Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/6E65387C35C011EEBAB08C78C4F9AE02.roa
File: 6E65387C35C011EEBAB08C78C4F9AE02.roa (raw, json)
Hash identifier: x/s8QqxuVINCpa7br4OWPHPFz/KkpcjgYr/C3DlJN4o=
Subject key identifier: B2:3A:1C:22:0D:97:2A:07:DD:0E:E1:29:70:FC:7D:F0:F5:0B:3F:8F
Certificate issuer: /CN=A91CFCF8/serialNumber=7C5E0DDC4F5869747B2A358C9B7C0F31E8D8DD8B
Certificate serial: 0283
Authority key identifier: 7C:5E:0D:DC:4F:58:69:74:7B:2A:35:8C:9B:7C:0F:31:E8:D8:DD:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF4N3E9YaXR7KjWMm3wPMejY3Ys.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/6E65387C35C011EEBAB08C78C4F9AE02.roa
Signing time: Tue 08 Aug 2023 07:51:50 +0000
ROA not before: Tue 08 Aug 2023 07:51:50 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 150750
IP address blocks: 103.179.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 643 (0x283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFCF8/serialNumber=7C5E0DDC4F5869747B2A358C9B7C0F31E8D8DD8B
Validity
Not Before: Aug 8 07:51:50 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64d1f415-689f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:a4:a0:3d:5c:e3:e0:2d:1c:48:7b:8d:8b:
49:a3:e4:4b:3d:15:4b:93:b0:3b:d0:6a:18:16:24:
75:a3:8a:fd:f0:7d:7a:37:24:51:cf:d9:0a:49:f1:
ff:09:f9:68:1d:45:91:88:fc:70:1b:66:a2:9d:5a:
98:ad:f8:49:3e:cf:c3:68:17:c1:f5:5a:dd:27:b2:
6f:0c:f2:4f:51:38:7b:3c:0d:11:f9:d5:47:9f:8c:
50:35:7f:a5:6d:32:db:fd:b8:54:5e:13:a4:05:22:
fd:4a:85:21:23:52:82:a7:96:2a:94:3e:77:63:64:
f2:66:8d:5c:8e:cf:0e:66:51:94:ff:ec:2c:5f:30:
4a:84:48:22:0d:d5:fd:d3:15:16:0f:07:de:b8:c9:
42:3e:ab:30:3a:74:cb:20:85:b7:e4:e0:ba:87:da:
e4:36:d7:96:23:db:4d:88:b2:ab:79:32:2b:cf:2c:
2f:5e:fc:4d:75:54:c5:eb:67:f2:68:95:82:ff:1a:
f6:b2:49:16:d2:ee:a8:2f:51:c4:b3:96:1a:8f:04:
70:b8:52:d6:6d:40:d6:31:4f:4e:06:37:1c:1f:86:
4a:fb:ed:d6:e7:dc:6c:5e:14:36:5d:64:91:51:d7:
2a:b6:58:3e:da:7b:93:72:cd:c6:0e:cf:a0:aa:90:
06:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:3A:1C:22:0D:97:2A:07:DD:0E:E1:29:70:FC:7D:F0:F5:0B:3F:8F
X509v3 Authority Key Identifier:
keyid:7C:5E:0D:DC:4F:58:69:74:7B:2A:35:8C:9B:7C:0F:31:E8:D8:DD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/fF4N3E9YaXR7KjWMm3wPMejY3Ys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fF4N3E9YaXR7KjWMm3wPMejY3Ys.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFCF8/05E4C2D28B0211EC85F2D074C4F9AE02/6E65387C35C011EEBAB08C78C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.241.0/24
