Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/ACC9D6D2060511ECB5C05961C4F9AE02.roa
File: ACC9D6D2060511ECB5C05961C4F9AE02.roa (raw, json)
Hash identifier: QlzJEendGbseaNReJjePtoFhjVvX4eW43mNRB+xOFpM=
Subject key identifier: 03:12:B7:73:5C:27:03:3B:61:9B:E3:32:75:6D:E2:2F:17:51:FF:5A
Certificate issuer: /CN=A91CE3A3/serialNumber=B4B10E6CB38D5365D054E8DBE90F34F2C388B10C
Certificate serial: 0A88
Authority key identifier: B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/ACC9D6D2060511ECB5C05961C4F9AE02.roa
Signing time: Wed 02 Nov 2022 20:06:43 +0000
ROA not before: Wed 02 Nov 2022 20:06:43 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 132680
IP address blocks: 103.18.108.0/22 maxlen: 24
2407:e700::/32 maxlen: 32
2407:e700:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2696 (0xa88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE3A3/serialNumber=B4B10E6CB38D5365D054E8DBE90F34F2C388B10C
Validity
Not Before: Nov 2 20:06:43 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6362cdd3-83a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:f8:41:13:ea:4a:4c:da:73:b6:32:9e:51:
e2:c4:d1:5e:8c:e2:95:a2:7c:32:eb:ec:8a:05:1f:
1b:a4:83:a5:95:f0:53:80:48:32:4e:92:32:ff:a9:
1d:e2:d1:6b:57:bc:bb:d8:19:14:af:de:91:3e:db:
a8:5b:87:0d:aa:60:8c:14:3b:f1:fb:a1:e5:a8:4e:
03:d7:22:8d:79:77:d2:6d:d8:92:fe:e8:73:4b:cb:
4e:c7:bc:eb:3d:b4:66:a9:b2:01:4d:23:b0:3d:14:
12:8f:14:30:fe:20:1d:b3:1f:35:3f:bc:73:f5:45:
ba:22:db:e5:a2:5c:f8:0a:68:aa:9e:66:5c:39:67:
da:ba:aa:f7:f5:82:44:2e:82:48:ab:e3:18:c4:57:
d9:10:1a:68:ff:92:ee:cb:39:9c:cd:92:30:30:09:
5b:4c:51:12:bb:5e:04:57:fc:a7:2a:08:4b:01:71:
43:73:03:64:fd:1e:dc:3c:2e:d8:99:6e:9c:50:e7:
fc:6a:ea:5a:7a:b9:d3:ab:bc:96:e4:cb:c7:40:7e:
8a:86:79:49:3f:dd:e4:23:e7:7a:94:e0:eb:ea:83:
9c:33:6a:4f:21:3e:85:a1:3d:71:9a:74:b0:c3:85:
e0:9a:49:6d:34:9c:3d:5d:d3:c9:f9:3a:e1:2f:6b:
68:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:12:B7:73:5C:27:03:3B:61:9B:E3:32:75:6D:E2:2F:17:51:FF:5A
X509v3 Authority Key Identifier:
keyid:B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/tLEObLONU2XQVOjb6Q808sOIsQw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/ACC9D6D2060511ECB5C05961C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.18.108.0/22
IPv6:
2407:e700::/32
Signature Algorithm: sha256WithRSAEncryption
24:e6:ed:10:69:89:45:f9:c5:91:30:82:4a:a5:56:90:cc:4f:
