Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/4A0E96A8022C11EDAC2CE74DC4F9AE02.roa
File: 4A0E96A8022C11EDAC2CE74DC4F9AE02.roa (raw, json)
Hash identifier: SAsBQHQLJDVfYHjxmiGrYv5xYKU+goIW0nnwsZUWKdM=
Subject key identifier: E9:62:D2:76:B8:10:6E:0A:9C:8D:97:53:2C:C9:D0:29:25:A0:9B:CC
Certificate issuer: /CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Certificate serial: 0667
Authority key identifier: D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/4A0E96A8022C11EDAC2CE74DC4F9AE02.roa
Signing time: Tue 12 Jul 2022 21:47:56 +0000
ROA not before: Tue 12 Jul 2022 21:47:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 103.112.0.0/24 maxlen: 24
103.112.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1639 (0x667)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8F27/serialNumber=D1A36CD8ED2355082761A3DB13EDD30DFDA2CFD0
Validity
Not Before: Jul 12 21:47:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62cdec0c-1749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6e:b4:71:73:27:f1:2b:2d:19:4f:1c:b0:1a:
ee:61:cf:f9:d9:64:34:04:52:61:2b:23:4b:dc:7d:
58:8a:4f:14:4a:73:6a:47:6e:89:fe:2c:a4:4e:70:
ca:fe:87:78:17:89:af:b9:56:5a:5b:85:41:05:b0:
b7:a4:07:a5:ea:4c:a3:5f:95:a6:9e:18:27:a2:2f:
67:a2:5e:f6:9d:bf:b2:41:1f:55:61:40:5a:26:d4:
6a:c7:8c:b6:be:3b:29:85:32:17:d6:a7:5e:ea:d6:
ad:1f:b2:43:ed:a0:56:94:5a:e2:13:2d:6e:ef:d7:
7f:78:72:2d:39:9c:e9:7d:b4:a1:6b:a7:81:65:8b:
b9:5b:6a:80:fa:c5:ee:5c:92:d7:5f:03:dd:a7:23:
34:ee:9c:e2:ac:7b:da:7f:0e:31:54:14:1a:be:12:
80:82:80:24:5a:64:e8:2a:aa:0c:25:f4:3d:10:94:
ae:98:9e:db:0a:d2:92:2f:0e:e3:a7:9b:2a:a1:fc:
b0:60:d4:2c:37:36:40:20:1c:05:e5:6c:57:ad:00:
de:e8:36:a4:5f:7a:65:cc:44:99:b8:5e:50:05:f7:
ad:b4:52:89:e6:ca:d7:65:8b:f9:8c:b7:76:b3:7a:
39:84:67:50:43:a5:8a:f9:18:9c:07:88:5b:9c:16:
3a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:62:D2:76:B8:10:6E:0A:9C:8D:97:53:2C:C9:D0:29:25:A0:9B:CC
X509v3 Authority Key Identifier:
keyid:D1:A3:6C:D8:ED:23:55:08:27:61:A3:DB:13:ED:D3:0D:FD:A2:CF:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/0aNs2O0jVQgnYaPbE-3TDf2iz9A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0aNs2O0jVQgnYaPbE-3TDf2iz9A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8F27/7F5229A8B09211EAB5DBEC58C4F9AE02/4A0E96A8022C11EDAC2CE74DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.0.0/24
103.112.3.0/24
Signature Algorithm: sha256WithRSAEncryption
