Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/528516B6A7FB11ED80B97262C4F9AE02.roa
File: 528516B6A7FB11ED80B97262C4F9AE02.roa (raw, json)
Hash identifier: Nmmbrrq9tsGIV8fzK6HI1Pz83r5eipmWa7dAafBmdlk=
Subject key identifier: 81:18:0F:37:8F:16:F0:EA:A6:52:D5:B5:9E:D5:C0:86:D3:53:32:6F
Certificate issuer: /CN=A91CB21D/serialNumber=9B1E8188CE64397E8B4241E6758D429DA0FF2E70
Certificate serial: 02
Authority key identifier: 9B:1E:81:88:CE:64:39:7E:8B:42:41:E6:75:8D:42:9D:A0:FF:2E:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/528516B6A7FB11ED80B97262C4F9AE02.roa
Signing time: Wed 08 Feb 2023 21:55:38 +0000
ROA not before: Wed 08 Feb 2023 21:55:38 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 20473
IP address blocks: 103.31.116.0/23 maxlen: 23
2001:df1:7f40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB21D/serialNumber=9B1E8188CE64397E8B4241E6758D429DA0FF2E70
Validity
Not Before: Feb 8 21:55:38 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63e41a5a-1c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0d:b6:c8:03:34:b2:fb:25:71:b6:87:5a:ed:
43:81:06:66:c6:9c:2c:79:d8:fd:d6:a9:82:b3:2e:
53:83:e3:73:9c:60:71:67:55:f7:3c:56:f5:94:f3:
ef:9d:69:ad:c4:f0:6f:9f:21:6d:45:f0:60:8f:b5:
5b:e6:07:19:e2:0d:5d:7e:63:0a:80:60:2d:0e:ba:
1f:3e:6f:e0:d8:01:f5:9a:41:d8:4b:1c:6d:3d:3a:
d9:1b:45:54:f3:e9:77:96:5b:8d:52:6a:d5:22:fb:
ea:bd:2a:5a:0a:0a:85:e5:59:9d:c2:c7:69:e4:bb:
2c:f4:b0:de:e1:82:26:f3:8e:ca:1f:c1:41:37:fd:
36:6a:90:04:cb:9b:7f:e4:a1:0b:93:c1:2f:b8:3a:
a9:de:31:47:aa:2d:c4:6b:97:43:8f:32:87:99:fe:
a4:8e:05:45:2c:c4:3b:36:8f:0a:35:e2:01:1a:54:
22:d6:27:a6:85:0c:17:25:ea:f7:a1:51:b9:6b:98:
96:ec:c6:78:1e:ed:7c:97:82:5c:2d:b3:57:25:fd:
ab:cb:d3:7c:36:58:0f:95:58:12:f1:a8:17:63:18:
fa:24:9e:be:e8:db:1e:f9:6a:94:b5:3d:05:d9:0b:
13:e0:22:cd:4a:01:d0:82:40:60:6d:9e:ad:24:35:
c2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:18:0F:37:8F:16:F0:EA:A6:52:D5:B5:9E:D5:C0:86:D3:53:32:6F
X509v3 Authority Key Identifier:
keyid:9B:1E:81:88:CE:64:39:7E:8B:42:41:E6:75:8D:42:9D:A0:FF:2E:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/528516B6A7FB11ED80B97262C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.116.0/23
IPv6:
2001:df1:7f40::/48
Signature Algorithm: sha256WithRSAEncryption
c6:19:ee:0d:bd:fc:53:b1:8f:30:ac:9e:44:6d:cc:13:e7:8e:
20:49:ec:3e:8e:e8:5e:b2:b9:a0:d4:54:9d:17:b6:27:e9:4f:
