Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/FA3BB340A25311ED913AE766C4F9AE02.roa
File: FA3BB340A25311ED913AE766C4F9AE02.roa (raw, json)
Hash identifier: a+e1upLajcPun7TMIbel92blwvGcXH8mLuOQKGS0SF8=
Subject key identifier: CA:68:C0:CC:2C:85:A3:6C:CE:2F:9C:0B:90:FD:56:73:03:F7:1D:BB
Certificate issuer: /CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
Certificate serial: 4C
Authority key identifier: 15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/FA3BB340A25311ED913AE766C4F9AE02.roa
Signing time: Wed 01 Feb 2023 18:14:17 +0000
ROA not before: Wed 01 Feb 2023 18:14:17 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 131275
IP address blocks: 103.203.88.0/24 maxlen: 24
103.203.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76 (0x4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C08EE/serialNumber=158B96664FB1C9AEEEB3D28707F877FE237B02DC
Validity
Not Before: Feb 1 18:14:17 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63daabf9-e161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:67:2f:7f:d3:00:f1:0c:37:87:74:25:4b:41:
f5:5d:26:bc:34:4a:28:d3:b7:71:8d:fd:cd:71:ff:
59:d0:c5:98:e6:4c:64:aa:e8:8f:ed:93:9b:9b:97:
99:f9:9c:40:b7:63:ac:38:5e:c7:51:ba:7e:a5:21:
f5:94:47:35:8e:a7:e7:7e:ea:f6:7d:2a:33:d5:4a:
c8:a4:37:fb:74:58:27:e1:cc:5a:4c:53:c3:48:a7:
86:3a:3a:ee:be:39:27:56:80:15:47:dc:43:e3:d6:
c8:c5:d3:8d:27:6e:89:19:67:29:d9:68:a9:76:a6:
5f:14:2a:30:aa:ec:0a:ca:78:b1:0e:5b:29:f0:32:
a6:7e:b2:13:86:32:4c:27:4b:5f:bd:f0:4c:ad:b3:
24:6d:97:17:0a:17:16:da:b6:d9:25:8d:10:6b:73:
78:b1:fc:2f:2e:6c:9d:ee:d8:a6:53:ec:bf:6b:e3:
d2:03:fd:d0:32:c5:99:55:fc:78:3c:66:e5:c2:40:
e6:a7:ab:b6:bb:68:1d:88:55:aa:8e:91:58:3c:fc:
d5:bf:83:59:b3:9a:0e:0e:9e:0d:ba:dd:33:fd:45:
4e:57:a6:e1:18:1e:97:d5:1e:69:78:70:57:2f:94:
e6:71:77:a5:87:79:a6:37:a0:2f:72:69:f0:79:54:
a6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:68:C0:CC:2C:85:A3:6C:CE:2F:9C:0B:90:FD:56:73:03:F7:1D:BB
X509v3 Authority Key Identifier:
keyid:15:8B:96:66:4F:B1:C9:AE:EE:B3:D2:87:07:F8:77:FE:23:7B:02:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/FYuWZk-xya7us9KHB_h3_iN7Atw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FYuWZk-xya7us9KHB_h3_iN7Atw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C08EE/53C678D6430011ED840B3357C4F9AE02/FA3BB340A25311ED913AE766C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.88.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:3a:eb:42:30:7a:60:e1:cf:73:49:75:44:b0:a2:97:d3:a5:
91:88:a9:49:d4:67:d6:c5:b0:8a:17:01:e7:e7:66:04:a4:e6:
a3:eb:0d:33:41:1b:04:36:c4:0c:7e:04:4e:45:44:2e:f4:b9:
55:b8:ba:e2:90:46:a5:ab:17:d7:5e:98:f7:9b:a3:0b:3c:92:
02:2f:3b:70:17:35:89:ce:98:9a:c1:02:a5:bf:64:0b:89:f4:
40:9e:e5:6c:eb:1e:c0:03:84:6c:9b:03:61:0f:81:16:fa:de:
66:50:05:32:8a:f0:7b:58:e0:b9:f6:e3:c0:8e:fc:27:1e:d7:
d4:bd:75:d9:e9:2b:f1:cd:30:6a:c3:c1:81:14:eb:2b:e4:d8:
20:e3:59:f8:27:63:54:92:a2:fc:63:7c:19:25:d6:01:16:bf:
4e:42:8e:07:8e:e3:b2:06:14:2e:a3:8e:c8:73:8b:8c:0a:e0:
36:80:76:01:d5:9f:62:d0:e1:0e:f5:18:eb:ae:72:d1:0d:5c:
c0:11:1d:67:7f:36:11:be:5e:80:69:eb:8e:05:18:7d:d3:63:
ab:4d:d7:09:72:1c:8d:9a:9f:d8:30:a2:a0:f6:70:29:7e:df:
1b:f5:73:6b:a5:33:9b:c2:bd:6f:4a:5c:33:ab:e8:7c:07:dc:
29:25:b4:44
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MDhFRTExMC8GA1UEBRMoMTU4Qjk2NjY0RkIxQzlBRUVFQjNEMjg3MDdGODc3RkUy
MzdCMDJEQzAeFw0yMzAyMDExODE0MTdaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZGFhYmY5LWUxNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxZy9/0wDxDDeHdCVLQfVdJrw0SijTt3GN/c1x/1nQxZjmTGSq6I/tk5ubl5n5
nEC3Y6w4XsdRun6lIfWURzWOp+d+6vZ9KjPVSsikN/t0WCfhzFpMU8NIp4Y6Ou6+
OSdWgBVH3EPj1sjF040nbokZZynZaKl2pl8UKjCq7ArKeLEOWynwMqZ+shOGMkwn
S1+98EytsyRtlxcKFxbattkljRBrc3ix/C8ubJ3u2KZT7L9r49ID/dAyxZlV/Hg8
ZuXCQOanq7a7aB2IVaqOkVg8/NW/g1mzmg4Ong263TP9RU5XpuEYHpfVHml4cFcv
lOZxd6WHeaY3oC9yafB5VKavAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUymjAzCyF
o2zOL5wLkP1WcwP3HbswHwYDVR0jBBgwFoAUFYuWZk+xya7us9KHB/h3/iN7Atww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwOEVFLzUzQzY3OEQ2NDMw
MDExRUQ4NDBCMzM1N0M0RjlBRTAyL0ZZdVdaay14eWE3dXM5S0hCX2gzX2lON0F0
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRll1V1prLXh5YTd1czlLSEJfaDNfaU43QXR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MDhFRS81M0M2NzhENjQzMDAxMUVEODQwQjMzNTdDNEY5QUUwMi9GQTNCQjM0MEEy
NTMxMUVEOTEzQUU3NjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfLWDANBgkqhkiG9w0BAQsFAAOCAQEADzrrQjB6YOHPc0l1
RLCil9OlkYipSdRn1sWwihcB5+dmBKTmo+sNM0EbBDbEDH4ETkVELvS5Vbi64pBG
pasX116Y95ujCzySAi87cBc1ic6YmsECpb9kC4n0QJ7lbOsewAOEbJsDYQ+BFvre
ZlAFMorwe1jgufbjwI78Jx7X1L112ekr8c0wasPBgRTrK+TYIONZ+CdjVJKi/GN8
GSXWARa/TkKOB47jsgYULqOOyHOLjArgNoB2AdWfYtDhDvUY665y0Q1cwBEdZ382
Eb5egGnrjgUYfdNjq03XCXIcjZqf2DCioPZwKX7fG/Vza6Uzm8K9b0pcM6vofAfc
KSW0RA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org