Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D190A/071C4DE4500E11EBA73A632BC4F9AE02/E1B3F77CA55B11EE817AB10DC4F9AE02.roa
File: E1B3F77CA55B11EE817AB10DC4F9AE02.roa (raw, json)
Hash identifier: 8hRGZMZVKdu6m/lyGcubLjbJec0lgHJ/6B3w3E+gjNo=
Subject key identifier: 3F:6D:4B:10:BB:AB:55:62:30:54:DA:9B:46:EE:46:D5:A4:CA:D4:29
Certificate issuer: /CN=A91D190A/serialNumber=8E70D3A5240E3388A3F1C0D8F72D8F8AE159C46C
Certificate serial: 05E5
Authority key identifier: 8E:70:D3:A5:24:0E:33:88:A3:F1:C0:D8:F7:2D:8F:8A:E1:59:C4:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jnDTpSQOM4ij8cDY9y2PiuFZxGw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D190A/071C4DE4500E11EBA73A632BC4F9AE02/E1B3F77CA55B11EE817AB10DC4F9AE02.roa
Signing time: Thu 28 Dec 2023 08:34:14 +0000
ROA not before: Thu 28 Dec 2023 08:34:14 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 63526
IP address blocks: 103.161.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1509 (0x5e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D190A/serialNumber=8E70D3A5240E3388A3F1C0D8F72D8F8AE159C46C
Validity
Not Before: Dec 28 08:34:14 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=658d3306-670b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:fb:ec:85:75:70:ee:1b:3e:59:90:56:4b:
fa:bf:37:2b:36:90:66:09:19:e6:f8:17:c6:d6:f5:
ff:51:4d:52:ec:a4:c8:ab:9f:83:ff:bd:0e:26:df:
6b:2a:08:a4:8d:bd:dc:e0:46:92:cb:9c:90:ab:73:
1b:4c:bc:44:6a:06:05:0b:c0:61:38:8b:89:ff:83:
95:4f:76:e7:c4:01:ad:fe:41:eb:38:5c:a7:87:24:
f7:32:01:37:14:81:ff:a3:aa:74:f6:f2:04:30:40:
74:61:ce:43:a5:b4:a9:89:11:f7:6e:40:69:a6:ad:
f2:5c:28:0b:cf:f9:63:42:73:d9:95:cc:6c:17:ef:
3e:b2:4f:c6:4d:d3:47:d5:d0:4d:b3:e0:d7:39:4f:
b9:b9:11:88:ec:b8:dc:f2:44:a3:18:79:7f:9a:6f:
98:1d:a0:7c:74:30:62:3d:04:46:80:04:07:47:68:
62:67:59:77:4e:6c:a8:bd:67:78:73:76:80:d4:64:
58:62:ec:a6:63:29:32:1e:bf:66:fc:76:14:65:06:
f9:44:c3:0d:c9:75:de:22:69:5f:6a:b9:c1:fb:0b:
6a:21:15:47:39:d2:2c:57:01:06:e1:da:4d:a3:af:
cc:d9:e6:b9:d5:c8:90:a1:2a:33:ff:33:42:2c:79:
2e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6D:4B:10:BB:AB:55:62:30:54:DA:9B:46:EE:46:D5:A4:CA:D4:29
X509v3 Authority Key Identifier:
keyid:8E:70:D3:A5:24:0E:33:88:A3:F1:C0:D8:F7:2D:8F:8A:E1:59:C4:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D190A/071C4DE4500E11EBA73A632BC4F9AE02/jnDTpSQOM4ij8cDY9y2PiuFZxGw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jnDTpSQOM4ij8cDY9y2PiuFZxGw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D190A/071C4DE4500E11EBA73A632BC4F9AE02/E1B3F77CA55B11EE817AB10DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.71.0/24
