Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/C4C8567EA22F11EDB64D9286C4F9AE02.roa
File: C4C8567EA22F11EDB64D9286C4F9AE02.roa (raw, json)
Hash identifier: 7JNZ4yr5t+Ysw1/lXBL7rKq2SEXWjwpd12XQLKb2jW8=
Subject key identifier: A9:14:B6:ED:40:62:6C:72:A3:8D:BF:D6:71:E4:B4:BD:CB:BA:EC:A6
Certificate issuer: /CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
Certificate serial: 44
Authority key identifier: 15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/C4C8567EA22F11EDB64D9286C4F9AE02.roa
Signing time: Wed 01 Feb 2023 12:55:57 +0000
ROA not before: Wed 01 Feb 2023 12:55:57 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 136969
IP address blocks: 103.203.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68 (0x44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
Validity
Not Before: Feb 1 12:55:57 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63da615d-767c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c8:1f:d0:a3:9b:f3:ef:03:3d:a6:8e:e4:e7:
6c:c5:46:a0:de:d2:b9:13:40:2a:80:64:bd:b3:78:
50:6d:d5:b8:a7:5a:a6:03:56:c7:5a:f7:66:a2:4f:
ba:e2:4b:26:58:2e:e3:a1:11:f6:82:00:81:d2:fa:
fc:14:6b:d3:59:d9:67:0e:ad:8d:7a:45:ea:95:0b:
dc:79:e3:78:eb:c8:88:ac:15:d8:20:39:21:db:dd:
df:04:10:53:76:05:66:af:d2:02:20:9d:b3:5b:6c:
53:72:80:9a:1b:ec:15:62:ff:74:1e:15:da:32:4b:
d2:1c:dd:d8:72:40:da:90:ed:69:6f:47:5c:0a:7f:
7f:70:0f:92:1b:9f:63:ff:92:63:a6:11:2d:fc:c8:
02:f6:ca:47:d6:ad:69:53:0e:b3:ca:78:f7:eb:11:
6f:3a:0d:b5:14:06:8f:b6:82:35:8f:d2:a4:75:cc:
ca:20:de:27:b4:88:29:01:bf:7c:46:ab:79:8f:37:
da:a3:72:ad:e2:20:39:e9:bf:37:c4:81:66:c7:1f:
d3:6c:ce:28:d0:ad:19:55:a9:e7:1c:db:cf:b2:31:
45:1b:6b:14:05:e4:3e:4e:35:7e:11:ed:0b:2a:c4:
fb:09:f9:93:95:f8:87:00:87:a1:8a:66:19:c0:31:
2c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:14:B6:ED:40:62:6C:72:A3:8D:BF:D6:71:E4:B4:BD:CB:BA:EC:A6
X509v3 Authority Key Identifier:
keyid:15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/FYuWZk-xya7us9KHB_h3_iN7Atw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/C4C8567EA22F11EDB64D9286C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.89.0/24
Signature Algorithm: sha256WithRSAEncryption
72:9b:8a:ae:72:89:da:a9:a3:4c:1a:6c:f8:07:3c:58:d7:dc:
64:ad:15:85:1e:af:3d:f9:8b:d0:c0:f2:d8:6a:dc:1d:d8:84:
04:c1:6f:56:8d:18:76:9c:2e:35:9f:99:fe:ea:2d:95:c3:df:
73:24:20:d6:3a:45:45:6e:99:77:c0:00:05:78:68:be:86:cd:
10:c0:2a:ae:ee:8f:2a:94:db:de:2f:ea:59:c0:3a:5d:b7:53:
f0:8d:55:92:d2:c8:f3:ab:a7:65:fc:52:ed:74:e9:1d:4f:db:
38:8e:2a:9c:e1:9f:33:82:3d:71:68:10:88:3f:c9:70:7e:3a:
ee:b9:f1:d6:7d:f0:a8:24:ce:0f:b5:5c:1d:10:5f:dd:8c:43:
5f:cd:97:01:60:c9:3c:fb:25:f1:4b:f6:6d:47:98:95:59:c0:
a5:3f:8c:33:37:9f:cc:a2:29:a0:1f:e9:5a:12:7e:e0:56:0f:
2a:4c:df:35:d0:f2:61:9d:27:a5:79:6c:f4:9a:6f:6d:80:b0:
33:50:12:6e:bc:dc:5e:dd:6e:55:60:c7:e4:52:cc:1e:4b:01:
c2:fb:b0:25:95:91:11:fb:ba:f9:e6:90:0b:d5:21:c7:12:0f:
32:2a:65:8c:b1:b0:cb:eb:d1:74:ac:d0:1c:4c:6b:79:e5:9a:
8e:0c:70:4a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MDhFRTExMC8GA1UEBRMoMTU4Qjk2NjY0RkIxQzlBRUVFQjNEMjg3MDdGODc3RkUy
MzdCMDJEQzAeFw0yMzAyMDExMjU1NTdaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZGE2MTVkLTc2N2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUyB/Qo5vz7wM9po7k52zFRqDe0rkTQCqAZL2zeFBt1binWqYDVsda92aiT7ri
SyZYLuOhEfaCAIHS+vwUa9NZ2WcOrY16ReqVC9x543jryIisFdggOSHb3d8EEFN2
BWav0gIgnbNbbFNygJob7BVi/3QeFdoyS9Ic3dhyQNqQ7WlvR1wKf39wD5Ibn2P/
kmOmES38yAL2ykfWrWlTDrPKePfrEW86DbUUBo+2gjWP0qR1zMog3ie0iCkBv3xG
q3mPN9qjcq3iIDnpvzfEgWbHH9NszijQrRlVqecc28+yMUUbaxQF5D5ONX4R7Qsq
xPsJ+ZOV+IcAh6GKZhnAMSz7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqRS27UBi
bHKjjb/WceS0vcu67KYwHwYDVR0jBBgwFoAUFYuWZk+xya7us9KHB/h3/iN7Atww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwOEVFLzUzQzY3OEQ2NDMw
MDExRUQ4NDBCMzM1N0M0RjlBRTAyL0ZZdVdaay14eWE3dXM5S0hCX2gzX2lON0F0
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRll1V1prLXh5YTd1czlLSEJfaDNfaU43QXR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MDhFRS81M0M2NzhENjQzMDAxMUVEODQwQjMzNTdDNEY5QUUwMi9DNEM4NTY3RUEy
MkYxMUVEQjY0RDkyODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfLWTANBgkqhkiG9w0BAQsFAAOCAQEAcpuKrnKJ2qmjTBps
+Ac8WNfcZK0VhR6vPfmL0MDy2GrcHdiEBMFvVo0YdpwuNZ+Z/uotlcPfcyQg1jpF
RW6Zd8AABXhovobNEMAqru6PKpTb3i/qWcA6XbdT8I1VktLI86unZfxS7XTpHU/b
OI4qnOGfM4I9cWgQiD/JcH467rnx1n3wqCTOD7VcHRBf3YxDX82XAWDJPPsl8Uv2
bUeYlVnApT+MMzefzKIpoB/pWhJ+4FYPKkzfNdDyYZ0npXls9JpvbYCwM1ASbrzc
Xt1uVWDH5FLMHksBwvuwJZWREfu6+eaQC9UhxxIPMipljLGwy+vRdKzQHExreeWa
jgxwSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org