Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/0D6ECD20FCD011EAA93EF380C4F9AE02.roa
File: 0D6ECD20FCD011EAA93EF380C4F9AE02.roa (raw, json)
Hash identifier: sucGXCv0YJe6bJfOttB3Sww3dpxE2bgopuOLJOSehZ4=
Subject key identifier: 8C:16:42:EA:67:79:ED:C2:E1:9E:42:21:5E:24:7F:0C:5F:56:94:CA
Certificate issuer: /CN=A91D8100/serialNumber=2BDF5CB3228BEC873ECEE75D6758354653823492
Certificate serial: 02B0
Authority key identifier: 2B:DF:5C:B3:22:8B:EC:87:3E:CE:E7:5D:67:58:35:46:53:82:34:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K99csyKL7Ic-zuddZ1g1RlOCNJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/0D6ECD20FCD011EAA93EF380C4F9AE02.roa
Signing time: Tue 31 Aug 2021 12:29:54 +0000
ROA not before: Tue 31 Aug 2021 12:29:54 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 140930
IP address blocks: 103.153.154.0/23 maxlen: 24
2406:4740::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 688 (0x2b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D8100/serialNumber=2BDF5CB3228BEC873ECEE75D6758354653823492
Validity
Not Before: Aug 31 12:29:54 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=612e20c2-eb34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:87:44:ba:94:a4:2f:67:83:44:49:b3:4e:35:
69:6c:09:bc:3f:ca:34:48:78:f1:56:ae:58:29:87:
45:cf:c9:5a:b3:9d:ce:a9:04:9a:a5:0b:88:82:7f:
b5:05:ad:ec:1b:b5:1e:30:1e:a4:62:13:0c:b1:ad:
53:3e:c5:30:d2:72:80:2e:93:0d:66:74:1b:12:60:
b5:46:bd:1c:32:19:90:26:b6:a6:91:53:27:76:1e:
e6:7a:b2:39:ca:d6:7b:80:fc:31:42:2c:33:eb:20:
4c:f8:14:67:57:fe:1d:6c:a7:b9:ca:e4:c1:19:e0:
5b:5e:17:77:16:9d:6f:7f:ec:b9:58:72:66:9a:3b:
d5:e2:87:ae:ef:b5:a8:fc:48:bd:83:b8:7d:45:b7:
b2:65:43:8f:cd:fd:d8:ed:b5:8e:49:06:0a:fd:13:
d2:ec:82:1c:2d:49:cb:2c:7a:95:79:fd:9c:30:df:
5e:6d:0a:14:9b:b6:87:74:cf:38:32:8e:e2:60:7e:
5c:15:d4:75:34:9f:43:91:50:30:46:69:9f:9c:f4:
b6:61:78:9c:74:10:87:ff:e3:d8:47:5a:5f:00:ea:
9a:58:2e:2d:2d:70:c6:89:8e:a0:3b:b8:3d:9d:af:
46:5d:88:cb:ea:b3:1a:6f:86:32:c6:1f:ee:00:1b:
2f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:16:42:EA:67:79:ED:C2:E1:9E:42:21:5E:24:7F:0C:5F:56:94:CA
X509v3 Authority Key Identifier:
keyid:2B:DF:5C:B3:22:8B:EC:87:3E:CE:E7:5D:67:58:35:46:53:82:34:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/K99csyKL7Ic-zuddZ1g1RlOCNJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K99csyKL7Ic-zuddZ1g1RlOCNJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8100/AAC72E0CFCCE11EA8C19D87FC4F9AE02/0D6ECD20FCD011EAA93EF380C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.154.0/23
IPv6:
2406:4740::/32
