Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/83AA65B8232B11EBB2348B23C4F9AE02.roa
File: 83AA65B8232B11EBB2348B23C4F9AE02.roa (raw, json)
Hash identifier: NbiEze/PYiw0NhCHi3KT19YfONN3CpTHEOkpnt4+CZY=
Subject key identifier: 21:51:B2:64:2D:3B:8E:9C:1B:C3:AD:A0:9C:5E:56:34:59:29:64:4C
Certificate issuer: /CN=A91BB94D/serialNumber=747C86C3CC14A77973805315408CDCA10A2147B2
Certificate serial: 0566
Authority key identifier: 74:7C:86:C3:CC:14:A7:79:73:80:53:15:40:8C:DC:A1:0A:21:47:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dHyGw8wUp3lzgFMVQIzcoQohR7I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/83AA65B8232B11EBB2348B23C4F9AE02.roa
Signing time: Mon 26 Sep 2022 00:00:19 +0000
ROA not before: Mon 26 Sep 2022 00:00:19 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 18013
IP address blocks: 103.153.100.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1382 (0x566)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB94D/serialNumber=747C86C3CC14A77973805315408CDCA10A2147B2
Validity
Not Before: Sep 26 00:00:19 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6330eb93-5b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f5:63:32:bf:3a:12:51:e3:dd:e3:e0:68:32:
17:37:bb:72:2f:cb:45:cf:fe:de:ff:f5:84:08:56:
d1:41:f4:97:36:5c:bc:62:b5:e5:97:e0:2b:39:18:
76:68:4a:e2:00:10:a9:5e:68:64:01:ee:9e:03:f7:
29:a4:9c:57:16:c9:2f:17:9f:4b:58:38:1e:d3:e0:
61:5e:f2:bc:2d:44:32:36:5b:48:fd:0e:36:2e:b8:
6c:e8:d5:b4:02:f8:4c:5c:6f:dd:76:bd:93:fb:9b:
99:05:83:12:46:03:ff:2c:66:ba:08:0f:e3:6b:86:
a2:be:e7:7d:71:f4:dd:34:40:3e:46:00:93:f9:51:
75:03:38:b7:15:76:30:f3:00:c6:e5:e5:13:bd:9c:
6b:02:ba:da:40:1a:5a:55:4d:5d:f1:77:03:5c:21:
63:bf:65:3b:9a:17:a7:4b:6f:7b:93:47:4d:5c:55:
48:b2:8b:9c:c9:56:62:94:9e:b2:52:fb:eb:7a:18:
bf:75:1e:18:a7:6f:ae:c4:b9:9b:46:e2:c4:3e:56:
75:44:db:23:57:60:19:5e:60:35:8d:f6:31:a0:b5:
d1:1e:05:c3:b3:38:5f:1d:44:e9:df:7b:65:1e:58:
24:af:4b:ba:62:d8:66:95:4d:0a:4e:88:fb:e2:0d:
b9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:51:B2:64:2D:3B:8E:9C:1B:C3:AD:A0:9C:5E:56:34:59:29:64:4C
X509v3 Authority Key Identifier:
keyid:74:7C:86:C3:CC:14:A7:79:73:80:53:15:40:8C:DC:A1:0A:21:47:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/dHyGw8wUp3lzgFMVQIzcoQohR7I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dHyGw8wUp3lzgFMVQIzcoQohR7I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB94D/2C7162CC232811EB9FF6E91AC4F9AE02/83AA65B8232B11EBB2348B23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.100.0/23