76:02:39:85:1b:88:17:64:84:68:a8:24:dd:d1:f6:19:6a:78:
d7:97:cb:1c:98:a2:e9:4b:91:2a:9b:37:9c:17:b0:70:fe:f7:
3e:fd:ce:fa:d6:1a:f8:cf:5e:07:c2:cf:25:84:ef:95:95:1d:
db:e1:f9:10:cf:54:93:0e:81:96:2c:0b:41:e8:1f:07:0b:f7:
0a:6c:4e:2e:0d:b0:2b:4b:54:be:a5:4a:b5:62:3d:ff:f2:8a:
6b:9a:32:51:e9:ad:c8:91:eb:b7:c1:c3:60:9e:b0:ab:a7:71:
a5:be:c8:59:40:f3:40:f3:1b:13:17:93:ed:ba:71:5d:2a:e3:
2b:ec:ac:45:5b:13:9d:9b:4e:4d:4e:2b:7b:be:5e:dd:d9:70:
aa:5d:75:0f:bd:07:61:bb:d3:84:10:a4:5f:75:e1:68:df:13:
2c:57:97:2e:d6:00:a9:c1:2c:b8:27:86:3a:1d:a4:80:a9:f2:
0b:35:f0:18:1f:65:4e:fb:b3:a2:f2:01:e9:6e:6e:05:94:25:
5d:3a:1d:2a:e9:db:56:7e:95:ca:2f:e4:29:1f:1f:46:e2:d1:
5b:ea:99:5e:da:51:43:11:5d:af:fe:3f:bb:48:ae:fb:aa:17:
be:c4:82:e2:0b:fd:1f:d3:27:06:32:e3:82:ba:af:6c:f0:d8:
27:09:14:5a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBmcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzhGMjcxMTAvBgNVBAUTKEQxQTM2Q0Q4RUQyMzU1MDgyNzYxQTNEQjEzRUREMzBE
RkRBMkNGRDAwHhcNMjIwNzEyMjE0NzU2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmNkZWMwYy0xNzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArG60cXMn8SstGU8csBruYc/52WQ0BFJhKyNL3H1Yik8USnNqR26J/iykTnDK
/od4F4mvuVZaW4VBBbC3pAel6kyjX5Wmnhgnoi9nol72nb+yQR9VYUBaJtRqx4y2
vjsphTIX1qde6tatH7JD7aBWlFriEy1u79d/eHItOZzpfbSha6eBZYu5W2qA+sXu
XJLXXwPdpyM07pzirHvafw4xVBQavhKAgoAkWmToKqoMJfQ9EJSumJ7bCtKSLw7j
p5sqofywYNQsNzZAIBwF5WxXrQDe6DakX3plzESZuF5QBfettFKJ5srXZYv5jLd2
s3o5hGdQQ6WK+RicB4hbnBY6gwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOli0na4
EG4KnI2XUyzJ0CkloJvMMB8GA1UdIwQYMBaAFNGjbNjtI1UIJ2Gj2xPt0w39os/Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEYyNy83RjUyMjlBOEIw
OTIxMUVBQjVEQkVDNThDNEY5QUUwMi8wYU5zMk8walZRZ25ZYVBiRS0zVERmMml6
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBhTnMyTzBqVlFnbllhUGJFLTNURGYyaXo5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzhGMjcvN0Y1MjI5QThCMDkyMTFFQUI1REJFQzU4QzRGOUFFMDIvNEEwRTk2QTgw
MjJDMTFFREFDMkNFNzREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABncAADBABncAMwDQYJKoZIhvcNAQELBQADggEBAHYCOYUb
iBdkhGioJN3R9hlqeNeXyxyYoulLkSqbN5wXsHD+9z79zvrWGvjPXgfCzyWE75WV
Hdvh+RDPVJMOgZYsC0HoHwcL9wpsTi4NsCtLVL6lSrViPf/yimuaMlHprciR67fB
w2CesKuncaW+yFlA80DzGxMXk+26cV0q4yvsrEVbE52bTk1OK3u+Xt3ZcKpddQ+9
B2G704QQpF914WjfEyxXly7WAKnBLLgnhjodpICp8gs18BgfZU77s6LyAelubgWU
JV06HSrp21Z+lcov5CkfH0bi0VvqmV7aUUMRXa/+P7tIrvuqF77EguIL/R/TJwYy
44K6r2zw2CcJFFo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org