Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/C5F33C80A22F11EDB64D9286C4F9AE02.roa
File: C5F33C80A22F11EDB64D9286C4F9AE02.roa (raw, json)
Hash identifier: WIcetNIgfB9Nf5EvBavjfxef798m4Ahnk/Q70tlHRfM=
Subject key identifier: B8:64:D3:31:1F:D0:3C:25:C8:6E:D3:3A:2A:0C:2F:E4:6F:06:FC:38
Certificate issuer: /CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
Certificate serial: 47
Authority key identifier: 15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/C5F33C80A22F11EDB64D9286C4F9AE02.roa
Signing time: Wed 01 Feb 2023 13:15:50 +0000
ROA not before: Wed 01 Feb 2023 13:15:50 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 131275
IP address blocks: 103.203.88.0/24 maxlen: 24
103.203.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71 (0x47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
Validity
Not Before: Feb 1 13:15:50 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63da6606-d8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7e:8f:62:ed:75:ce:23:fe:85:86:3e:73:b9:
de:4e:19:e2:5e:2a:67:a7:26:1a:7e:e4:09:12:b5:
60:5d:c0:0d:9d:82:c5:e2:28:5d:f0:a2:bb:f9:46:
f3:86:1f:a8:bb:59:38:93:64:eb:4f:87:d3:52:3a:
d7:ea:ee:d2:a9:53:46:b9:0c:10:cb:74:b7:e9:ac:
b0:e4:af:21:5e:7c:a3:81:06:48:04:2d:bd:2d:d5:
89:dd:37:d8:57:36:b0:7e:b2:06:1e:fb:f9:87:55:
61:e7:db:8d:9b:95:17:e0:1a:38:99:09:2e:4f:03:
89:97:91:ff:0f:51:91:f1:bb:0f:73:2a:b7:03:38:
db:a8:92:62:44:d9:8a:a1:34:6d:68:89:4c:97:c1:
dc:5f:ec:da:9b:95:6d:50:f5:e7:49:fb:8f:59:50:
f7:9a:23:cd:6f:d6:ec:40:4b:73:71:b9:2d:4b:56:
00:c7:4c:83:cc:b2:b6:b6:4b:f3:de:db:a7:72:03:
e1:be:e5:50:dc:f8:c1:42:96:ff:d3:04:db:52:0d:
a2:50:c5:75:1b:ef:0b:11:cc:6b:18:f3:59:46:7d:
29:75:fe:83:c8:71:1f:c0:a1:74:0b:2a:17:94:40:
bf:3d:15:88:96:0c:78:a6:8d:17:ca:5f:d9:06:20:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:64:D3:31:1F:D0:3C:25:C8:6E:D3:3A:2A:0C:2F:E4:6F:06:FC:38
X509v3 Authority Key Identifier:
keyid:15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/FYuWZk-xya7us9KHB_h3_iN7Atw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/C5F33C80A22F11EDB64D9286C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.88.0/23
Signature Algorithm: sha256WithRSAEncryption
47:7c:f9:89:46:ed:53:cb:4b:84:b8:da:11:f8:63:97:7b:3d:
8a:68:9b:b0:96:eb:43:49:09:d8:2e:07:fb:1c:29:c0:19:66:
b5:61:0d:90:2d:86:f6:8d:bf:20:4d:3c:5c:36:3d:d7:04:91:
2a:0f:78:62:71:b4:da:c1:30:91:cc:6f:73:00:03:1a:7f:7a:
85:bb:fd:0f:b6:b2:20:c5:69:1f:ca:74:d7:c1:62:cd:0a:7f:
55:81:ec:0d:82:e8:05:53:11:03:6a:cb:5e:7b:00:f8:aa:b7:
8d:7e:60:2e:31:c6:b5:e7:f0:05:52:c1:21:dd:3a:60:4a:a5:
be:09:e0:44:b9:82:48:17:20:b1:3e:90:03:6a:1c:e4:62:9d:
8c:62:9d:45:e1:20:df:29:e6:b6:55:75:d6:0a:70:a2:2f:c3:
ad:81:da:e5:25:06:2a:ab:60:e0:0d:ce:b0:a1:6a:8d:65:08:
73:78:9c:ca:1a:21:fa:3f:bc:fd:df:17:89:ae:d5:ca:27:ae:
64:ec:3b:57:6c:54:ef:2f:17:e4:c2:46:c9:df:8b:dc:40:6c:
29:b7:c5:6d:df:14:98:38:f1:8c:2b:52:9b:bf:83:dc:df:e1:
d3:bf:38:7a:a1:29:53:1b:cf:3e:9f:75:bf:16:a1:54:b7:5d:
54:a8:69:d0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBRzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MDhFRTExMC8GA1UEBRMoMTU4Qjk2NjY0RkIxQzlBRUVFQjNEMjg3MDdGODc3RkUy
MzdCMDJEQzAeFw0yMzAyMDExMzE1NTBaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZGE2NjA2LWQ4YTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3fo9i7XXOI/6Fhj5zud5OGeJeKmenJhp+5AkStWBdwA2dgsXiKF3worv5RvOG
H6i7WTiTZOtPh9NSOtfq7tKpU0a5DBDLdLfprLDkryFefKOBBkgELb0t1YndN9hX
NrB+sgYe+/mHVWHn242blRfgGjiZCS5PA4mXkf8PUZHxuw9zKrcDONuokmJE2Yqh
NG1oiUyXwdxf7NqblW1Q9edJ+49ZUPeaI81v1uxAS3NxuS1LVgDHTIPMsra2S/Pe
26dyA+G+5VDc+MFClv/TBNtSDaJQxXUb7wsRzGsY81lGfSl1/oPIcR/AoXQLKheU
QL89FYiWDHimjRfKX9kGIOpxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUuGTTMR/Q
PCXIbtM6Kgwv5G8G/DgwHwYDVR0jBBgwFoAUFYuWZk+xya7us9KHB/h3/iN7Atww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwOEVFLzUzQzY3OEQ2NDMw
MDExRUQ4NDBCMzM1N0M0RjlBRTAyL0ZZdVdaay14eWE3dXM5S0hCX2gzX2lON0F0
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRll1V1prLXh5YTd1czlLSEJfaDNfaU43QXR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MDhFRS81M0M2NzhENjQzMDAxMUVEODQwQjMzNTdDNEY5QUUwMi9DNUYzM0M4MEEy
MkYxMUVEQjY0RDkyODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfLWDANBgkqhkiG9w0BAQsFAAOCAQEAR3z5iUbtU8tLhLja
Efhjl3s9imibsJbrQ0kJ2C4H+xwpwBlmtWENkC2G9o2/IE08XDY91wSRKg94YnG0
2sEwkcxvcwADGn96hbv9D7ayIMVpH8p018FizQp/VYHsDYLoBVMRA2rLXnsA+Kq3
jX5gLjHGtefwBVLBId06YEqlvgngRLmCSBcgsT6QA2oc5GKdjGKdReEg3ynmtlV1
1gpwoi/DrYHa5SUGKqtg4A3OsKFqjWUIc3icyhoh+j+8/d8Xia7VyieuZOw7V2xU
7y8X5MJGyd+L3EBsKbfFbd8UmDjxjCtSm7+D3N/h0784eqEpUxvPPp91vxahVLdd
VKhp0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org