Signature Algorithm: sha256WithRSAEncryption
82:dc:d2:82:5d:79:25:9b:82:ee:66:3d:5a:a4:6f:26:59:7f:
41:fc:38:eb:f1:9f:50:e5:4a:ee:bd:06:ae:2d:f4:9d:b0:c1:
3a:eb:96:e2:b7:27:91:ec:dd:c6:c2:d1:b2:0d:6e:4d:1a:07:
c2:3b:b5:20:4d:be:1b:05:85:a7:c5:f5:bb:40:55:17:1c:35:
02:5b:12:77:65:c0:4a:44:ea:0b:8c:b7:4f:8c:09:51:e7:f4:
d9:cb:c6:46:88:f7:ab:5d:75:d7:b8:b4:4d:f0:48:83:15:6b:
14:ef:1e:10:7c:55:7f:84:87:88:2a:39:c7:01:34:95:8a:62:
c0:72:34:cb:6d:29:c3:64:ae:b9:90:43:cd:d2:72:fc:ab:79:
b2:97:16:45:3c:22:46:b0:d0:5e:5a:3b:a5:08:c3:2b:3c:09:
79:78:d6:89:ff:4f:64:5f:37:b8:b6:d5:95:ea:2b:f6:69:bc:
74:90:42:8e:d0:9d:8a:4d:b9:69:90:90:c7:08:19:81:82:a3:
6c:92:8f:8d:32:3a:12:8a:e5:d3:b7:b3:e7:39:9e:e5:5d:2c:
4b:fe:5a:2c:bd:a4:dc:ec:bf:43:3f:e4:a7:57:f1:7e:ba:be:
3c:9d:33:43:08:ea:bf:c9:8c:ef:83:ac:ee:dd:16:4d:74:25:
a7:cc:0d:62
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZDRjgxMTAvBgNVBAUTKDdDNUUwRERDNEY1ODY5NzQ3QjJBMzU4QzlCN0MwRjMx
RThEOEREOEIwHhcNMjMwODA4MDc1MTUwWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQxZjQxNS02ODlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuQ6koD1c4+AtHEh7jYtJo+RLPRVLk7A70GoYFiR1o4r98H16NyRRz9kKSfH/
CfloHUWRiPxwG2ainVqYrfhJPs/DaBfB9VrdJ7JvDPJPUTh7PA0R+dVHn4xQNX+l
bTLb/bhUXhOkBSL9SoUhI1KCp5YqlD53Y2TyZo1cjs8OZlGU/+wsXzBKhEgiDdX9
0xUWDwfeuMlCPqswOnTLIIW35OC6h9rkNteWI9tNiLKreTIrzywvXvxNdVTF62fy
aJWC/xr2skkW0u6oL1HEs5YajwRwuFLWbUDWMU9OBjccH4ZK++3W59xsXhQ2XWSR
Udcqtlg+2nuTcs3GDs+gqpAG7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLI6HCIN
lyoH3Q7hKXD8ffD1Cz+PMB8GA1UdIwQYMBaAFHxeDdxPWGl0eyo1jJt8DzHo2N2L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkNGOC8wNUU0QzJEMjhC
MDIxMUVDODVGMkQwNzRDNEY5QUUwMi9mRjROM0U5WWFYUjdLaldNbTN3UE1lalkz
WXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZGNE4zRTlZYVhSN0tqV01tM3dQTWVqWTNZcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZDRjgvMDVFNEMyRDI4QjAyMTFFQzg1RjJEMDc0QzRGOUFFMDIvNkU2NTM4N0Mz
NUMwMTFFRUJBQjA4Qzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABns/EwDQYJKoZIhvcNAQELBQADggEBAILc0oJdeSWbgu5m
PVqkbyZZf0H8OOvxn1DlSu69Bq4t9J2wwTrrluK3J5Hs3cbC0bINbk0aB8I7tSBN
vhsFhafF9btAVRccNQJbEndlwEpE6guMt0+MCVHn9NnLxkaI96tddde4tE3wSIMV
axTvHhB8VX+Eh4gqOccBNJWKYsByNMttKcNkrrmQQ83ScvyrebKXFkU8Ikaw0F5a
O6UIwys8CXl41on/T2RfN7i21ZXqK/ZpvHSQQo7QnYpNuWmQkMcIGYGCo2ySj40y
OhKK5dO3s+c5nuVdLEv+Wiy9pNzsv0M/5KdX8X66vjydM0MI6r/JjO+DrO7dFk10
JafMDWI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:28 2024 by rpki-client on console-ams.rpki-client.org