Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/AAA7AD80EF9D11EBB1473214C4F9AE02.roa
File: AAA7AD80EF9D11EBB1473214C4F9AE02.roa (raw, json)
Hash identifier: 0H9j6xxzoNDk9BcLKQ3FS0HuVZuTAoDfh5Zct1M2ctk=
Subject key identifier: 35:C9:CB:43:CB:5C:BA:5C:82:13:BC:FE:47:DC:38:43:E7:4C:52:6B
Certificate issuer: /CN=A91CF285/serialNumber=3E29CE6F6A7DB94B6D09133B73FED52DDEE12DAB
Certificate serial: 0D7C
Authority key identifier: 3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/AAA7AD80EF9D11EBB1473214C4F9AE02.roa
Signing time: Wed 01 Jun 2022 06:47:22 +0000
ROA not before: Wed 01 Jun 2022 06:47:22 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 45671
IP address blocks: 103.209.4.0/23 maxlen: 23
2406:bf00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3452 (0xd7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF285/serialNumber=3E29CE6F6A7DB94B6D09133B73FED52DDEE12DAB
Validity
Not Before: Jun 1 06:47:22 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62970b7a-39ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:23:0e:33:c8:4c:2a:b8:cd:d0:22:50:7d:21:
f6:d0:fb:23:75:fe:0b:e4:91:af:be:ee:fd:6c:16:
53:60:10:b4:56:12:e1:25:36:98:30:99:f7:f3:15:
b5:21:75:b7:06:d1:42:ae:09:91:80:ac:3e:fb:bb:
31:36:10:0c:6a:d3:6c:2a:76:ea:8c:0e:45:fe:c6:
36:b9:62:28:af:5c:c2:ec:f3:5c:68:3b:7e:db:82:
30:f9:d0:74:78:54:6e:d9:46:77:ba:b4:d2:45:31:
50:f8:a9:f9:b8:bf:9c:94:ab:32:b8:6d:af:8a:10:
c7:b4:94:bb:3b:be:a9:1f:07:b0:6a:e6:e4:33:c0:
b3:3f:31:33:ad:c6:e9:34:9a:b0:b4:9d:85:1c:e3:
f9:00:aa:85:0d:b0:5f:74:b2:a0:4c:b0:d7:9e:44:
a2:17:6d:17:28:60:c3:c8:f7:cc:0c:78:2e:74:58:
1f:03:eb:eb:4a:84:c4:da:39:82:76:97:d1:5c:66:
ba:62:c0:1f:2f:ef:3b:6c:b2:17:7a:c7:57:65:ad:
98:60:31:2d:2b:0c:61:44:1d:96:cb:11:a7:7c:ff:
ac:80:82:46:7f:db:84:b8:b7:15:53:75:4c:26:05:
92:37:7e:98:4a:e7:c5:4b:92:14:1c:bd:bb:bb:65:
e3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C9:CB:43:CB:5C:BA:5C:82:13:BC:FE:47:DC:38:43:E7:4C:52:6B
X509v3 Authority Key Identifier:
keyid:3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/AAA7AD80EF9D11EBB1473214C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.209.4.0/23
IPv6:
2406:bf00:1::/48
Signature Algorithm: sha256WithRSAEncryption
b8:e7:09:46:72:af:e2:b3:b3:56:66:36:23:b7:c5:e7:0d:d9:
44:db:f6:05:c1:bf:db:78:14:65:51:b8:df:36:5a:b3:9c:5f:
36:2e:16:9a:15:ac:4a:eb:b6:7b:53:e8:2a:7d:93:c1:05:c8:
af:06:6d:cd:3d:72:04:75:2b:ab:11:7b:a4:6a:ec:d5:5f:f5:
60:3f:a6:c2:42:9b:be:80:3d:68:56:dc:ea:61:1a:46:0a:cc:
18:e0:68:49:8f:e2:83:20:60:6d:15:28:ac:07:0c:df:43:8e:
95:8b:2a:74:99:8f:a4:b9:43:95:e3:91:b3:a8:73:59:66:ff:
ad:3a:07:c7:7f:b6:3f:a2:d9:35:f6:a7:71:d6:2c:19:06:0c:
b1:5f:c8:a0:f4:0e:75:84:a4:80:09:0c:f4:3f:10:73:33:d5:
00:bc:51:fd:31:74:00:be:ce:49:71:f7:96:75:03:11:71:d3:
4d:a9:ba:3a:c7:f4:36:71:8e:40:5d:d7:38:6c:d8:75:15:e8:
51:a2:b5:e0:70:c2:0b:3f:44:21:5f:22:72:cc:d3:06:f5:1f:
9c:71:2f:9a:38:ed:25:25:3d:2b:12:7d:2d:c9:83:46:df:91:
16:01:71:06:82:c7:14:47:56:20:48:e7:1b:bb:f9:58:dc:ad:
a1:5d:d2:c8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICDXwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0YyODUxMTAvBgNVBAUTKDNFMjlDRTZGNkE3REI5NEI2RDA5MTMzQjczRkVENTJE
REVFMTJEQUIwHhcNMjIwNjAxMDY0NzIyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk3MGI3YS0zOWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5iMOM8hMKrjN0CJQfSH20Psjdf4L5JGvvu79bBZTYBC0VhLhJTaYMJn38xW1
IXW3BtFCrgmRgKw++7sxNhAMatNsKnbqjA5F/sY2uWIor1zC7PNcaDt+24Iw+dB0
eFRu2UZ3urTSRTFQ+Kn5uL+clKsyuG2vihDHtJS7O76pHwewaubkM8CzPzEzrcbp
NJqwtJ2FHOP5AKqFDbBfdLKgTLDXnkSiF20XKGDDyPfMDHgudFgfA+vrSoTE2jmC
dpfRXGa6YsAfL+87bLIXesdXZa2YYDEtKwxhRB2WyxGnfP+sgIJGf9uEuLcVU3VM
JgWSN36YSufFS5IUHL27u2XjYwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDXJy0PL
XLpcghO8/kfcOEPnTFJrMB8GA1UdIwQYMBaAFD4pzm9qfblLbQkTO3P+1S3e4S2r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjI4NS9GRDY0RjBCODM0
MEMxMUU5OTY2QzVBNzZDNEY5QUUwMi9QaW5PYjJwOXVVdHRDUk03Y183VkxkN2hM
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Bpbk9iMnA5dVV0dENSTTdjXzdWTGQ3aExhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0YyODUvRkQ2NEYwQjgzNDBDMTFFOTk2NkM1QTc2QzRGOUFFMDIvQUFBN0FEODBF
RjlEMTFFQkIxNDczMjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn0QQwDwQCAAIwCQMHACQGvwAAATANBgkqhkiG9w0BAQsF
AAOCAQEAuOcJRnKv4rOzVmY2I7fF5w3ZRNv2BcG/23gUZVG43zZas5xfNi4WmhWs
Suu2e1PoKn2TwQXIrwZtzT1yBHUrqxF7pGrs1V/1YD+mwkKbvoA9aFbc6mEaRgrM
GOBoSY/igyBgbRUorAcM30OOlYsqdJmPpLlDleORs6hzWWb/rToHx3+2P6LZNfan
cdYsGQYMsV/IoPQOdYSkgAkM9D8QczPVALxR/TF0AL7OSXH3lnUDEXHTTam6Osf0
NnGOQF3XOGzYdRXoUaK14HDCCz9EIV8icszTBvUfnHEvmjjtJSU9KxJ9LcmDRt+R
FgFxBoLHFEdWIEjnG7v5WNytoV3SyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org