Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/E73AEBC08A7611ED95F68A3EC4F9AE02.roa
File: E73AEBC08A7611ED95F68A3EC4F9AE02.roa (raw, json)
Hash identifier: cJ2KwHwPXeTMmobfbwvD3yVgbgCR4PKPrcQG9d9YAx8=
Subject key identifier: 0F:C7:5F:3B:74:D6:6F:E2:D3:9E:13:5E:01:2E:0F:42:F1:54:09:94
Certificate issuer: /CN=A91D194C/serialNumber=1AE9AF3ABB8A73EF26F934F98B3A6CAB9517ACA6
Certificate serial: 02
Authority key identifier: 1A:E9:AF:3A:BB:8A:73:EF:26:F9:34:F9:8B:3A:6C:AB:95:17:AC:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GumvOruKc-8m-TT5izpsq5UXrKY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/E73AEBC08A7611ED95F68A3EC4F9AE02.roa
Signing time: Mon 02 Jan 2023 08:24:41 +0000
ROA not before: Mon 02 Jan 2023 08:24:41 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 150682
IP address blocks: 103.177.142.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D194C/serialNumber=1AE9AF3ABB8A73EF26F934F98B3A6CAB9517ACA6
Validity
Not Before: Jan 2 08:24:41 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63b294c9-6b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:bb:13:43:68:29:9b:3a:c7:7e:4b:b8:a8:14:
46:bf:57:39:29:fc:b3:b6:8a:97:1b:d8:50:ed:af:
7b:e1:a3:a7:37:a4:c6:ff:47:55:fe:ba:53:6e:4c:
6f:76:91:a8:69:96:b8:9e:3f:19:b0:5f:d2:62:4b:
60:5b:dd:6a:e7:4c:f2:36:ac:cb:33:ba:91:70:61:
0f:c5:79:7d:e8:95:b2:78:bf:95:0c:69:3c:6f:46:
8e:94:e8:29:05:9d:87:c9:85:58:2a:04:4b:e1:fd:
72:17:d0:ba:b3:8b:24:63:1f:c9:2c:51:2f:43:02:
c1:87:94:b5:7b:3d:4d:e5:16:d8:cf:1e:f4:b3:98:
e4:11:3f:a3:58:5f:94:94:f5:b5:68:69:f1:a0:b6:
db:81:03:3b:6c:53:b0:64:a7:fb:78:15:c6:9f:46:
d4:0e:dc:81:ca:fa:10:50:f2:6e:85:28:10:53:94:
69:c5:33:9c:80:16:33:c3:e7:fd:b7:02:52:c1:aa:
a0:dc:ac:5b:0a:e8:f1:a8:b4:9a:95:79:ea:03:a6:
8a:10:35:a6:1d:f2:61:e0:a3:19:a7:a1:ef:02:6a:
cd:73:4a:b8:9b:53:8d:81:7f:3f:05:0f:c8:bf:ea:
db:97:65:30:37:1d:b9:30:2c:f0:4b:39:18:96:24:
26:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C7:5F:3B:74:D6:6F:E2:D3:9E:13:5E:01:2E:0F:42:F1:54:09:94
X509v3 Authority Key Identifier:
keyid:1A:E9:AF:3A:BB:8A:73:EF:26:F9:34:F9:8B:3A:6C:AB:95:17:AC:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/GumvOruKc-8m-TT5izpsq5UXrKY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GumvOruKc-8m-TT5izpsq5UXrKY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/E73AEBC08A7611ED95F68A3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.142.0/23
