Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/36C8173476B411EDB53FB65BC4F9AE02.roa
File: 36C8173476B411EDB53FB65BC4F9AE02.roa (raw, json)
Hash identifier: TGx+Hazrnw8K31kC8lioKV9GPPH5Pa56Vb9O00Zg+XI=
Subject key identifier: AE:90:97:30:06:92:54:A2:7D:43:25:77:EE:EE:51:BE:76:4A:BE:1F
Certificate issuer: /CN=A91CFCF8/serialNumber=7C5E0DDC4F5869747B2A358C9B7C0F31E8D8DD8B
Certificate serial: 0211
Authority key identifier: 7C:5E:0D:DC:4F:58:69:74:7B:2A:35:8C:9B:7C:0F:31:E8:D8:DD:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF4N3E9YaXR7KjWMm3wPMejY3Ys.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/36C8173476B411EDB53FB65BC4F9AE02.roa
Signing time: Sat 07 Jan 2023 04:23:20 +0000
ROA not before: Sat 07 Jan 2023 04:23:20 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 142150
IP address blocks: 103.179.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 529 (0x211)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFCF8/serialNumber=7C5E0DDC4F5869747B2A358C9B7C0F31E8D8DD8B
Validity
Not Before: Jan 7 04:23:20 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63b8f3b8-44fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:96:e0:c3:08:21:0d:6e:94:fc:52:54:38:
9e:c6:b5:c5:6c:9f:6e:c7:f0:57:42:0c:0c:45:ec:
4f:90:27:1d:4f:e1:c1:ad:91:9e:29:9f:40:fc:50:
73:3f:88:46:da:80:46:80:1a:53:49:ce:64:e1:32:
a9:f4:da:48:6e:78:3d:30:63:23:62:4a:72:13:80:
b4:fe:f7:cc:9c:66:0c:f2:ee:9f:fc:0f:0b:5b:24:
ef:58:79:04:ff:5c:f2:a2:38:f5:84:7b:5a:df:d8:
06:7c:67:ad:9b:43:55:96:b9:bc:2c:c9:ac:dd:f6:
d8:c3:0a:b6:0b:0b:17:c9:3f:e6:62:69:d0:b7:84:
99:6b:e7:4b:bb:7e:91:d0:94:1a:2c:5c:3e:5c:95:
d9:c8:08:fa:20:58:07:3a:53:0b:9b:94:cc:69:f3:
13:4c:7b:9e:df:e2:5a:dd:45:28:51:e2:c8:dc:19:
60:71:99:7b:dd:83:fa:27:1b:9a:12:11:e5:5e:c1:
06:dc:8e:e6:9c:aa:d7:80:17:70:a2:52:68:a3:ab:
7c:8d:55:a7:70:82:12:8c:ca:fd:ef:74:26:bf:b6:
9e:23:be:0d:6c:d6:05:73:a5:78:7e:2e:b2:05:56:
3a:0b:e8:65:a6:6a:9d:c6:1d:58:58:21:45:05:02:
08:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:90:97:30:06:92:54:A2:7D:43:25:77:EE:EE:51:BE:76:4A:BE:1F
X509v3 Authority Key Identifier:
keyid:7C:5E:0D:DC:4F:58:69:74:7B:2A:35:8C:9B:7C:0F:31:E8:D8:DD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/fF4N3E9YaXR7KjWMm3wPMejY3Ys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF4N3E9YaXR7KjWMm3wPMejY3Ys.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/36C8173476B411EDB53FB65BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.240.0/24
Signature Algorithm: sha256WithRSAEncryption