67:a0:5e:f9:c4:71:2a:c2:2f:76:2f:65:15:72:24:71:db:28:
83:d5:c3:ce:f4:e1:ca:5b:a1:bc:f1:95:01:0f:ae:21:61:46:
fb:67:48:ae:73:68:3c:2e:9f:e8:ef:53:07:8f:b4:63:a5:2e:
d5:a0:fb:78:e3:96:02:a6:8f:25:16:c1:81:e1:38:87:dd:af:
97:65:76:d3:b4:57:ce:1b:ed:92:5c:8f:d2:73:d4:48:93:5c:
00:25:52:39:1c:4c:49:44:92:09:f4:8a:83:e2:e4:2d:aa:88:
1e:b4:dc:24:ce:1c:99:dd:d9:69:65:f7:af:0d:be:19:cf:12:
1c:1a:9c:78:d4:f8:51:be:98:ac:55:77:f8:8f:c1:a3:4c:7d:
2c:02:20:cb:bd:79:7d:c4:56:7c:ba:37:bb:20:3a:7b:ca:3c:
ee:a1:ec:c2:b9:2a:47:b5:23:85:91:f4:b1:74:4c:16:88:90:
8d:da:56:83:64:e9:50:a4:67:64:f7:6f:b1:3f:49:f5:5a:d9:
47:ab:ff:2e:8e:32:6e:9d:7a:d5:2b:e6:4f:b5:c9:0d:b9:b1:
43:06:1a:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QjIxRDExMC8GA1UEBRMoOUIxRTgxODhDRTY0Mzk3RThCNDI0MUU2NzU4RDQyOURB
MEZGMkU3MDAeFw0yMzAyMDgyMTU1MzhaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZTQxYTVhLTFjN2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLDbbIAzSy+yVxtoda7UOBBmbGnCx52P3WqYKzLlOD43OcYHFnVfc8VvWU8++d
aa3E8G+fIW1F8GCPtVvmBxniDV1+YwqAYC0Ouh8+b+DYAfWaQdhLHG09OtkbRVTz
6XeWW41SatUi++q9KloKCoXlWZ3Cx2nkuyz0sN7hgibzjsofwUE3/TZqkATLm3/k
oQuTwS+4OqneMUeqLcRrl0OPMoeZ/qSOBUUsxDs2jwo14gEaVCLWJ6aFDBcl6veh
UblrmJbsxnge7XyXglwts1cl/avL03w2WA+VWBLxqBdjGPoknr7o2x75apS1PQXZ
CxPgIs1KAdCCQGBtnq0kNcJbAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUgRgPN48W
8OqmUtW1ntXAhtNTMm8wHwYDVR0jBBgwFoAUmx6BiM5kOX6LQkHmdY1CnaD/LnAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCMjFELzYzMkNEM0U2QTdG
NjExRURCOUQ2MEM0M0M0RjlBRTAyL214NkJpTTVrT1g2TFFrSG1kWTFDbmFEX0xu
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbXg2QmlNNWtPWDZMUWtIbWRZMUNuYURfTG5BLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QjIxRC82MzJDRDNFNkE3RjYxMUVEQjlENjBDNDNDNEY5QUUwMi81Mjg1MTZCNkE3
RkIxMUVEODBCOTcyNjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcfdDAPBAIAAjAJAwcAIAEN8X9AMA0GCSqGSIb3DQEBCwUA
A4IBAQDGGe4NvfxTsY8wrJ5EbcwT544gSew+juhesrmg1FSdF7Yn6U9noF75xHEq
wi92L2UVciRx2yiD1cPO9OHKW6G88ZUBD64hYUb7Z0iuc2g8Lp/o71MHj7RjpS7V
oPt445YCpo8lFsGB4TiH3a+XZXbTtFfOG+2SXI/Sc9RIk1wAJVI5HExJRJIJ9IqD
4uQtqogetNwkzhyZ3dlpZfevDb4ZzxIcGpx41PhRvpisVXf4j8GjTH0sAiDLvXl9
xFZ8uje7IDp7yjzuoezCuSpHtSOFkfSxdEwWiJCN2laDZOlQpGdk92+xP0n1WtlH
q/8ujjJunXrVK+ZPtckNubFDBhpC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:26 2024 by rpki-client on console-ams.rpki-client.org