Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/68B6D808A2EA11E9B6FFE649C4F9AE02.roa
File: 68B6D808A2EA11E9B6FFE649C4F9AE02.roa (raw, json)
Hash identifier: u4VbfHrZEqA/kvKWEaFurtXbOkAhHzkzGD3vg0+Ukxg=
Subject key identifier: 71:42:16:E8:A7:B5:69:29:74:1A:90:16:08:3C:AC:A4:AB:05:DE:40
Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37
Certificate serial: 0C17
Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/68B6D808A2EA11E9B6FFE649C4F9AE02.roa
Signing time: Thu 08 Sep 2022 19:35:41 +0000
ROA not before: Thu 08 Sep 2022 19:35:41 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 139300
IP address blocks: 103.141.2.0/23 maxlen: 23
103.141.2.0/24 maxlen: 24
103.141.3.0/24 maxlen: 24
2001:df0:e280::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3095 (0xc17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37
Validity
Not Before: Sep 8 19:35:41 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=631a440d-acc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c1:13:52:2a:7a:f1:b0:c9:de:83:a9:97:ee:
03:dc:11:b1:4e:0c:5e:18:7e:df:ef:5e:43:ba:51:
8f:7b:5c:32:33:bc:43:24:a8:c0:0e:f3:a9:09:bf:
5a:61:06:07:3c:3f:02:04:d6:3d:b5:ea:a2:7d:e1:
80:e5:7d:c4:62:ba:c5:b7:3d:b8:5b:b9:10:65:dc:
a8:5d:ab:fa:d9:3a:7a:04:b9:d2:0b:c2:4d:54:ef:
ec:fc:37:ed:f0:21:92:0d:d2:d4:90:7d:a7:59:0f:
65:40:e7:e7:e5:59:3d:22:ff:15:2a:4f:d7:87:e5:
5d:85:87:49:b1:e9:92:5f:bf:6a:73:1b:98:0c:4a:
ac:08:b7:19:04:5b:6d:4d:72:55:0b:45:e6:ba:8e:
92:d0:94:3b:17:8b:3c:ff:0a:1b:8b:34:c1:e0:77:
4a:7a:61:d5:0b:dd:1d:e5:24:0d:2f:f7:89:34:b0:
56:79:83:10:39:c2:97:03:b6:ac:6a:0e:0d:e0:d1:
e3:88:6c:2d:4b:cd:85:eb:d3:96:58:6e:c4:52:06:
5d:90:8e:1c:27:15:11:58:3d:55:5d:2b:98:a7:62:
57:65:be:dc:f0:f5:a5:88:66:f6:5b:f7:9a:95:48:
99:9e:b9:df:45:fd:dd:0d:79:c9:12:1b:72:06:05:
3b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:42:16:E8:A7:B5:69:29:74:1A:90:16:08:3C:AC:A4:AB:05:DE:40
X509v3 Authority Key Identifier:
keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/68B6D808A2EA11E9B6FFE649C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.2.0/23
IPv6:
2001:df0:e280::/48
Signature Algorithm: sha256WithRSAEncryption
30:21:d7:f7:ce:a6:21:67:d0:98:de:39:7a:b7:97:a8:b8:b4:
74:e2:e4:8f:d8:9c:1a:06:55:1a:c3:ea:29:40:28:d3:ae:7d:
3c:b1:39:bd:40:f8:69:49:01:ab:67:8d:76:d7:20:d3:04:81:
ef:90:e3:c1:78:1f:cf:c3:0a:cd:1d:f3:25:1a:43:fb:2d:09:
08:08:86:6f:5a:8a:9c:69:08:48:d1:76:14:fb:e5:a3:4d:8e:
1d:aa:76:ac:5e:31:15:34:c2:15:ba:7b:95:03:7b:84:49:a4:
e4:36:00:ee:b3:09:1f:90:cd:28:dc:c4:39:04:e9:6d:bf:fc:
a7:57:17:e5:b1:b4:e2:c2:a1:b2:50:3c:ee:84:06:95:35:80:
4e:e3:9d:a7:dc:d2:1e:71:6d:3f:00:be:ff:f1:1a:a3:ce:c2:
4f:b0:9e:ed:f5:39:ae:4a:0b:cb:f4:88:80:3b:0f:d3:fb:f3:
28:1a:c8:01:a0:22:95:c2:03:58:28:ce:7b:27:25:17:a4:73:
1b:a7:05:2b:69:f3:32:6e:4e:17:f0:cb:14:c0:2e:f3:6b:0c:
34:43:52:ab:82:bc:4a:40:ba:d2:ac:f3:ad:14:63:70:51:c3:
c1:c2:f2:96:d1:3c:36:dc:18:df:4c:15:b4:4c:77:31:26:a7:
44:5b:7a:1c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICDBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB
RUUzMjFDMzcwHhcNMjIwOTA4MTkzNTQxWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzFhNDQwZC1hY2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv8ETUip68bDJ3oOpl+4D3BGxTgxeGH7f715DulGPe1wyM7xDJKjADvOpCb9a
YQYHPD8CBNY9teqifeGA5X3EYrrFtz24W7kQZdyoXav62Tp6BLnSC8JNVO/s/Dft
8CGSDdLUkH2nWQ9lQOfn5Vk9Iv8VKk/Xh+VdhYdJsemSX79qcxuYDEqsCLcZBFtt
TXJVC0Xmuo6S0JQ7F4s8/wobizTB4HdKemHVC90d5SQNL/eJNLBWeYMQOcKXA7as
ag4N4NHjiGwtS82F69OWWG7EUgZdkI4cJxURWD1VXSuYp2JXZb7c8PWliGb2W/ea
lUiZnrnfRf3dDXnJEhtyBgU7pQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHFCFuin
tWkpdBqQFgg8rKSrBd5AMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey
RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI
RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzc3NzMvQUQzMjIzN0NBMkU4MTFFOUJBRTc4RDQ3QzRGOUFFMDIvNjhCNkQ4MDhB
MkVBMTFFOUI2RkZFNjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnjQIwDwQCAAIwCQMHACABDfDigDANBgkqhkiG9w0BAQsF
AAOCAQEAMCHX986mIWfQmN45ereXqLi0dOLkj9icGgZVGsPqKUAo0659PLE5vUD4
aUkBq2eNdtcg0wSB75DjwXgfz8MKzR3zJRpD+y0JCAiGb1qKnGkISNF2FPvlo02O
Hap2rF4xFTTCFbp7lQN7hEmk5DYA7rMJH5DNKNzEOQTpbb/8p1cX5bG04sKhslA8
7oQGlTWATuOdp9zSHnFtPwC+//Eao87CT7Ce7fU5rkoLy/SIgDsP0/vzKBrIAaAi
lcIDWCjOeyclF6RzG6cFK2nzMm5OF/DLFMAu82sMNENSq4K8SkC60qzzrRRjcFHD
wcLyltE8NtwY30wVtEx3MSanRFt6HA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org