7f:18:75:d6:17:6c:e9:ec:d1:e9:94:18:c0:a0:2a:e8:61:10:
b1:56:c4:48:ce:73:bd:91:6a:d2:79:b7:3f:42:94:7a:2c:fe:
9e:f5:5e:4c:f4:18:76:60:02:d1:e4:20:65:89:b2:ac:34:91:
41:1c:9a:00:8f:26:f7:17:fb:b2:ec:da:0f:89:6f:ca:a6:d3:
41:70:63:72:2a:fb:ab:12:5d:8a:d6:e8:28:ac:3b:10:c0:e8:
c8:37:dd:2b:ee:3b:82:b7:62:f0:09:9e:50:bc:10:3b:b9:f2:
64:e5:cc:1e:24:0e:a0:ad:4e:c3:1a:d4:9b:9b:6f:f8:24:e2:
58:2d:64:63:82:7e:e3:aa:91:f2:db:ac:f2:da:64:9f:27:7f:
60:8d:19:81:ab:f5:56:e5:f8:62:2c:6c:97:f5:4f:58:27:ce:
ad:d7:6a:a5:e0:ac:68:83:3a:2e:4b:14:76:33:a2:f2:fb:0a:
7f:37:fe:a3:7c:4c:8c:64:32:94:35:b1:56:3c:db:9a:bb:7d:
94:8a:c8:96:a7:3f:b0:91:af:6b:a6:38:9d:90:86:5e:f0:fa:
19:92:54:14:f9:48:ea:40:f1:fb:d1:da:e6:5c:f3:1a:16:32:
12:ec:04:fd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UzQTMxMTAvBgNVBAUTKEI0QjEwRTZDQjM4RDUzNjVEMDU0RThEQkU5MEYzNEYy
QzM4OEIxMEMwHhcNMjIxMTAyMjAwNjQzWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYyY2RkMy04M2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsW74QRPqSkzac7YynlHixNFejOKVonwy6+yKBR8bpIOllfBTgEgyTpIy/6kd
4tFrV7y72BkUr96RPtuoW4cNqmCMFDvx+6HlqE4D1yKNeXfSbdiS/uhzS8tOx7zr
PbRmqbIBTSOwPRQSjxQw/iAdsx81P7xz9UW6Itvlolz4CmiqnmZcOWfauqr39YJE
LoJIq+MYxFfZEBpo/5LuyzmczZIwMAlbTFESu14EV/ynKghLAXFDcwNk/R7cPC7Y
mW6cUOf8aupaernTq7yW5MvHQH6KhnlJP93kI+d6lODr6oOcM2pPIT6FoT1xmnSw
w4XgmkltNJw9XdPJ+TrhL2toNQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAMSt3Nc
JwM7YZvjMnVt4i8XUf9aMB8GA1UdIwQYMBaAFLSxDmyzjVNl0FTo2+kPNPLDiLEM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTNBMy8yMDkxREM4RTA1
MDExMUVBQkQ5QjIwMkNDNEY5QUUwMi90TEVPYkxPTlUyWFFWT2piNlE4MDhzT0lz
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMRU9iTE9OVTJYUVZPamI2UTgwOHNPSXNRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0UzQTMvMjA5MURDOEUwNTAxMTFFQUJEOUIyMDJDQzRGOUFFMDIvQUNDOUQ2RDIw
NjA1MTFFQ0I1QzA1OTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnEmwwDQQCAAIwBwMFACQH5wAwDQYJKoZIhvcNAQELBQAD
ggEBACTm7RBpiUX5xZEwgkqlVpDMT38YddYXbOns0emUGMCgKuhhELFWxEjOc72R
atJ5tz9ClHos/p71Xkz0GHZgAtHkIGWJsqw0kUEcmgCPJvcX+7Ls2g+Jb8qm00Fw
Y3Iq+6sSXYrW6CisOxDA6Mg33SvuO4K3YvAJnlC8EDu58mTlzB4kDqCtTsMa1Jub
b/gk4lgtZGOCfuOqkfLbrPLaZJ8nf2CNGYGr9Vbl+GIsbJf1T1gnzq3XaqXgrGiD
Oi5LFHYzovL7Cn83/qN8TIxkMpQ1sVY825q7fZSKyJanP7CRr2umOJ2Qhl7w+hmS
VBT5SOpA8fvR2uZc8xoWMhLsBP0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org