Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/30F342AA2D2311EDB35C1F67C4F9AE02.roa
File: 30F342AA2D2311EDB35C1F67C4F9AE02.roa (raw, json)
Hash identifier: 1DFz7r7+iNddf+Z3cR8Jxp+29/cyvWaXGBHkiUuVLX0=
Subject key identifier: A7:87:D8:9D:86:88:BF:3E:BB:95:57:89:04:B2:F5:CF:05:5C:C1:5B
Certificate issuer: /CN=A91BB6DE/serialNumber=717B9D0085C8FA95741207FA1910BE20B31E051E
Certificate serial: 0462
Authority key identifier: 71:7B:9D:00:85:C8:FA:95:74:12:07:FA:19:10:BE:20:B3:1E:05:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXudAIXI-pV0Egf6GRC-ILMeBR4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/30F342AA2D2311EDB35C1F67C4F9AE02.roa
Signing time: Sun 01 Jan 2023 02:01:32 +0000
ROA not before: Sun 01 Jan 2023 02:01:32 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141372
IP address blocks: 103.157.200.0/24 maxlen: 24
103.157.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1122 (0x462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB6DE/serialNumber=717B9D0085C8FA95741207FA1910BE20B31E051E
Validity
Not Before: Jan 1 02:01:32 2023 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=63b0e97b-7d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:af:aa:11:22:b8:f7:b8:da:12:35:8a:ae:17:
f4:18:13:43:48:77:25:61:62:68:89:1c:dd:61:72:
15:29:c1:3b:7b:71:31:e1:09:1c:5a:02:6c:7d:25:
f4:99:9d:a6:c5:c7:ca:43:ee:97:07:b1:63:4d:6d:
24:80:32:78:66:8e:09:32:23:40:a0:4f:3a:40:7a:
af:83:03:ba:d4:d1:c5:3b:bc:9c:34:65:f3:af:a1:
7c:71:4a:c2:70:93:7b:fe:87:fb:ad:46:45:39:9f:
c3:8c:63:d3:6b:8c:07:1b:fe:57:96:5c:12:01:2b:
62:0c:87:43:d2:f8:9c:cc:6f:0d:71:06:0f:10:e9:
87:54:53:a6:e7:58:3b:6c:77:bd:08:db:7e:b5:a0:
51:21:3f:bd:02:98:30:08:9d:ea:ff:03:ec:93:0d:
43:d1:99:25:70:5b:9d:39:d4:86:c1:3c:24:d3:1e:
3d:89:81:39:7e:97:cf:84:04:a8:07:a3:64:c2:74:
99:cd:e7:a1:da:a1:fc:25:4e:fa:88:18:f9:76:b7:
3c:44:4a:b9:b2:ec:b7:d7:7b:50:63:f0:5c:ea:8c:
22:e6:13:72:d8:00:26:6a:7f:5c:41:21:f2:89:93:
09:40:3c:e9:5f:c0:2c:36:45:47:23:22:9d:9c:ec:
96:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:87:D8:9D:86:88:BF:3E:BB:95:57:89:04:B2:F5:CF:05:5C:C1:5B
X509v3 Authority Key Identifier:
keyid:71:7B:9D:00:85:C8:FA:95:74:12:07:FA:19:10:BE:20:B3:1E:05:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/cXudAIXI-pV0Egf6GRC-ILMeBR4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXudAIXI-pV0Egf6GRC-ILMeBR4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/30F342AA2D2311EDB35C1F67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.200.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:84:2b:36:be:3c:d8:78:14:cd:fb:97:d6:a8:5b:64:e8:cc:
