Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/6086CB2E21CF11EBA0C85857C4F9AE02.roa
File: 6086CB2E21CF11EBA0C85857C4F9AE02.roa (raw, json)
Hash identifier: kuIn+XEYemDT5c2mEJtDWDrIq0Kbg0NxEtOqUqu3jak=
Subject key identifier: 33:61:0E:19:AA:9C:42:DA:E3:0F:40:3B:39:06:CC:4B:A4:E2:61:D1
Certificate issuer: /CN=A91BC6B4/serialNumber=6CA6B2AC1DD17B014DB6C767279D08C66E4EFC05
Certificate serial: 0DAD
Authority key identifier: 6C:A6:B2:AC:1D:D1:7B:01:4D:B6:C7:67:27:9D:08:C6:6E:4E:FC:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKayrB3RewFNtsdnJ50Ixm5O_AU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/6086CB2E21CF11EBA0C85857C4F9AE02.roa
Signing time: Fri 28 Oct 2022 18:45:32 +0000
ROA not before: Fri 28 Oct 2022 18:45:32 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 18013
IP address blocks: 103.99.40.0/23 maxlen: 24
103.132.234.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3501 (0xdad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC6B4/serialNumber=6CA6B2AC1DD17B014DB6C767279D08C66E4EFC05
Validity
Not Before: Oct 28 18:45:32 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=635c234c-2039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:64:2f:96:fe:1e:a0:0f:17:2b:16:f4:6c:69:
92:e0:45:ec:c6:e6:62:26:c6:ae:26:36:56:50:0d:
2d:85:9a:15:6c:e6:27:70:fb:0f:d8:14:fd:46:d4:
47:59:bd:40:78:39:7a:fe:84:af:8a:22:15:4a:ca:
3d:60:2e:cd:17:34:14:58:ad:e5:d8:bf:ea:3c:77:
85:f7:6f:37:59:43:3f:9d:d0:b5:68:c0:46:b4:bf:
4d:64:04:80:85:57:91:63:5c:b1:5e:ff:25:a2:10:
a3:af:94:b5:1d:02:aa:9b:ce:38:fd:9b:bf:45:10:
4f:2f:4e:18:5f:b6:dd:30:d6:bf:31:90:b0:48:92:
57:46:61:b5:e0:ca:79:c9:c7:6c:2b:16:a3:cc:06:
86:b3:a4:75:a9:30:87:d2:c6:27:ab:fd:10:d2:7c:
9b:8c:65:bf:f2:59:f9:c9:4d:12:62:5a:a2:fb:51:
38:29:05:bb:e3:cd:02:3c:08:87:c8:d1:9c:0f:fb:
8e:d3:bc:48:13:49:1a:30:3e:b1:4f:63:b7:51:dd:
e0:51:a5:5f:ed:60:16:19:ad:3d:1d:61:b6:c0:12:
ac:7f:4b:0b:49:db:3a:fe:e1:96:3f:16:b7:fc:c8:
4d:39:a3:10:8b:e4:75:30:76:92:4e:61:f4:b9:7e:
62:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:61:0E:19:AA:9C:42:DA:E3:0F:40:3B:39:06:CC:4B:A4:E2:61:D1
X509v3 Authority Key Identifier:
keyid:6C:A6:B2:AC:1D:D1:7B:01:4D:B6:C7:67:27:9D:08:C6:6E:4E:FC:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/bKayrB3RewFNtsdnJ50Ixm5O_AU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKayrB3RewFNtsdnJ50Ixm5O_AU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC6B4/726F51C263F211E9BB20DD45C4F9AE02/6086CB2E21CF11EBA0C85857C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.40.0/23
