRM4PO2+u8m9EDWqm7bi5JHYIWEOE
YJM19FyYKPCAwD4AI7dgRLcjAKGvMmXpAcpZjWJBVlHe5zHTKLgqKV0A6lKB7vV5
R8+RYe0grV3Td3ENpy+CUg/QB4T4nTIpda2/b4/orWxpZisxUkRpSi+6W18e1v52
DBlIt+h3nCo0AgmesqTfDK20NsgN4pzGGiPpQZvN1LCR7e0KMF37feOs+pTqPeQo
syubBtrPqG7wAkMZb2Gnef3TfgVSLGcw1uKvHFC4Bp6OCkJHsVqeBkpBpSNmqulW
XSHnzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org