Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEC2F/721B31D4963811ECB83C1682C4F9AE02/D0AD17E0963C11ECA4AD310CC4F9AE02.roa
File: D0AD17E0963C11ECA4AD310CC4F9AE02.roa (raw, json)
Hash identifier: 0FWUZY5Yusq1IFHgL1kFhpucgKW/qkwCQG8D8fp+uXE=
Subject key identifier: 62:64:B1:0A:7F:90:1E:9C:A9:16:A8:A3:EF:03:7F:E5:58:E3:E1:03
Certificate issuer: /CN=A91BEC2F/serialNumber=F7A07F7A991C21A25CD39AB20ADE4FA3B5E05D15
Certificate serial: 02
Authority key identifier: F7:A0:7F:7A:99:1C:21:A2:5C:D3:9A:B2:0A:DE:4F:A3:B5:E0:5D:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/96B_epkcIaJc05qyCt5Po7XgXRU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BEC2F/721B31D4963811ECB83C1682C4F9AE02/D0AD17E0963C11ECA4AD310CC4F9AE02.roa
Signing time: Fri 25 Feb 2022 13:14:09 +0000
ROA not before: Fri 25 Feb 2022 13:14:09 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 140321
IP address blocks: 103.149.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BEC2F/serialNumber=F7A07F7A991C21A25CD39AB20ADE4FA3B5E05D15
Validity
Not Before: Feb 25 13:14:09 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=6218d620-4f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:06:bc:12:cd:dd:65:84:2d:46:8c:80:e0:b0:
f7:36:6b:4b:48:7b:0d:d0:05:bf:31:44:ec:e5:d1:
22:64:78:44:4e:d2:8a:b5:f0:9e:92:73:63:a8:87:
9f:92:43:35:9d:8e:4c:18:43:88:4f:74:5e:8c:60:
ea:5d:b8:75:7b:55:59:55:04:ef:cb:9c:df:6f:10:
36:ce:e9:30:ed:9b:ea:1c:91:6b:28:fb:8c:f6:be:
1c:c6:88:09:e7:1a:2a:fb:0c:5f:39:b6:9b:0d:61:
6a:3e:0d:9b:84:7a:2b:68:86:0c:3f:dd:ed:27:35:
c7:52:cc:b5:23:d0:68:19:12:b6:94:59:17:15:56:
2e:4c:89:46:b4:76:39:9b:14:48:45:3a:4f:37:92:
6c:6d:0c:7b:47:b6:b5:05:8a:ab:87:ef:21:c6:db:
4b:d8:75:22:c2:87:3b:00:70:20:b8:e6:3e:45:be:
6b:a8:88:00:70:df:46:71:02:d9:0f:88:e4:8d:34:
af:de:81:cf:67:5a:c8:e0:ca:df:40:17:ef:fb:fb:
d8:fc:bf:fe:8f:17:d6:c9:f6:c8:2e:1c:08:8a:f1:
fc:dc:4b:30:c9:7a:40:4f:2c:41:46:ed:d2:e7:87:
29:06:d2:b7:40:bc:e5:94:30:a1:bd:a8:64:d8:21:
7b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:64:B1:0A:7F:90:1E:9C:A9:16:A8:A3:EF:03:7F:E5:58:E3:E1:03
X509v3 Authority Key Identifier:
keyid:F7:A0:7F:7A:99:1C:21:A2:5C:D3:9A:B2:0A:DE:4F:A3:B5:E0:5D:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BEC2F/721B31D4963811ECB83C1682C4F9AE02/96B_epkcIaJc05qyCt5Po7XgXRU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/96B_epkcIaJc05qyCt5Po7XgXRU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEC2F/721B31D4963811ECB83C1682C4F9AE02/D0AD17E0963C11ECA4AD310CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.168.0/23
