Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0E3A/8E43F5D606C411EA8BEB4118C4F9AE02/4FA89244746111EBBB3B4068C4F9AE02.roa
File: 4FA89244746111EBBB3B4068C4F9AE02.roa (raw, json)
Hash identifier: ObLfOV/k4I7KuGas2UH3vLIsvIOJUqHSyqRAAjO73/k=
Subject key identifier: A5:7E:00:CD:CA:CB:5C:05:39:FE:A0:A0:2C:92:91:72:24:6D:6B:EE
Certificate issuer: /CN=A91B0E3A/serialNumber=877F25A41FB6DB3CF4DB5AD92144EFB71E92677A
Certificate serial: 0843
Authority key identifier: 87:7F:25:A4:1F:B6:DB:3C:F4:DB:5A:D9:21:44:EF:B7:1E:92:67:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h38lpB-22zz021rZIUTvtx6SZ3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0E3A/8E43F5D606C411EA8BEB4118C4F9AE02/4FA89244746111EBBB3B4068C4F9AE02.roa
Signing time: Sun 09 Jan 2022 20:35:51 +0000
ROA not before: Sun 09 Jan 2022 20:35:51 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 134371
IP address blocks: 103.143.138.0/24 maxlen: 24
103.143.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2115 (0x843)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0E3A/serialNumber=877F25A41FB6DB3CF4DB5AD92144EFB71E92677A
Validity
Not Before: Jan 9 20:35:51 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=61db4726-a7ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ae:39:7d:99:c8:6c:f9:18:48:36:b1:dd:15:
f5:74:2e:f9:66:a0:a0:68:d6:a4:c5:f6:1c:d7:b1:
ca:d6:39:03:b4:6b:04:1a:31:90:7f:98:89:89:63:
bd:d2:31:91:5c:d7:9e:e0:bf:95:48:c3:d6:e9:1f:
4d:e9:c6:4a:f0:e4:15:96:05:f7:9e:b7:ca:c7:c2:
6f:92:85:e2:1d:98:56:c7:ca:da:06:62:a6:78:97:
03:e9:1d:9e:02:d4:d0:a5:99:2f:6c:f3:95:cb:a9:
c6:87:6c:26:ff:87:dd:13:43:2c:13:19:2f:1e:99:
f8:b8:4a:15:9e:de:54:c6:0f:5d:bf:7a:73:ea:b9:
4a:2d:e1:68:9a:16:3b:93:49:7f:84:3b:30:bf:c6:
47:e5:98:b5:4f:13:fc:9d:64:f4:05:f7:d5:4e:f2:
09:b5:a4:79:58:5d:9b:5d:b1:dc:5f:08:3a:64:17:
16:dd:1e:98:1e:ab:53:0e:3b:77:52:01:f4:d5:cc:
40:4d:33:9a:d8:6a:3c:36:d2:d7:dc:e8:18:1a:16:
49:c9:74:31:6d:7f:2a:8c:a5:80:23:38:7d:c2:00:
8e:44:f2:12:10:4e:fd:ea:47:2e:cf:7c:02:8e:8a:
6a:df:4d:b7:1c:ee:2c:e1:cc:2c:af:03:bc:28:a2:
ff:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7E:00:CD:CA:CB:5C:05:39:FE:A0:A0:2C:92:91:72:24:6D:6B:EE
X509v3 Authority Key Identifier:
keyid:87:7F:25:A4:1F:B6:DB:3C:F4:DB:5A:D9:21:44:EF:B7:1E:92:67:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0E3A/8E43F5D606C411EA8BEB4118C4F9AE02/h38lpB-22zz021rZIUTvtx6SZ3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h38lpB-22zz021rZIUTvtx6SZ3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0E3A/8E43F5D606C411EA8BEB4118C4F9AE02/4FA89244746111EBBB3B4068C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.138.0/23