Signature Algorithm: sha256WithRSAEncryption
62:9c:79:c5:62:3b:f7:dd:d2:fa:a0:c4:15:f0:49:be:ac:03:
e4:ef:2f:97:15:e1:a8:7c:c2:d0:93:d9:c9:5e:84:6f:b7:2f:
67:cf:6a:a4:02:28:7d:21:b9:77:f1:39:7c:da:91:79:c0:ce:
50:69:24:6d:3b:44:31:e7:03:91:8c:fa:c8:a8:ba:ef:6c:7b:
e2:d4:97:78:e1:9a:a8:72:46:af:d8:b4:59:1c:94:0f:a3:eb:
a5:2f:7c:cc:09:8e:89:8c:00:c6:2b:69:b8:0f:96:64:ed:75:
9f:c8:f6:f7:a0:f3:4c:10:95:79:a4:e5:e2:53:0c:41:d1:c7:
7e:d6:ff:41:9c:c6:24:4e:97:72:dc:87:0d:39:2f:d2:30:56:
51:cb:59:f3:f7:0a:84:44:a9:13:50:92:8e:9f:bc:24:17:ed:
6f:b1:3f:dc:c3:97:89:1b:a1:4a:57:ac:2d:35:63:db:11:4b:
86:81:ba:e9:35:30:04:6a:45:f9:d1:08:15:8b:ad:7d:44:f1:
ce:fb:67:74:d4:41:ab:f7:6f:ea:6a:cb:89:7f:5f:7f:51:7c:
13:eb:8c:cd:c0:b1:09:72:ee:a7:0d:01:e3:17:6f:1c:44:70:
19:42:98:e4:0d:66:bc:8b:d3:db:80:48:02:bd:85:41:62:81:
3b:e2:98:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI5NEQxMTAvBgNVBAUTKDc0N0M4NkMzQ0MxNEE3Nzk3MzgwNTMxNTQwOENEQ0Ex
MEEyMTQ3QjIwHhcNMjIwOTI2MDAwMDE5WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzMwZWI5My01Yjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2PVjMr86ElHj3ePgaDIXN7tyL8tFz/7e//WECFbRQfSXNly8YrXll+ArORh2
aEriABCpXmhkAe6eA/cppJxXFskvF59LWDge0+BhXvK8LUQyNltI/Q42Lrhs6NW0
AvhMXG/ddr2T+5uZBYMSRgP/LGa6CA/ja4aivud9cfTdNEA+RgCT+VF1Azi3FXYw
8wDG5eUTvZxrArraQBpaVU1d8XcDXCFjv2U7mhenS297k0dNXFVIsoucyVZilJ6y
Uvvrehi/dR4Yp2+uxLmbRuLEPlZ1RNsjV2AZXmA1jfYxoLXRHgXDszhfHUTp33tl
Hlgkr0u6YthmlU0KToj74g25+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFCFRsmQt
O46cG8OtoJxeVjRZKWRMMB8GA1UdIwQYMBaAFHR8hsPMFKd5c4BTFUCM3KEKIUey
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjk0RC8yQzcxNjJDQzIz
MjgxMUVCOUZGNkU5MUFDNEY5QUUwMi9kSHlHdzh3VXAzbHpnRk1WUUl6Y29Rb2hS
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RIeUd3OHdVcDNsemdGTVZRSXpjb1FvaFI3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI5NEQvMkM3MTYyQ0MyMzI4MTFFQjlGRjZFOTFBQzRGOUFFMDIvODNBQTY1Qjgy
MzJCMTFFQkIyMzQ4QjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmWQwDQYJKoZIhvcNAQELBQADggEBAGKcecViO/fd0vqg
xBXwSb6sA+TvL5cV4ah8wtCT2clehG+3L2fPaqQCKH0huXfxOXzakXnAzlBpJG07
RDHnA5GM+siouu9se+LUl3jhmqhyRq/YtFkclA+j66UvfMwJjomMAMYrabgPlmTt
dZ/I9veg80wQlXmk5eJTDEHRx37W/0GcxiROl3Lchw05L9IwVlHLWfP3CoREqRNQ
ko6fvCQX7W+xP9zDl4kboUpXrC01Y9sRS4aBuuk1MARqRfnRCBWLrX1E8c77Z3TU
Qav3b+pqy4l/X39RfBPrjM3AsQly7qcNAeMXbxxEcBlCmOQNZryL09uASAK9hUFi
gTvimPw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org