Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/3FB8D2F629D611ECBA764231C4F9AE02.roa
File: 3FB8D2F629D611ECBA764231C4F9AE02.roa (raw, json)
Hash identifier: RrCUTBaUgv1C5S0l+eCmQxSN6tPbqjYX26aFav1P9OQ=
Subject key identifier: D2:FF:91:70:68:2A:C2:E6:8A:30:C3:E8:4E:7C:D8:89:FD:64:34:C3
Certificate issuer: /CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Certificate serial: 0647
Authority key identifier: C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/3FB8D2F629D611ECBA764231C4F9AE02.roa
Signing time: Mon 07 Mar 2022 10:28:20 +0000
ROA not before: Mon 07 Mar 2022 10:28:20 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 138219
IP address blocks: 103.207.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1607 (0x647)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Validity
Not Before: Mar 7 10:28:20 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6225de44-d5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:96:04:39:09:82:28:36:5d:5d:9f:71:51:bc:
d2:f4:cc:bf:ec:7d:56:01:35:92:3b:45:f4:64:af:
ad:25:39:20:af:2f:4c:c3:dd:e4:88:d3:2b:a5:7c:
a4:ec:42:8b:3c:fe:ff:56:04:d9:de:7a:21:5a:c1:
88:e3:a7:eb:e5:90:87:a9:99:c2:6b:ef:02:0e:a0:
71:34:35:1a:3b:05:7b:b5:82:39:bb:e2:c9:dc:1b:
2b:e4:59:c5:9f:b5:02:70:3c:ed:ec:79:1e:ee:37:
5d:be:01:58:d7:60:ff:ea:77:92:85:b4:80:0e:54:
f7:78:c0:5f:b5:cc:b2:90:e1:35:42:79:fc:be:91:
ce:23:dc:5e:52:96:15:fd:8e:73:4d:0d:66:1c:f1:
c8:73:a7:69:89:61:e4:a3:3d:c9:cc:9e:15:ab:57:
f7:4c:7e:c8:b2:45:cf:4a:4e:ee:eb:5e:ce:00:39:
05:9f:c6:23:76:61:c3:44:2a:9e:dd:a2:0a:19:06:
29:9c:4e:a8:06:34:4b:f3:a4:e8:9e:3d:d8:a5:31:
ee:af:da:da:79:94:18:49:69:35:d1:86:ac:7d:67:
50:fa:22:67:a4:bd:b8:63:c2:44:2f:14:b4:96:6a:
ff:19:97:f6:ea:0b:43:bb:18:64:81:61:0a:b4:fa:
70:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FF:91:70:68:2A:C2:E6:8A:30:C3:E8:4E:7C:D8:89:FD:64:34:C3
X509v3 Authority Key Identifier:
keyid:C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/xIKbbAf9gE3wklz_wWHGcCgHoCY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/3FB8D2F629D611ECBA764231C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.69.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7b:88:93:60:43:98:1b:8c:43:1a:c2:7e:66:d6:5b:86:a8:
60:d1:a3:18:36:af:49:a1:81:d6:c2:0c:4d:72:ab:c7:d4:8b:
4d:48:e4:5a:1a:d6:44:77:b2:19:b2:35:fa:f2:42:25:e7:57:
8a:24:fb:92:6c:34:35:5f:b1:7e:54:e9:16:93:5e:42:98:7f:
02:29:72:b4:db:9e:fa:ba:f3:dc:53:7b:a6:ac:76:59:a6:87:
97:0e:7e:34:a2:ed:13:1b:89:ac:29:34:0f:31:cc:62:04:86:
53:13:f8:3a:fc:b7:dc:99:56:78:2b:7f:33:4d:1e:a9:64:ee:
1b:9c:b4:26:6b:6f:f2:b5:28:2c:6b:bf:f5:fc:9f:c4:d1:8a:
03:c3:e4:64:29:f3:28:57:d4:a5:f7:6f:2b:e1:98:85:06:a1:
72:7a:b8:46:56:86:52:fe:b7:24:f5:e6:e8:ef:14:20:0a:32:
e3:e0:00:45:af:06:55:9a:ad:34:59:65:4f:fc:76:75:4e:22:
ba:00:36:74:fe:1b:37:7e:31:bf:33:86:26:ac:b8:31:eb:ff:
b3:32:96:2d:9e:b1:01:b2:38:58:4f:b6:b4:6d:1e:b7:e4:73:
e9:50:15:5f:03:30:39:95:ae:d6:40:4b:c4:e6:91:c4:ec:5c:
9e:e8:18:8a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdFNDUxMTAvBgNVBAUTKEM0ODI5QjZDMDdGRDgwNERGMDkyNUNGRkMxNjFDNjcw
MjgwN0EwMjYwHhcNMjIwMzA3MTAyODIwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI1ZGU0NC1kNWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ZYEOQmCKDZdXZ9xUbzS9My/7H1WATWSO0X0ZK+tJTkgry9Mw93kiNMrpXyk
7EKLPP7/VgTZ3nohWsGI46fr5ZCHqZnCa+8CDqBxNDUaOwV7tYI5u+LJ3Bsr5FnF
n7UCcDzt7Hke7jddvgFY12D/6neShbSADlT3eMBftcyykOE1Qnn8vpHOI9xeUpYV
/Y5zTQ1mHPHIc6dpiWHkoz3JzJ4Vq1f3TH7IskXPSk7u617OADkFn8YjdmHDRCqe
3aIKGQYpnE6oBjRL86Tonj3YpTHur9raeZQYSWk10YasfWdQ+iJnpL24Y8JELxS0
lmr/GZf26gtDuxhkgWEKtPpwgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNL/kXBo
KsLmijDD6E582In9ZDTDMB8GA1UdIwQYMBaAFMSCm2wH/YBN8JJc/8FhxnAoB6Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0U0NS8wNkM4NTYzQzgz
RDkxMUVBQTMxMjRGNUNDNEY5QUUwMi94SUtiYkFmOWdFM3drbHpfd1dIR2NDZ0hv
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hJS2JiQWY5Z0Uzd2tsel93V0hHY0NnSG9DWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdFNDUvMDZDODU2M0M4M0Q5MTFFQUEzMTI0RjVDQzRGOUFFMDIvM0ZCOEQyRjYy
OUQ2MTFFQ0JBNzY0MjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnz0UwDQYJKoZIhvcNAQELBQADggEBAHR7iJNgQ5gbjEMa
wn5m1luGqGDRoxg2r0mhgdbCDE1yq8fUi01I5Foa1kR3shmyNfryQiXnV4ok+5Js
NDVfsX5U6RaTXkKYfwIpcrTbnvq689xTe6asdlmmh5cOfjSi7RMbiawpNA8xzGIE
hlMT+Dr8t9yZVngrfzNNHqlk7huctCZrb/K1KCxrv/X8n8TRigPD5GQp8yhX1KX3
byvhmIUGoXJ6uEZWhlL+tyT15ujvFCAKMuPgAEWvBlWarTRZZU/8dnVOIroANnT+
Gzd+Mb8zhiasuDHr/7Myli2esQGyOFhPtrRtHrfkc+lQFV8DMDmVrtZAS8TmkcTs
XJ7oGIo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org