e8:1e:16:b7:47:7a:93:b1:4e:cc:7e:ac:b8:22:2c:3f:3b:ae:
6f:03:58:59:c3:01:59:00:ac:0c:12:60:25:a4:66:07:e0:7d:
6c:44:b9:1b:a4:39:86:01:98:19:eb:53:6f:c2:ba:9e:da:8a:
45:91:59:15:94:e9:3a:99:9a:c9:13:36:75:12:81:6b:ef:39:
38:9c:d5:45:d7:69:7e:bd:12:e6:72:48:2a:32:5b:1b:86:ed:
6d:6d:27:8c:01:6a:aa:74:a7:74:f8:e6:ea:2f:67:d4:4d:90:
f0:5a:4e:80:3c:44:80:11:b6:ad:dd:b7:e1:ba:97:dc:b4:e6:
3d:6f:9f:e5:1b:b7:f0:a8:bc:ac:12:88:25:56:d4:3d:c0:91:
47:34:cf:55:93:b4:dd:70:bd:ac:7c:70:e6:ec:74:f7:99:c0:
38:3c:d0:58:9d:21:aa:7d:d1:c7:ef:ca:38:c6:6b:3d:8c:af:
fe:ef:6c:e2:c0:59:04:6f:d9:64:38:a8:86:67:9e:98:1a:5e:
12:cf:05:33:32:15:e4:36:ba:d9:ad:1a:91:fc:8c:65:64:ff:
81:e9:93:f9:2b:ba:34:fd:ae:a9:b9:dc:48:ef:64:86:ec:64:
b0:03:3b:61
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI2REUxMTAvBgNVBAUTKDcxN0I5RDAwODVDOEZBOTU3NDEyMDdGQTE5MTBCRTIw
QjMxRTA1MUUwHhcNMjMwMTAxMDIwMTMyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IwZTk3Yi03ZDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2a+qESK497jaEjWKrhf0GBNDSHclYWJoiRzdYXIVKcE7e3Ex4QkcWgJsfSX0
mZ2mxcfKQ+6XB7FjTW0kgDJ4Zo4JMiNAoE86QHqvgwO61NHFO7ycNGXzr6F8cUrC
cJN7/of7rUZFOZ/DjGPTa4wHG/5XllwSAStiDIdD0viczG8NcQYPEOmHVFOm51g7
bHe9CNt+taBRIT+9ApgwCJ3q/wPskw1D0ZklcFudOdSGwTwk0x49iYE5fpfPhASo
B6NkwnSZzeeh2qH8JU76iBj5drc8REq5suy313tQY/Bc6owi5hNy2AAman9cQSHy
iZMJQDzpX8AsNkVHIyKdnOyWjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKeH2J2G
iL8+u5VXiQSy9c8FXMFbMB8GA1UdIwQYMBaAFHF7nQCFyPqVdBIH+hkQviCzHgUe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjZERS9BNTNBQjc0QzlD
MzgxMUVCODFCRTE1NjBDNEY5QUUwMi9jWHVkQUlYSS1wVjBFZ2Y2R1JDLUlMTWVC
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NYdWRBSVhJLXBWMEVnZjZHUkMtSUxNZUJSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI2REUvQTUzQUI3NEM5QzM4MTFFQjgxQkUxNTYwQzRGOUFFMDIvMzBGMzQyQUEy
RDIzMTFFREIzNUMxRjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnncgwDQYJKoZIhvcNAQELBQADggEBAJqEKza+PNh4FM37
l9aoW2TozOgeFrdHepOxTsx+rLgiLD87rm8DWFnDAVkArAwSYCWkZgfgfWxEuRuk
OYYBmBnrU2/Cup7aikWRWRWU6TqZmskTNnUSgWvvOTic1UXXaX69EuZySCoyWxuG
7W1tJ4wBaqp0p3T45uovZ9RNkPBaToA8RIARtq3dt+G6l9y05j1vn+Ubt/CovKwS
iCVW1D3AkUc0z1WTtN1wvax8cObsdPeZwDg80FidIap90cfvyjjGaz2Mr/7vbOLA
WQRv2WQ4qIZnnpgaXhLPBTMyFeQ2utmtGpH8jGVk/4Hpk/krujT9rqm53EjvZIbs
ZLADO2E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:23 2024 by rpki-client on console-ams.rpki-client.org