Signature Algorithm: sha256WithRSAEncryption
95:27:05:f4:a1:93:38:13:97:47:85:db:4a:f6:fc:eb:c0:1a:
40:42:a7:e6:40:26:16:7d:1c:8b:6f:36:a6:bb:a4:5b:06:6a:
7d:11:70:64:fc:28:e5:ab:00:b2:41:8d:33:3a:aa:a1:a7:65:
cc:38:70:21:fa:59:37:e7:e8:36:9e:ef:20:23:78:58:7f:ae:
ec:84:73:c9:12:e1:70:0d:62:49:ed:84:2e:72:b4:e8:8b:87:
68:27:a7:a4:2c:20:c7:1a:c2:14:a6:1b:14:f3:a2:62:60:f6:
74:2d:ab:63:7b:79:8a:eb:4d:31:97:1f:07:fb:8c:78:f9:72:
8d:25:41:10:b3:e1:72:f2:f6:e3:9a:2a:d8:3c:e5:e6:59:37:
bc:91:0d:94:40:be:67:71:68:88:41:5b:14:ea:c8:8f:a5:6f:
e5:31:09:8b:19:4d:42:b7:db:19:13:75:2d:a3:6f:87:a3:bd:
95:dc:21:92:08:bd:3c:e8:69:20:b3:5c:72:af:93:17:ea:04:
a7:39:29:9e:8c:22:be:46:0c:5e:36:5e:5c:57:a1:d3:43:fc:
61:a1:07:2c:47:22:ee:7e:09:4d:d1:bc:40:09:b8:b4:02:90:
e9:c4:9c:20:67:0a:7a:e2:8a:8b:70:3c:16:12:41:b6:3f:3d:
42:f3:95:fe
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjBFM0ExMTAvBgNVBAUTKDg3N0YyNUE0MUZCNkRCM0NGNERCNUFEOTIxNDRFRkI3
MUU5MjY3N0EwHhcNMjIwMTA5MjAzNTUxWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWRiNDcyNi1hN2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAua45fZnIbPkYSDax3RX1dC75ZqCgaNakxfYc17HK1jkDtGsEGjGQf5iJiWO9
0jGRXNee4L+VSMPW6R9N6cZK8OQVlgX3nrfKx8JvkoXiHZhWx8raBmKmeJcD6R2e
AtTQpZkvbPOVy6nGh2wm/4fdE0MsExkvHpn4uEoVnt5Uxg9dv3pz6rlKLeFomhY7
k0l/hDswv8ZH5Zi1TxP8nWT0BffVTvIJtaR5WF2bXbHcXwg6ZBcW3R6YHqtTDjt3
UgH01cxATTOa2Go8NtLX3OgYGhZJyXQxbX8qjKWAIzh9wgCORPISEE796kcuz3wC
jopq3023HO4s4cwsrwO8KKL/xwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKV+AM3K
y1wFOf6goCySkXIkbWvuMB8GA1UdIwQYMBaAFId/JaQftts89Nta2SFE77cekmd6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEUzQS84RTQzRjVENjA2
QzQxMUVBOEJFQjQxMThDNEY5QUUwMi9oMzhscEItMjJ6ejAyMXJaSVVUdnR4NlNa
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2gzOGxwQi0yMnp6MDIxclpJVVR2dHg2U1ozby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjBFM0EvOEU0M0Y1RDYwNkM0MTFFQThCRUI0MTE4QzRGOUFFMDIvNEZBODkyNDQ3
NDYxMTFFQkJCM0I0MDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnj4owDQYJKoZIhvcNAQELBQADggEBAJUnBfShkzgTl0eF
20r2/OvAGkBCp+ZAJhZ9HItvNqa7pFsGan0RcGT8KOWrALJBjTM6qqGnZcw4cCH6
WTfn6Dae7yAjeFh/ruyEc8kS4XANYknthC5ytOiLh2gnp6QsIMcawhSmGxTzomJg
9nQtq2N7eYrrTTGXHwf7jHj5co0lQRCz4XLy9uOaKtg85eZZN7yRDZRAvmdxaIhB
WxTqyI+lb+UxCYsZTUK32xkTdS2jb4ejvZXcIZIIvTzoaSCzXHKvkxfqBKc5KZ6M
Ir5GDF42XlxXodND/GGhByxHIu5+CU3RvEAJuLQCkOnEnCBnCnriiotwPBYSQbY/
PULzlf4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org