Signature Algorithm: sha256WithRSAEncryption
ab:84:7f:05:d1:7d:ff:26:e5:64:bd:a4:91:c0:a2:86:97:d8:
2b:41:8b:3a:18:96:89:36:f4:86:c0:59:ff:a8:35:c2:39:ec:
6b:9f:1e:fa:4e:3e:58:3a:30:ec:1b:c2:73:f1:50:09:58:e4:
d8:91:29:da:43:da:ee:cf:68:37:d4:04:2c:c5:9c:97:4a:53:
d7:36:b4:81:76:a2:52:f6:6b:3c:54:4c:ca:71:ce:5b:04:7c:
e4:37:52:9c:36:4e:aa:a5:f4:2f:d4:6c:c3:bb:46:13:6c:ce:
65:d5:54:21:a9:c2:5e:a7:a8:29:5f:9e:29:8c:a9:e5:a6:56:
1c:6f:36:76:96:e9:81:27:2d:f4:81:f8:87:69:34:ff:0d:88:
b6:8b:4d:f9:fd:24:db:8d:33:3f:82:52:78:9a:36:0d:dc:35:
32:7f:d4:5f:94:72:b0:f9:39:7c:4d:08:cb:74:12:94:45:1f:
81:b8:04:80:8b:75:df:cf:09:59:01:c7:39:7a:ce:5a:34:6f:
7e:7b:a1:83:bf:b1:c8:55:f3:cf:7a:79:7c:0c:0f:5b:e5:64:
47:22:a1:4d:cb:21:59:a1:21:03:63:95:6c:f9:56:e7:12:5b:
1a:c4:0f:3f:01:97:8b:27:ae:14:ae:24:39:6a:bc:0d:36:b8:
c6:2a:d6:97
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICArAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDgxMDAxMTAvBgNVBAUTKDJCREY1Q0IzMjI4QkVDODczRUNFRTc1RDY3NTgzNTQ2
NTM4MjM0OTIwHhcNMjEwODMxMTIyOTU0WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTJlMjBjMi1lYjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+IdEupSkL2eDREmzTjVpbAm8P8o0SHjxVq5YKYdFz8las53OqQSapQuIgn+1
Ba3sG7UeMB6kYhMMsa1TPsUw0nKALpMNZnQbEmC1Rr0cMhmQJramkVMndh7merI5
ytZ7gPwxQiwz6yBM+BRnV/4dbKe5yuTBGeBbXhd3Fp1vf+y5WHJmmjvV4oeu77Wo
/Ei9g7h9RbeyZUOPzf3Y7bWOSQYK/RPS7IIcLUnLLHqVef2cMN9ebQoUm7aHdM84
Mo7iYH5cFdR1NJ9DkVAwRmmfnPS2YXicdBCH/+PYR1pfAOqaWC4tLXDGiY6gO7g9
na9GXYjL6rMab4Yyxh/uABsvOQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIwWQupn
ee3C4Z5CIV4kfwxfVpTKMB8GA1UdIwQYMBaAFCvfXLMii+yHPs7nXWdYNUZTgjSS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODEwMC9BQUM3MkUwQ0ZD
Q0UxMUVBOEMxOUQ4N0ZDNEY5QUUwMi9LOTljc3lLTDdJYy16dWRkWjFnMVJsT0NO
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0s5OWNzeUtMN0ljLXp1ZGRaMWcxUmxPQ05KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDgxMDAvQUFDNzJFMENGQ0NFMTFFQThDMTlEODdGQzRGOUFFMDIvMEQ2RUNEMjBG
Q0QwMTFFQUE5M0VGMzgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnmZowDQQCAAIwBwMFACQGR0AwDQYJKoZIhvcNAQELBQAD
ggEBAKuEfwXRff8m5WS9pJHAooaX2CtBizoYlok29IbAWf+oNcI57GufHvpOPlg6
MOwbwnPxUAlY5NiRKdpD2u7PaDfUBCzFnJdKU9c2tIF2olL2azxUTMpxzlsEfOQ3
Upw2Tqql9C/UbMO7RhNszmXVVCGpwl6nqClfnimMqeWmVhxvNnaW6YEnLfSB+Idp
NP8NiLaLTfn9JNuNMz+CUniaNg3cNTJ/1F+UcrD5OXxNCMt0EpRFH4G4BICLdd/P
CVkBxzl6zlo0b357oYO/schV8896eXwMD1vlZEcioU3LIVmhIQNjlWz5VucSWxrE
Dz8Bl4snrhSuJDlqvA02uMYq1pc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:10 2023 by rpki-client on console-fra.rpki-client.org