Signature Algorithm: sha256WithRSAEncryption
88:e1:cc:70:6c:4b:dd:9f:53:43:5e:a7:80:ad:e0:57:23:f6:
3b:25:49:ad:4a:d8:5c:09:ef:e8:63:6f:f6:76:a0:d6:a9:73:
ef:47:d5:2b:ea:d2:e9:a1:11:ea:e4:97:b8:72:19:c3:37:5e:
da:19:dd:6c:dd:de:96:ea:e1:83:7b:90:e3:ad:60:43:7b:3b:
0a:72:22:26:f3:fe:58:52:d4:0d:f4:ca:b1:b4:ed:c3:50:be:
74:50:c3:c1:fe:02:72:2e:8f:0f:49:c4:51:49:f8:c2:44:6b:
26:0b:3b:ac:56:ac:ac:cc:a8:7f:a9:0e:cc:3e:70:99:4a:4c:
5b:b1:bb:98:d6:4f:54:ef:ae:91:d3:12:6f:65:ac:b7:cc:8d:
26:c7:47:1a:8a:72:86:50:31:94:6d:b1:d7:5e:51:2f:67:ed:
ed:de:e2:36:ed:ee:2d:ef:f2:f5:ce:28:4c:34:ee:c5:ff:83:
b0:7c:03:4f:fb:7c:63:05:e9:c8:9c:f5:6a:ab:42:22:11:07:
8a:72:f0:e6:3d:28:cd:25:1e:07:9a:dd:3a:89:cd:e5:df:f6:
c7:2a:85:c0:27:c2:dc:48:38:4d:ca:1f:01:ce:0e:1d:f2:8a:
86:19:18:c2:61:c2:ea:74:78:34:e4:cd:b2:3c:bb:b4:cf:d7:
b0:15:e3:45
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MTk0QzExMC8GA1UEBRMoMUFFOUFGM0FCQjhBNzNFRjI2RjkzNEY5OEIzQTZDQUI5
NTE3QUNBNjAeFw0yMzAxMDIwODI0NDFaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYjI5NGM5LTZiMGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0uxNDaCmbOsd+S7ioFEa/Vzkp/LO2ipcb2FDtr3vho6c3pMb/R1X+ulNuTG92
kahplriePxmwX9JiS2Bb3WrnTPI2rMszupFwYQ/FeX3olbJ4v5UMaTxvRo6U6CkF
nYfJhVgqBEvh/XIX0LqziyRjH8ksUS9DAsGHlLV7PU3lFtjPHvSzmOQRP6NYX5SU
9bVoafGgttuBAztsU7Bkp/t4FcafRtQO3IHK+hBQ8m6FKBBTlGnFM5yAFjPD5/23
AlLBqqDcrFsK6PGotJqVeeoDpooQNaYd8mHgoxmnoe8Cas1zSribU42Bfz8FD8i/
6tuXZTA3HbkwLPBLORiWJCbjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUD8dfO3TW
b+LTnhNeAS4PQvFUCZQwHwYDVR0jBBgwFoAUGumvOruKc+8m+TT5izpsq5UXrKYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxOTRDLzExOUZFQjQ4OEE3
NDExRURCMzIxM0UzREM0RjlBRTAyL0d1bXZPcnVLYy04bS1UVDVpenBzcTVVWHJL
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3Vtdk9ydUtjLThtLVRUNWl6cHNxNVVYcktZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTk0Qy8xMTlGRUI0ODhBNzQxMUVEQjMyMTNFM0RDNEY5QUUwMi9FNzNBRUJDMDhB
NzYxMUVEOTVGNjhBM0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWexjjANBgkqhkiG9w0BAQsFAAOCAQEAiOHMcGxL3Z9TQ16n
gK3gVyP2OyVJrUrYXAnv6GNv9nag1qlz70fVK+rS6aER6uSXuHIZwzde2hndbN3e
lurhg3uQ461gQ3s7CnIiJvP+WFLUDfTKsbTtw1C+dFDDwf4Cci6PD0nEUUn4wkRr
Jgs7rFasrMyof6kOzD5wmUpMW7G7mNZPVO+ukdMSb2Wst8yNJsdHGopyhlAxlG2x
115RL2ft7d7iNu3uLe/y9c4oTDTuxf+DsHwDT/t8YwXpyJz1aqtCIhEHinLw5j0o
zSUeB5rdOonN5d/2xyqFwCfC3Eg4TcofAc4OHfKKhhkYwmHC6nR4NOTNsjy7tM/X
sBXjRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org