Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA733/333872A20D7411EDA896062FC4F9AE02/D206F53A0D7811ED8AB6244DC4F9AE02.roa
File: D206F53A0D7811ED8AB6244DC4F9AE02.roa (raw, json)
Hash identifier: e9GvXDrTKqVBXFJuvIjCKEHGZZOhQpYpYY2FRJxv/vE=
Subject key identifier: D6:9D:54:09:E3:E1:36:60:31:C2:3F:3B:54:BD:1A:07:5B:AD:BF:EE
Certificate issuer: /CN=A91BA733/serialNumber=4740657A4E2FB867BFB44DBF6CB8BC1DD1B2C20E
Certificate serial: 02
Authority key identifier: 47:40:65:7A:4E:2F:B8:67:BF:B4:4D:BF:6C:B8:BC:1D:D1:B2:C2:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R0Blek4vuGe_tE2_bLi8HdGywg4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA733/333872A20D7411EDA896062FC4F9AE02/D206F53A0D7811ED8AB6244DC4F9AE02.roa
Signing time: Wed 27 Jul 2022 06:53:29 +0000
ROA not before: Wed 27 Jul 2022 06:53:29 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 142539
IP address blocks: 103.168.178.0/23 maxlen: 24
2407:95c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA733/serialNumber=4740657A4E2FB867BFB44DBF6CB8BC1DD1B2C20E
Validity
Not Before: Jul 27 06:53:29 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e0e0e9-aad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:b8:09:bd:c6:30:5d:9e:ad:76:45:c8:2e:
fa:33:83:0d:11:7d:0f:07:a9:81:0c:cd:54:c5:86:
9a:91:0c:2d:d5:c5:9b:c1:40:8f:e7:30:bc:57:32:
1f:ca:67:5e:94:63:37:eb:a2:9e:58:eb:d6:b5:d8:
6a:24:23:e6:ff:8f:4e:f5:60:3a:5f:12:f8:c0:f8:
5d:88:7b:d9:7b:8a:4a:a3:83:8b:3d:2d:f3:6b:98:
3f:7f:83:a9:2a:34:f6:9b:71:7b:4d:13:40:b3:58:
68:4a:70:fe:20:1b:58:15:ce:73:c2:b7:97:ba:23:
40:b5:48:d0:44:01:a1:a3:fa:4e:f5:c1:5b:fe:57:
39:ee:dd:f7:ec:df:49:ff:0b:56:3c:8e:3c:97:5f:
42:76:9f:f7:77:e4:e5:84:a6:5a:02:c1:7a:86:6c:
08:4d:ea:7b:5b:f0:c7:7a:39:aa:30:f1:34:db:f7:
95:59:01:c9:17:2a:49:e0:d7:eb:a4:e3:0c:90:c1:
bf:c1:ed:41:6a:ff:fe:f3:04:95:9f:4b:7c:2b:0f:
65:8d:33:db:89:aa:d4:67:55:f9:48:7c:06:f9:de:
76:1d:ae:da:03:67:54:d8:82:8d:36:02:83:7a:47:
25:61:29:9e:ce:0c:9a:38:33:90:e5:72:ae:76:dc:
65:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9D:54:09:E3:E1:36:60:31:C2:3F:3B:54:BD:1A:07:5B:AD:BF:EE
X509v3 Authority Key Identifier:
keyid:47:40:65:7A:4E:2F:B8:67:BF:B4:4D:BF:6C:B8:BC:1D:D1:B2:C2:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA733/333872A20D7411EDA896062FC4F9AE02/R0Blek4vuGe_tE2_bLi8HdGywg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R0Blek4vuGe_tE2_bLi8HdGywg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA733/333872A20D7411EDA896062FC4F9AE02/D206F53A0D7811ED8AB6244DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.178.0/23