Signature Algorithm: sha256WithRSAEncryption
73:0e:ab:87:99:c7:50:c8:f7:59:bd:04:4f:74:7b:d6:ca:ad:
6d:ac:c5:18:46:55:ed:b2:1d:ef:c7:6c:4e:a5:7b:31:7e:4f:
2c:7d:b6:2e:ae:d2:36:0e:c2:73:7e:ea:a5:b8:d1:ef:3e:64:
0c:d9:88:03:89:e2:f6:53:0c:46:44:a8:0d:cc:66:3a:2d:2e:
f1:1b:b7:3c:29:ce:0f:f0:5e:a5:c8:85:de:e0:e4:75:63:56:
75:48:6b:6e:f1:8e:5a:01:9f:95:e9:5d:fc:fe:6f:ae:15:40:
6d:ea:06:d9:00:4b:b6:6e:33:86:9f:da:67:1c:ee:ff:16:aa:
24:2c:61:c4:06:6f:9c:a6:d0:e1:21:19:5d:38:35:51:a9:3d:
9e:a6:27:c6:fc:11:2c:88:58:65:e6:73:32:d5:a3:42:70:e9:
c1:ef:8f:ef:45:43:4c:29:a5:e0:13:7d:02:f5:28:b4:16:f1:
e5:05:fc:65:b7:da:36:ee:f8:d2:43:ec:38:31:e8:b5:da:71:
a1:a8:a2:8d:0f:3a:0f:25:57:53:b8:50:61:98:8d:89:63:4d:
ed:ab:08:47:bc:7c:6b:f2:40:3b:6e:0b:03:cd:b7:85:17:43:
45:4f:9d:e4:93:8b:30:c2:88:fc:a9:d2:9e:5c:68:68:14:e7:
3b:0a:ec:a4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE5MEExMTAvBgNVBAUTKDhFNzBEM0E1MjQwRTMzODhBM0YxQzBEOEY3MkQ4RjhB
RTE1OUM0NkMwHhcNMjMxMjI4MDgzNDE0WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkMzMwNi02NzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuCL77IV1cO4bPlmQVkv6vzcrNpBmCRnm+BfG1vX/UU1S7KTIq5+D/70OJt9r
Kgikjb3c4EaSy5yQq3MbTLxEagYFC8BhOIuJ/4OVT3bnxAGt/kHrOFynhyT3MgE3
FIH/o6p09vIEMEB0Yc5DpbSpiRH3bkBppq3yXCgLz/ljQnPZlcxsF+8+sk/GTdNH
1dBNs+DXOU+5uRGI7Ljc8kSjGHl/mm+YHaB8dDBiPQRGgAQHR2hiZ1l3TmyovWd4
c3aA1GRYYuymYykyHr9m/HYUZQb5RMMNyXXeImlfarnB+wtqIRVHOdIsVwEG4dpN
o6/M2ea51ciQoSoz/zNCLHkuJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD9tSxC7
q1ViMFTam0buRtWkytQpMB8GA1UdIwQYMBaAFI5w06UkDjOIo/HA2Pctj4rhWcRs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTkwQS8wNzFDNERFNDUw
MEUxMUVCQTczQTYzMkJDNEY5QUUwMi9qbkRUcFNRT000aWo4Y0RZOXkyUGl1Rlp4
R3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2puRFRwU1FPTTRpajhjRFk5eTJQaXVGWnhHdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE5MEEvMDcxQzRERTQ1MDBFMTFFQkE3M0E2MzJCQzRGOUFFMDIvRTFCM0Y3N0NB
NTVCMTFFRTgxN0FCMTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnoUcwDQYJKoZIhvcNAQELBQADggEBAHMOq4eZx1DI91m9
BE90e9bKrW2sxRhGVe2yHe/HbE6lezF+Tyx9ti6u0jYOwnN+6qW40e8+ZAzZiAOJ
4vZTDEZEqA3MZjotLvEbtzwpzg/wXqXIhd7g5HVjVnVIa27xjloBn5XpXfz+b64V
QG3qBtkAS7ZuM4af2mcc7v8WqiQsYcQGb5ym0OEhGV04NVGpPZ6mJ8b8ESyIWGXm
czLVo0Jw6cHvj+9FQ0wppeATfQL1KLQW8eUF/GW32jbu+NJD7Dgx6LXacaGooo0P
Og8lV1O4UGGYjYljTe2rCEe8fGvyQDtuCwPNt4UXQ0VPneSTizDCiPyp0p5caGgU
5zsK7KQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org