103.132.234.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:50:8a:c5:7b:41:01:d9:a6:4e:fa:bb:3a:ce:ce:c5:4e:00:
df:8f:82:b1:03:24:8b:ab:0c:15:a8:ae:a5:be:f1:e6:ec:6b:
7b:b5:bb:c1:dc:21:d6:0c:d4:b5:bd:63:3f:3b:3c:79:fe:cb:
91:64:8f:7b:9c:74:1c:18:64:c3:0a:11:e1:39:15:7d:1e:79:
c4:4e:6c:dc:3f:ed:f8:8b:36:e2:bd:a1:e3:32:c2:74:da:52:
60:fd:e8:98:7c:22:4e:85:ac:dc:14:a7:ad:2d:6a:47:5f:2e:
3a:0c:33:82:7f:57:95:78:46:36:fc:9d:16:e8:af:25:ca:26:
dd:f1:1c:67:ec:09:cc:07:7e:75:25:ae:fa:f6:36:fc:f3:2f:
e8:9b:bc:b1:9c:bb:73:03:82:52:37:b6:69:db:05:51:d3:14:
59:e6:a3:36:5e:c1:cb:63:3d:96:90:1f:1d:3f:90:ef:98:af:
db:36:36:70:e0:2c:43:a5:0b:a0:a5:65:6a:c1:68:6a:95:c9:
25:46:40:6e:85:6c:70:b4:c2:da:80:49:a8:4a:b4:30:b5:8f:
4a:a8:8f:0b:c7:a6:34:31:8f:2e:29:e8:f0:63:4b:b9:ce:39:
ff:9f:7f:e4:ec:2c:bd:2a:a0:ed:0f:36:ca:3a:92:51:e6:15:
5c:1e:b3:f5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkM2QjQxMTAvBgNVBAUTKDZDQTZCMkFDMUREMTdCMDE0REI2Qzc2NzI3OUQwOEM2
NkU0RUZDMDUwHhcNMjIxMDI4MTg0NTMyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVjMjM0Yy0yMDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyWQvlv4eoA8XKxb0bGmS4EXsxuZiJsauJjZWUA0thZoVbOYncPsP2BT9RtRH
Wb1AeDl6/oSviiIVSso9YC7NFzQUWK3l2L/qPHeF9283WUM/ndC1aMBGtL9NZASA
hVeRY1yxXv8lohCjr5S1HQKqm844/Zu/RRBPL04YX7bdMNa/MZCwSJJXRmG14Mp5
ycdsKxajzAaGs6R1qTCH0sYnq/0Q0nybjGW/8ln5yU0SYlqi+1E4KQW7480CPAiH
yNGcD/uO07xIE0kaMD6xT2O3Ud3gUaVf7WAWGa09HWG2wBKsf0sLSds6/uGWPxa3
/MhNOaMQi+R1MHaSTmH0uX5iUQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDNhDhmq
nELa4w9AOzkGzEuk4mHRMB8GA1UdIwQYMBaAFGymsqwd0XsBTbbHZyedCMZuTvwF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzZCNC83MjZGNTFDMjYz
RjIxMUU5QkIyMERENDVDNEY5QUUwMi9iS2F5ckIzUmV3Rk50c2RuSjUwSXhtNU9f
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JLYXlyQjNSZXdGTnRzZG5KNTBJeG01T19BVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkM2QjQvNzI2RjUxQzI2M0YyMTFFOUJCMjBERDQ1QzRGOUFFMDIvNjA4NkNCMkUy
MUNGMTFFQkEwQzg1ODU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnYygDBAFnhOowDQYJKoZIhvcNAQELBQADggEBAMpQisV7
QQHZpk76uzrOzsVOAN+PgrEDJIurDBWorqW+8ebsa3u1u8HcIdYM1LW9Yz87PHn+
y5Fkj3ucdBwYZMMKEeE5FX0eecRObNw/7fiLNuK9oeMywnTaUmD96Jh8Ik6FrNwU
p60takdfLjoMM4J/V5V4Rjb8nRboryXKJt3xHGfsCcwHfnUlrvr2NvzzL+ibvLGc
u3MDglI3tmnbBVHTFFnmozZewctjPZaQHx0/kO+Yr9s2NnDgLEOlC6ClZWrBaGqV
ySVGQG6FbHC0wtqASahKtDC1j0qojwvHpjQxjy4p6PBjS7nOOf+ff+TsLL0qoO0P
Nso6klHmFVwes/U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org