IPv6:
2407:95c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:4f:37:c5:2a:87:b4:07:19:99:11:3a:3c:6d:a5:0e:75:d0:
97:5f:f2:ce:bf:07:2d:cc:ef:b3:c2:29:a9:e6:0a:98:5b:88:
13:4d:3a:c2:c6:70:3c:5e:c1:f1:80:56:97:bc:ec:a5:9d:34:
14:51:45:c1:ac:65:8c:73:cb:a0:e7:20:fa:a9:a1:d5:74:b6:
88:db:0a:2c:3e:7a:c5:86:8b:62:94:77:b7:da:d5:ee:2f:e4:
b7:22:36:d0:03:9a:3d:1c:52:48:e0:86:85:3e:d1:2d:df:3f:
8b:2f:1e:05:03:12:62:ff:6d:24:62:e7:9b:8b:bb:2f:0d:25:
1b:76:fa:4f:6e:77:dd:30:61:af:f0:f5:34:12:97:1c:4e:19:
4c:4d:1f:df:71:f6:55:2b:21:a1:65:08:87:66:6c:d2:cf:76:
68:8a:0e:ef:60:44:eb:05:c0:cf:f9:89:a7:a7:e5:4b:e9:ce:
09:a2:17:09:0a:ed:35:4c:d8:1f:fb:18:b5:03:bf:9a:dc:d9:
f3:20:2f:87:63:f4:da:9f:46:23:bc:c1:f6:4f:06:61:c0:e3:
ee:29:d0:3b:79:32:94:ff:0c:f1:29:2d:ac:e1:36:87:85:2e:
89:c6:3c:84:4c:d2:49:2e:6d:45:52:2a:cc:18:5e:a9:e0:4c:
14:7a:92:69
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QTczMzExMC8GA1UEBRMoNDc0MDY1N0E0RTJGQjg2N0JGQjQ0REJGNkNCOEJDMURE
MUIyQzIwRTAeFw0yMjA3MjcwNjUzMjlaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZTBlMGU5LWFhZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/D7gJvcYwXZ6tdkXILvozgw0RfQ8HqYEMzVTFhpqRDC3VxZvBQI/nMLxXMh/K
Z16UYzfrop5Y69a12GokI+b/j071YDpfEvjA+F2Ie9l7ikqjg4s9LfNrmD9/g6kq
NPabcXtNE0CzWGhKcP4gG1gVznPCt5e6I0C1SNBEAaGj+k71wVv+Vznu3ffs30n/
C1Y8jjyXX0J2n/d35OWEploCwXqGbAhN6ntb8Md6Oaow8TTb95VZAckXKkng1+uk
4wyQwb/B7UFq//7zBJWfS3wrD2WNM9uJqtRnVflIfAb53nYdrtoDZ1TYgo02AoN6
RyVhKZ7ODJo4M5Dlcq523GVRAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU1p1UCePh
NmAxwj87VL0aB1utv+4wHwYDVR0jBBgwFoAUR0Blek4vuGe/tE2/bLi8HdGywg4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJBNzMzLzMzMzg3MkEyMEQ3
NDExRURBODk2MDYyRkM0RjlBRTAyL1IwQmxlazR2dUdlX3RFMl9iTGk4SGRHeXdn
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUjBCbGVrNHZ1R2VfdEUyX2JMaThIZEd5d2c0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QTczMy8zMzM4NzJBMjBENzQxMUVEQTg5NjA2MkZDNEY5QUUwMi9EMjA2RjUzQTBE
NzgxMUVEOEFCNjI0NERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWeosjANBAIAAjAHAwUAJAeVwDANBgkqhkiG9w0BAQsFAAOC
AQEAW083xSqHtAcZmRE6PG2lDnXQl1/yzr8HLczvs8IpqeYKmFuIE006wsZwPF7B
8YBWl7zspZ00FFFFwaxljHPLoOcg+qmh1XS2iNsKLD56xYaLYpR3t9rV7i/ktyI2
0AOaPRxSSOCGhT7RLd8/iy8eBQMSYv9tJGLnm4u7Lw0lG3b6T2533TBhr/D1NBKX
HE4ZTE0f33H2VSshoWUIh2Zs0s92aIoO72BE6wXAz/mJp6flS+nOCaIXCQrtNUzY
H/sYtQO/mtzZ8yAvh2P02p9GI7zB9k8GYcDj7inQO3kylP8M8SktrOE2h4UuicY8
hEzSSS5tRVIqzBheqeBMFHqSaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org