Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/4B12E1640E2311EDB690EE6FC4F9AE02.roa
File: 4B12E1640E2311EDB690EE6FC4F9AE02.roa (raw, json)
Hash identifier: /1kA8pXB7MXohs/f2pTQD+3juzC/mqyDPGckiWL1bZg=
Subject key identifier: 80:B5:A5:9F:97:65:4E:79:76:1C:C5:57:5E:59:4D:DE:95:B8:C8:06
Certificate issuer: /CN=A91E30BC/serialNumber=8D120AE17B91ADB0F6A2E59E4EA4EA4D1744C8DB
Certificate serial: 02
Authority key identifier: 8D:12:0A:E1:7B:91:AD:B0:F6:A2:E5:9E:4E:A4:EA:4D:17:44:C8:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jRIK4XuRrbD2ouWeTqTqTRdEyNs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/4B12E1640E2311EDB690EE6FC4F9AE02.roa
Signing time: Thu 28 Jul 2022 03:13:47 +0000
ROA not before: Thu 28 Jul 2022 03:13:47 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 150144
IP address blocks: 103.6.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E30BC/serialNumber=8D120AE17B91ADB0F6A2E59E4EA4EA4D1744C8DB
Validity
Not Before: Jul 28 03:13:47 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=62e1feea-0b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:cd:43:03:e4:c7:0b:2a:d9:ec:bb:78:2c:
d7:33:e9:62:fe:c8:69:7d:32:4e:a9:10:fa:7d:b1:
a1:93:83:b4:2f:08:77:1c:2e:d4:97:07:33:53:1f:
d2:88:ea:92:39:fb:04:9c:97:69:5f:cb:7d:f0:bb:
cc:f4:fc:a0:61:4b:07:ba:ce:23:b0:bc:db:0f:82:
32:20:2b:68:8d:e8:2a:7c:05:f2:b9:6e:44:db:dc:
93:11:4b:c5:39:72:e2:e5:82:b3:dc:97:50:02:15:
a6:58:84:0c:2b:c5:fb:5e:35:9c:aa:00:10:14:3f:
87:aa:c1:9b:9b:d7:90:3b:69:34:73:b2:82:f2:fe:
ad:be:7a:fa:57:d2:77:ce:00:b3:48:dd:bc:09:07:
9f:f9:1c:62:c3:62:5b:74:d8:b6:fe:33:25:7d:05:
51:41:27:4d:9f:36:c6:38:b8:19:f6:19:e8:02:ed:
28:52:b1:9b:67:ae:bb:ae:2e:b6:26:c1:32:6b:d7:
23:ac:d9:00:27:af:a1:f8:32:9c:7e:44:67:63:31:
7d:92:23:87:23:20:b0:b6:80:0d:65:70:09:a6:f9:
63:fc:4b:a0:29:94:5e:97:2e:b3:9f:38:2b:33:0d:
81:2b:f7:87:5c:8c:1d:79:9e:98:0b:d6:49:41:ef:
80:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B5:A5:9F:97:65:4E:79:76:1C:C5:57:5E:59:4D:DE:95:B8:C8:06
X509v3 Authority Key Identifier:
keyid:8D:12:0A:E1:7B:91:AD:B0:F6:A2:E5:9E:4E:A4:EA:4D:17:44:C8:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/jRIK4XuRrbD2ouWeTqTqTRdEyNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jRIK4XuRrbD2ouWeTqTqTRdEyNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E30BC/3857DEF20E1F11ED853AF565C4F9AE02/4B12E1640E2311EDB690EE6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:31:99:6b:29:0c:b2:e8:ca:07:5d:9e:8c:2e:2a:98:4d:eb:
19:bd:ca:ac:43:c0:f0:f3:b5:fa:ff:75:cc:00:2c:6b:c3:cb:
0a:b6:76:2a:b3:e9:15:77:d4:d9:7c:b8:01:de:7f:de:59:f2:
34:fb:54:63:04:b3:49:ba:80:6a:7f:ac:31:7a:c1:4a:de:2f:
6c:6f:2b:ee:83:33:b6:c6:ce:b2:75:c9:3c:3c:b6:69:7e:b1:
27:2d:ea:82:be:a3:c9:8c:f5:44:f6:78:14:60:4e:2e:39:80:
98:ac:bf:9f:4a:64:37:df:9d:e0:04:6f:d8:ce:26:f1:0a:b4:
7f:10:d7:42:fd:94:65:40:7a:00:62:8c:08:a5:51:60:ec:86:
e3:18:df:34:7b:1e:f3:19:48:a2:8a:87:a5:2c:96:f0:2d:78:
fb:a9:0d:fd:6c:5e:e7:9d:8a:ad:38:b4:b0:90:0b:f9:ad:f1:
7a:3b:ad:9a:02:bd:c9:28:c6:2b:7b:a4:6f:73:2e:25:28:41:
e8:6d:81:29:f9:d8:ee:f7:2c:2b:e7:63:64:a6:07:37:7f:6f:
1f:fd:40:25:21:92:b7:45:4c:ef:5e:5b:a7:c5:95:5f:b0:b4:
d1:77:04:4c:b4:71:8d:f1:bd:1e:00:18:bb:f3:79:12:0f:d0:
9d:15:62:05
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MzBCQzExMC8GA1UEBRMoOEQxMjBBRTE3QjkxQURCMEY2QTJFNTlFNEVBNEVBNEQx
NzQ0QzhEQjAeFw0yMjA3MjgwMzEzNDdaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZTFmZWVhLTBiMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9Y81DA+THCyrZ7Lt4LNcz6WL+yGl9Mk6pEPp9saGTg7QvCHccLtSXBzNTH9KI
6pI5+wScl2lfy33wu8z0/KBhSwe6ziOwvNsPgjIgK2iN6Cp8BfK5bkTb3JMRS8U5
cuLlgrPcl1ACFaZYhAwrxfteNZyqABAUP4eqwZub15A7aTRzsoLy/q2+evpX0nfO
ALNI3bwJB5/5HGLDYlt02Lb+MyV9BVFBJ02fNsY4uBn2GegC7ShSsZtnrruuLrYm
wTJr1yOs2QAnr6H4Mpx+RGdjMX2SI4cjILC2gA1lcAmm+WP8S6AplF6XLrOfOCsz
DYEr94dcjB15npgL1klB74CVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgLWln5dl
Tnl2HMVXXllN3pW4yAYwHwYDVR0jBBgwFoAUjRIK4XuRrbD2ouWeTqTqTRdEyNsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzMEJDLzM4NTdERUYyMEUx
RjExRUQ4NTNBRjU2NUM0RjlBRTAyL2pSSUs0WHVScmJEMm91V2VUcVRxVFJkRXlO
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvalJJSzRYdVJyYkQyb3VXZVRxVHFUUmRFeU5zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MzBCQy8zODU3REVGMjBFMUYxMUVEODUzQUY1NjVDNEY5QUUwMi80QjEyRTE2NDBF
MjMxMUVEQjY5MEVFNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcGdzANBgkqhkiG9w0BAQsFAAOCAQEATjGZaykMsujKB12e
jC4qmE3rGb3KrEPA8PO1+v91zAAsa8PLCrZ2KrPpFXfU2Xy4Ad5/3lnyNPtUYwSz
SbqAan+sMXrBSt4vbG8r7oMztsbOsnXJPDy2aX6xJy3qgr6jyYz1RPZ4FGBOLjmA
mKy/n0pkN9+d4ARv2M4m8Qq0fxDXQv2UZUB6AGKMCKVRYOyG4xjfNHse8xlIooqH
pSyW8C14+6kN/Wxe552KrTi0sJAL+a3xejutmgK9ySjGK3ukb3MuJShB6G2BKfnY
7vcsK+djZKYHN39vH/1AJSGSt0VM715bp8WVX7C00XcETLRxjfG9HgAYu/N5Eg/Q
nRViBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org