Signature Algorithm: sha256WithRSAEncryption
34:28:e4:e2:53:a9:24:03:65:d7:39:d3:29:45:cd:76:c7:24:
43:0a:f3:dc:8e:e8:bc:a1:91:a3:97:6f:a5:a5:a0:c9:4c:eb:
c5:f2:55:6e:a1:bf:ab:a4:10:92:27:42:7f:5b:91:da:d9:5c:
54:62:0d:38:67:c8:02:ba:3c:9d:0a:bf:ef:b6:91:8b:95:29:
89:c3:3a:79:6c:51:41:98:75:7c:f6:88:4b:51:da:61:df:87:
bf:17:a8:eb:e5:be:8a:32:76:24:e3:f8:c7:ca:9e:ea:ec:e5:
ec:94:5a:1f:48:a3:82:5a:12:7d:00:6f:91:42:90:6f:64:f2:
88:1e:08:4b:be:59:15:0b:05:ed:84:6c:c6:6a:6e:39:da:24:
bf:a9:da:1d:fb:cd:1b:8f:4f:e5:95:e2:35:8e:86:82:62:e5:
86:ce:5d:82:a0:60:b9:03:59:9c:01:44:4f:f9:d3:e2:7c:6f:
3e:88:63:05:83:24:88:2f:fb:65:fb:6e:81:45:f5:43:ba:5f:
bf:f6:b9:be:ac:73:82:74:ab:58:3b:fb:b7:2f:f6:93:3c:90:
96:35:39:35:3c:e9:d3:23:1d:d1:a5:66:56:a6:1d:52:0b:e7:
fb:19:34:16:db:b5:c6:ed:6c:13:23:51:e4:5c:bc:ca:af:7c:
bf:40:70:08
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
RUMyRjExMC8GA1UEBRMoRjdBMDdGN0E5OTFDMjFBMjVDRDM5QUIyMEFERTRGQTNC
NUUwNUQxNTAeFw0yMjAyMjUxMzE0MDlaFw0yMjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMThkNjIwLTRmOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRBrwSzd1lhC1GjIDgsPc2a0tIew3QBb8xROzl0SJkeERO0oq18J6Sc2Ooh5+S
QzWdjkwYQ4hPdF6MYOpduHV7VVlVBO/LnN9vEDbO6TDtm+ockWso+4z2vhzGiAnn
Gir7DF85tpsNYWo+DZuEeitohgw/3e0nNcdSzLUj0GgZEraUWRcVVi5MiUa0djmb
FEhFOk83kmxtDHtHtrUFiquH7yHG20vYdSLChzsAcCC45j5FvmuoiABw30ZxAtkP
iOSNNK/egc9nWsjgyt9AF+/7+9j8v/6PF9bJ9sguHAiK8fzcSzDJekBPLEFG7dLn
hykG0rdAvOWUMKG9qGTYIXvlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYmSxCn+Q
HpypFqij7wN/5Vjj4QMwHwYDVR0jBBgwFoAU96B/epkcIaJc05qyCt5Po7XgXRUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFQzJGLzcyMUIzMUQ0OTYz
ODExRUNCODNDMTY4MkM0RjlBRTAyLzk2Ql9lcGtjSWFKYzA1cXlDdDVQbzdYZ1hS
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOTZCX2Vwa2NJYUpjMDVxeUN0NVBvN1hnWFJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RUMyRi83MjFCMzFENDk2MzgxMUVDQjgzQzE2ODJDNEY5QUUwMi9EMEFEMTdFMDk2
M0MxMUVDQTRBRDMxMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeVqDANBgkqhkiG9w0BAQsFAAOCAQEANCjk4lOpJANl1znT
KUXNdsckQwrz3I7ovKGRo5dvpaWgyUzrxfJVbqG/q6QQkidCf1uR2tlcVGINOGfI
Aro8nQq/77aRi5UpicM6eWxRQZh1fPaIS1HaYd+Hvxeo6+W+ijJ2JOP4x8qe6uzl
7JRaH0ijgloSfQBvkUKQb2TyiB4IS75ZFQsF7YRsxmpuOdokv6naHfvNG49P5ZXi
NY6GgmLlhs5dgqBguQNZnAFET/nT4nxvPohjBYMkiC/7ZftugUX1Q7pfv/a5vqxz
gnSrWDv7ty/2kzyQljU5NTzp0yMd0aVmVqYdUgvn+xk0Ftu1xu1sEyNR5Fy8yq98
v0BwCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org