Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/A9506634A52711ED91089263C4F9AE02.roa
File: A9506634A52711ED91089263C4F9AE02.roa (raw, json)
Hash identifier: QIdnKAdFoLm9HYKEjobiAJaRydSw82P8WM4/3Lx2zDE=
Subject key identifier: 7D:8D:AC:25:A8:AB:7C:8D:0E:47:F8:BD:97:FC:F7:51:ED:7F:7D:9B
Certificate issuer: /CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34
Certificate serial: 12
Authority key identifier: 0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/A9506634A52711ED91089263C4F9AE02.roa
Signing time: Tue 07 Feb 2023 06:55:22 +0000
ROA not before: Tue 07 Feb 2023 06:55:22 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 63986
IP address blocks: 103.117.118.0/24 maxlen: 24
103.117.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34
Validity
Not Before: Feb 7 06:55:22 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63e1f5da-e117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:eb:16:b9:74:cc:0a:5d:e2:5f:43:ba:fa:28:
66:19:e8:c9:80:34:9e:61:88:37:7d:f0:15:ab:34:
37:f4:ad:34:25:1a:75:ff:08:68:5c:22:f9:a1:ae:
6f:46:0e:c1:13:d1:bf:59:f4:32:b3:ef:84:bf:5b:
0f:3c:01:3a:1f:a3:5c:3c:00:92:5d:ea:f3:e0:c1:
5b:7f:84:c5:ad:1a:92:c5:40:8c:90:bb:2a:8d:2d:
17:14:78:63:89:a6:6f:9b:bc:56:91:93:99:2a:5c:
37:d5:38:48:f0:21:48:26:c0:10:36:64:a7:cf:3a:
1b:8e:e1:27:96:3f:e8:1e:35:45:50:30:cd:f7:cf:
43:2b:c4:5d:72:66:58:e3:a1:8a:a3:08:2b:d7:14:
f2:58:92:93:10:be:56:67:8a:5e:0d:30:fc:2f:bb:
93:11:86:08:18:68:ec:58:fa:b5:38:d1:5f:0a:0f:
81:8a:64:61:b3:a1:46:c6:0f:dc:70:d0:84:41:81:
6c:bd:72:9c:b7:6e:0c:5b:0b:fb:42:ce:c5:cd:24:
0c:cf:5d:48:74:93:fd:3d:c0:14:f6:b5:8e:a8:57:
c0:06:e9:de:b5:bc:45:72:be:30:88:c0:cc:b8:fd:
8f:1b:e4:d0:e2:86:92:d0:d4:80:45:3e:c4:d6:ec:
60:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8D:AC:25:A8:AB:7C:8D:0E:47:F8:BD:97:FC:F7:51:ED:7F:7D:9B
X509v3 Authority Key Identifier:
keyid:0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/A9506634A52711ED91089263C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.118.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:4d:ce:b9:f8:08:44:82:73:10:21:ef:21:de:f2:56:b4:fc:
25:85:8f:9c:1e:40:32:85:42:66:58:05:6e:61:cb:86:6f:52:
23:1e:6b:4b:30:27:48:a5:8a:10:2a:c9:d4:eb:77:f6:92:19:
d3:51:8a:26:ad:dd:42:f1:41:ff:55:d0:f4:9f:45:bf:bf:c9:
d2:6a:8e:33:18:cf:cd:2d:3c:70:42:b1:0f:95:63:7d:80:22:
ff:75:fe:f1:b4:99:97:bb:1d:d2:54:bf:fc:47:c0:6b:92:02:
fe:78:b1:11:57:87:de:81:9e:69:fb:8f:51:7b:c7:1f:f1:57:
b0:6c:db:0f:81:f9:46:65:94:d2:a2:ed:da:fc:8f:33:6a:a4:
65:0d:fd:f1:11:1f:b6:96:e5:30:eb:5d:80:84:fc:5e:3b:96:
e6:32:ac:87:d4:72:4c:fd:b7:f0:77:a2:35:d8:a3:26:ef:78:
ef:3e:60:ec:41:8c:84:5b:1a:28:f7:53:d4:22:b4:17:e2:20:
8b:7a:82:aa:79:56:6f:bd:85:e4:07:92:79:07:f6:aa:d5:bd:
b4:69:90:50:d1:e0:0c:a5:71:7b:df:65:d5:b3:77:05:4a:77:
50:a9:a0:01:a4:c2:7f:10:61:9d:29:07:07:e7:e0:4b:36:4e:
87:6c:47:42
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
N0M2ODExMC8GA1UEBRMoMEY2MjZBMzI2NEQ2RkVDQ0NCRkVCMkQ5OUIxREJGOEFG
RkVDM0IzNDAeFw0yMzAyMDcwNjU1MjJaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZTFmNWRhLWUxMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCv6xa5dMwKXeJfQ7r6KGYZ6MmANJ5hiDd98BWrNDf0rTQlGnX/CGhcIvmhrm9G
DsET0b9Z9DKz74S/Ww88ATofo1w8AJJd6vPgwVt/hMWtGpLFQIyQuyqNLRcUeGOJ
pm+bvFaRk5kqXDfVOEjwIUgmwBA2ZKfPOhuO4SeWP+geNUVQMM33z0MrxF1yZljj
oYqjCCvXFPJYkpMQvlZnil4NMPwvu5MRhggYaOxY+rU40V8KD4GKZGGzoUbGD9xw
0IRBgWy9cpy3bgxbC/tCzsXNJAzPXUh0k/09wBT2tY6oV8AG6d61vEVyvjCIwMy4
/Y8b5NDihpLQ1IBFPsTW7GBhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfY2sJair
fI0OR/i9l/z3Ue1/fZswHwYDVR0jBBgwFoAUD2JqMmTW/szL/rLZmx2/iv/sOzQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3QzY4LzQyMzk4NkY2OTcy
MTExRURBMkUwMjI1MUM0RjlBRTAyL0QySnFNbVRXX3N6TF9yTFpteDJfaXZfc096
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRDJKcU1tVFdfc3pMX3JMWm14Ml9pdl9zT3pRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0M2OC80MjM5ODZGNjk3MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9BOTUwNjYzNEE1
MjcxMUVEOTEwODkyNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd1djANBgkqhkiG9w0BAQsFAAOCAQEAj03OufgIRIJzECHv
Id7yVrT8JYWPnB5AMoVCZlgFbmHLhm9SIx5rSzAnSKWKECrJ1Ot39pIZ01GKJq3d
QvFB/1XQ9J9Fv7/J0mqOMxjPzS08cEKxD5VjfYAi/3X+8bSZl7sd0lS//EfAa5IC
/nixEVeH3oGeafuPUXvHH/FXsGzbD4H5RmWU0qLt2vyPM2qkZQ398REftpblMOtd
gIT8XjuW5jKsh9RyTP238HeiNdijJu947z5g7EGMhFsaKPdT1CK0F+Igi3qCqnlW
b72F5AeSeQf2qtW9tGmQUNHgDKVxe99l1bN3BUp3UKmgAaTCfxBhnSkHB+fgSzZO
h2xHQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org