23:7f:31:6c:74:44:03:29:fc:df:0d:6d:a4:68:02:1d:54:51:
99:bc:0d:06:7f:87:0b:c7:16:8c:c9:d8:a5:dc:cc:06:b4:d5:
4b:3a:6c:db:db:e8:9a:74:e4:a2:ea:6c:32:5e:41:71:2c:5d:
dc:6f:c8:91:cf:3e:2e:87:cf:ce:d9:26:a5:bb:6c:17:26:b6:
ca:b9:d4:1d:d0:89:ad:bd:ed:71:6e:c4:4d:e2:c0:b6:cc:45:
fc:ee:60:44:09:59:3f:52:39:46:42:e5:ed:63:e3:ed:8a:48:
c2:e1:48:7a:42:bc:75:88:35:46:84:4b:4a:1f:3c:e9:1f:10:
64:8b:7f:e2:3d:b9:5e:1a:3e:36:ec:50:fa:fc:19:13:ed:c4:
19:25:8b:c2:77:c3:e8:79:50:71:ac:fb:7c:18:61:6d:b2:71:
57:8f:40:12:43:61:f4:9c:04:15:ac:88:0a:54:ae:94:0b:3c:
82:9a:d5:d5:09:e7:0f:dc:e7:1c:a8:b4:36:12:f5:01:8b:fa:
a9:d5:7e:c3:ad:a5:c3:b8:0f:4e:45:ee:ca:c1:c8:08:41:d8:
29:c3:bb:d0:53:29:97:3a:5d:91:6f:0f:d0:97:98:4d:04:f7:
3d:4c:79:98:0b:67:d5:01:0e:6f:15:5b:e8:b4:61:69:25:ee:
34:3a:d0:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAhEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZDRjgxMTAvBgNVBAUTKDdDNUUwRERDNEY1ODY5NzQ3QjJBMzU4QzlCN0MwRjMx
RThEOEREOEIwHhcNMjMwMTA3MDQyMzIwWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I4ZjNiOC00NGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuDWW4MMIIQ1ulPxSVDiexrXFbJ9ux/BXQgwMRexPkCcdT+HBrZGeKZ9A/FBz
P4hG2oBGgBpTSc5k4TKp9NpIbng9MGMjYkpyE4C0/vfMnGYM8u6f/A8LWyTvWHkE
/1zyojj1hHta39gGfGetm0NVlrm8LMms3fbYwwq2CwsXyT/mYmnQt4SZa+dLu36R
0JQaLFw+XJXZyAj6IFgHOlMLm5TMafMTTHue3+Ja3UUoUeLI3BlgcZl73YP6Jxua
EhHlXsEG3I7mnKrXgBdwolJoo6t8jVWncIISjMr973Qmv7aeI74NbNYFc6V4fi6y
BVY6C+hlpmqdxh1YWCFFBQIIEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFK6QlzAG
klSifUMld+7uUb52Sr4fMB8GA1UdIwQYMBaAFHxeDdxPWGl0eyo1jJt8DzHo2N2L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkNGOC8wNUU0QzJEMjhC
MDIxMUVDODVGMkQwNzRDNEY5QUUwMi9mRjROM0U5WWFYUjdLaldNbTN3UE1lalkz
WXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZGNE4zRTlZYVhSN0tqV01tM3dQTWVqWTNZcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZDRjgvMDVFNEMyRDI4QjAyMTFFQzg1RjJEMDc0QzRGOUFFMDIvMzZDODE3MzQ3
NkI0MTFFREI1M0ZCNjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABns/AwDQYJKoZIhvcNAQELBQADggEBACN/MWx0RAMp/N8N
baRoAh1UUZm8DQZ/hwvHFozJ2KXczAa01Us6bNvb6Jp05KLqbDJeQXEsXdxvyJHP
Pi6Hz87ZJqW7bBcmtsq51B3Qia297XFuxE3iwLbMRfzuYEQJWT9SOUZC5e1j4+2K
SMLhSHpCvHWINUaES0ofPOkfEGSLf+I9uV4aPjbsUPr8GRPtxBkli8J3w+h5UHGs
+3wYYW2ycVePQBJDYfScBBWsiApUrpQLPIKa1dUJ5w/c5xyotDYS9QGL+qnVfsOt
pcO4D05F7srByAhB2CnDu9BTKZc6XZFvD9CXmE0E9z1MeZgLZ9UBDm8VW+i0YWkl
7jQ60MU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:28 2024 by rpki-client on console-ams.rpki-client.org