Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/BF52FD7C22C111ED99DC4567C4F9AE02.roa
File: BF52FD7C22C111ED99DC4567C4F9AE02.roa (raw, json)
Hash identifier: SNyNva+QnxrJ73cDlxVGHPCBRMRgmXkstcPiLiWj3Ug=
Subject key identifier: 73:D3:0B:43:F0:44:C2:9A:CF:BE:0C:9C:BB:E6:7D:57:D0:FC:06:C8
Certificate issuer: /CN=A91CAFC4/serialNumber=6F13F551009F248A6D987436004E85795156927B
Certificate serial: 0711
Authority key identifier: 6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/BF52FD7C22C111ED99DC4567C4F9AE02.roa
Signing time: Fri 18 Nov 2022 22:28:23 +0000
ROA not before: Fri 18 Nov 2022 22:28:23 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 24496
IP address blocks: 103.157.184.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1809 (0x711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CAFC4/serialNumber=6F13F551009F248A6D987436004E85795156927B
Validity
Not Before: Nov 18 22:28:23 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63780707-e6d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b3:70:47:6c:0f:bf:7e:46:70:88:4c:01:e9:
70:a2:f2:fb:2c:58:ba:21:33:bd:b1:ed:16:7f:54:
05:69:ea:d9:79:2c:65:eb:02:9d:e4:6f:ab:53:11:
69:9e:df:79:44:2f:4f:95:c1:0e:88:fc:d2:5c:b8:
52:53:bc:2f:54:7b:ab:1d:c6:0d:b7:f6:74:c3:ab:
fa:90:82:d1:18:85:b1:c5:11:8e:ba:e3:b9:f9:a3:
16:84:c2:d2:c5:93:09:d3:7c:4b:29:20:12:81:9e:
9c:b2:78:34:a2:79:4a:17:9d:19:85:82:61:b3:b5:
09:ae:14:e6:b0:7c:57:be:c5:8c:cf:c7:da:2e:30:
0b:a1:ba:53:df:c3:55:bf:f6:33:37:78:3a:e2:35:
6a:fb:4b:71:15:6d:29:b5:c3:7f:cd:13:6b:e1:48:
43:a8:42:e6:12:58:79:5f:cd:a9:bd:f7:50:3c:d9:
36:7c:b7:74:27:86:9d:b0:ac:dc:c8:74:03:93:8d:
5e:50:b9:cb:9a:00:d7:46:33:08:f2:60:06:98:43:
9f:db:44:87:4d:50:3e:98:0c:0d:4d:8e:90:3f:ab:
0a:c7:bb:24:9f:40:39:88:9a:2c:39:6f:1c:da:30:
77:c8:8a:e4:f1:8e:d9:e3:73:b1:12:7c:e0:11:1d:
cc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D3:0B:43:F0:44:C2:9A:CF:BE:0C:9C:BB:E6:7D:57:D0:FC:06:C8
X509v3 Authority Key Identifier:
keyid:6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/BF52FD7C22C111ED99DC4567C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.184.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:a9:34:f5:a2:27:18:c3:04:b4:bd:0f:c0:69:72:e6:67:c2:
f2:4f:87:02:c0:17:c0:8d:53:87:d2:44:61:30:8b:ba:31:f4:
6d:29:15:ed:76:1c:50:bb:37:70:39:c4:19:5e:5a:29:48:60:
25:cf:6b:e6:25:12:95:1d:23:36:86:71:df:66:86:02:39:55:
cd:ee:19:7a:d3:57:69:3c:ce:75:d4:70:17:2e:f9:a8:94:0c:
fe:83:9a:35:19:f6:34:6a:ce:2b:70:33:6d:72:f4:2d:3c:e9:
a2:05:20:d7:e1:79:d5:e9:03:70:b6:f0:60:a2:a7:e6:e6:06:
a9:84:44:b8:e9:3a:bf:e4:08:90:22:87:cb:5d:b5:ec:51:fb:
81:90:59:fb:bb:b5:a8:cd:8f:b0:2d:31:6f:3e:d9:5b:f9:95:
d0:4e:a0:2d:26:0d:bb:11:10:ce:02:f8:32:20:45:3f:3f:d2:
1a:cc:2d:c9:b3:91:84:5e:cd:30:f6:be:4c:fb:5c:1b:9a:6d:
e0:11:a7:af:d9:9f:5e:ae:87:98:d1:9e:96:0f:9c:2b:f6:c8:
20:98:8a:da:9d:89:ff:db:88:d2:70:88:83:95:5b:c4:5f:b4:
da:eb:c1:69:51:e6:28:17:83:be:d9:53:a9:33:16:51:12:f5:
42:6b:11:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0FGQzQxMTAvBgNVBAUTKDZGMTNGNTUxMDA5RjI0OEE2RDk4NzQzNjAwNEU4NTc5
NTE1NjkyN0IwHhcNMjIxMTE4MjIyODIzWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc4MDcwNy1lNmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyLNwR2wPv35GcIhMAelwovL7LFi6ITO9se0Wf1QFaerZeSxl6wKd5G+rUxFp
nt95RC9PlcEOiPzSXLhSU7wvVHurHcYNt/Z0w6v6kILRGIWxxRGOuuO5+aMWhMLS
xZMJ03xLKSASgZ6csng0onlKF50ZhYJhs7UJrhTmsHxXvsWMz8faLjALobpT38NV
v/YzN3g64jVq+0txFW0ptcN/zRNr4UhDqELmElh5X82pvfdQPNk2fLd0J4adsKzc
yHQDk41eULnLmgDXRjMI8mAGmEOf20SHTVA+mAwNTY6QP6sKx7skn0A5iJosOW8c
2jB3yIrk8Y7Z43OxEnzgER3MtwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHPTC0Pw
RMKaz74MnLvmfVfQ/AbIMB8GA1UdIwQYMBaAFG8T9VEAnySKbZh0NgBOhXlRVpJ7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUZDNC9CQzYwNjJEQ0FG
OEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJcHRtSFEyQUU2RmVWRldr
bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2J4UDFVUUNmSklwdG1IUTJBRTZGZVZGV2tucy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0FGQzQvQkM2MDYyRENBRjhBMTFFQTg1NDJEODVGQzRGOUFFMDIvQkY1MkZEN0My
MkMxMTFFRDk5REM0NTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnbgwDQYJKoZIhvcNAQELBQADggEBAJ2pNPWiJxjDBLS9
D8BpcuZnwvJPhwLAF8CNU4fSRGEwi7ox9G0pFe12HFC7N3A5xBleWilIYCXPa+Yl
EpUdIzaGcd9mhgI5Vc3uGXrTV2k8znXUcBcu+aiUDP6DmjUZ9jRqzitwM21y9C08
6aIFINfhedXpA3C28GCip+bmBqmERLjpOr/kCJAih8tdtexR+4GQWfu7tajNj7At
MW8+2Vv5ldBOoC0mDbsREM4C+DIgRT8/0hrMLcmzkYRezTD2vkz7XBuabeARp6/Z
n16uh5jRnpYPnCv2yCCYitqdif/biNJwiIOVW8RftNrrwWlR5igXg77ZU6kzFlES
9UJrEQc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org