Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/E5193D90AB2811EAB2E10A67C4F9AE02.roa
File: E5193D90AB2811EAB2E10A67C4F9AE02.roa (raw, json)
Hash identifier: dYdOvzYaI+VP9QIWvz1PgQRL9Yvcx2V+YvOu/eZDi58=
Subject key identifier: A0:4F:C7:6B:21:00:41:46:5C:39:AC:26:2E:BC:0F:94:43:4A:BA:32
Certificate issuer: /CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Certificate serial: 0846
Authority key identifier: C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/E5193D90AB2811EAB2E10A67C4F9AE02.roa
Signing time: Tue 28 Feb 2023 22:28:41 +0000
ROA not before: Tue 28 Feb 2023 22:28:41 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 7489
IP address blocks: 103.207.68.0/22 maxlen: 22
210.16.120.0/23 maxlen: 24
210.16.122.0/24 maxlen: 24
210.16.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2118 (0x846)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7E45/serialNumber=C4829B6C07FD804DF0925CFFC161C6702807A026
Validity
Not Before: Feb 28 22:28:41 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63fe8019-f821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:de:bb:70:2e:16:42:b0:a1:fa:6a:ec:2f:d6:
41:7e:6d:cd:b4:5f:8c:bc:ea:1a:70:7e:03:31:e0:
9a:74:d9:82:9d:a7:35:1a:4d:c8:04:47:8c:30:b6:
f5:bd:8d:54:fc:07:8a:16:1d:22:0a:43:9a:8a:fd:
8a:1f:a7:d9:1d:a3:75:b9:c3:53:fd:75:7d:46:d6:
06:2f:c8:7c:54:f7:49:ee:30:58:3a:fc:ee:07:95:
d0:3c:48:af:96:57:5f:7d:a2:34:aa:69:29:ea:ad:
5d:54:f3:ba:56:60:12:b6:2c:bc:0b:cf:f7:a9:4e:
be:20:21:07:23:f6:a2:3c:dd:c5:78:94:ed:f3:49:
34:85:ae:35:c9:74:e1:27:a6:e7:1e:0b:ff:57:77:
b9:bf:6c:9c:69:8e:91:fb:56:c6:e7:76:e3:9e:74:
98:d3:64:db:ba:c3:1e:c3:da:13:ba:9c:37:23:1c:
17:19:78:01:4e:fc:1e:19:e3:87:b4:2b:fa:b1:d5:
48:36:20:2c:88:54:b9:64:e7:6e:c6:c5:5c:69:99:
ca:f2:d0:3f:bf:62:f6:87:eb:9e:68:44:0f:b8:43:
af:a2:41:21:92:b6:e6:44:fe:16:bf:b3:e9:4b:02:
87:b8:30:33:cf:11:6f:f5:23:34:70:59:7d:d1:33:
3c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4F:C7:6B:21:00:41:46:5C:39:AC:26:2E:BC:0F:94:43:4A:BA:32
X509v3 Authority Key Identifier:
keyid:C4:82:9B:6C:07:FD:80:4D:F0:92:5C:FF:C1:61:C6:70:28:07:A0:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/xIKbbAf9gE3wklz_wWHGcCgHoCY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIKbbAf9gE3wklz_wWHGcCgHoCY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7E45/06C8563C83D911EAA3124F5CC4F9AE02/E5193D90AB2811EAB2E10A67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.68.0/22
210.16.120.0/22
Signature Algorithm: sha256WithRSAEncryption
83:6a:c9:54:b6:37:59:e9:06:df:5a:89:ab:ea:f7:9b:8d:c6:
69:a2:d9:67:7c:c5:27:bc:ca:bc:1e:98:f5:19:39:fb:ea:84:
0e:69:90:f6:67:84:11:7e:4e:7f:7a:56:c4:67:2b:db:82:fe:
5a:bb:f2:f7:c9:71:32:b1:10:dd:94:23:be:4a:01:4d:9f:25:
23:30:c8:64:5f:ca:83:13:4c:a8:83:01:5d:ce:45:7c:d6:76:
c4:6a:b1:3f:ab:bb:07:46:d7:95:db:41:d1:b6:c2:e6:f1:71:
2c:70:9a:22:b2:b4:3a:bb:c2:fd:58:a8:ef:6b:9e:f6:97:87:
d3:0c:9c:b7:2e:5a:b2:54:21:07:bd:b2:70:23:09:32:b0:09:
a7:8f:17:3b:f0:36:8e:6c:e7:28:e8:38:6c:28:83:6f:ff:88:
08:ae:78:e0:d0:9a:f9:57:31:5b:6e:73:80:88:57:41:9c:68:
ff:b4:18:c8:f5:c0:bc:9f:e8:68:77:ab:ed:49:3a:51:97:a8:
60:de:83:72:62:f4:40:cd:e1:c3:48:9f:ea:93:5c:ab:2d:b6:
70:f6:14:84:1e:46:2d:7c:9d:69:2e:87:68:7e:27:65:45:3b:
6f:1a:22:a8:f7:74:c1:22:d3:d1:af:06:9f:11:84:39:3e:f2:
20:b9:46:d3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdFNDUxMTAvBgNVBAUTKEM0ODI5QjZDMDdGRDgwNERGMDkyNUNGRkMxNjFDNjcw
MjgwN0EwMjYwHhcNMjMwMjI4MjIyODQxWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZlODAxOS1mODIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0d67cC4WQrCh+mrsL9ZBfm3NtF+MvOoacH4DMeCadNmCnac1Gk3IBEeMMLb1
vY1U/AeKFh0iCkOaiv2KH6fZHaN1ucNT/XV9RtYGL8h8VPdJ7jBYOvzuB5XQPEiv
lldffaI0qmkp6q1dVPO6VmAStiy8C8/3qU6+ICEHI/aiPN3FeJTt80k0ha41yXTh
J6bnHgv/V3e5v2ycaY6R+1bG53bjnnSY02TbusMew9oTupw3IxwXGXgBTvweGeOH
tCv6sdVINiAsiFS5ZOduxsVcaZnK8tA/v2L2h+ueaEQPuEOvokEhkrbmRP4Wv7Pp
SwKHuDAzzxFv9SM0cFl90TM81QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKBPx2sh
AEFGXDmsJi68D5RDSroyMB8GA1UdIwQYMBaAFMSCm2wH/YBN8JJc/8FhxnAoB6Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0U0NS8wNkM4NTYzQzgz
RDkxMUVBQTMxMjRGNUNDNEY5QUUwMi94SUtiYkFmOWdFM3drbHpfd1dIR2NDZ0hv
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hJS2JiQWY5Z0Uzd2tsel93V0hHY0NnSG9DWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdFNDUvMDZDODU2M0M4M0Q5MTFFQUEzMTI0RjVDQzRGOUFFMDIvRTUxOTNEOTBB
QjI4MTFFQUIyRTEwQTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnz0QDBALSEHgwDQYJKoZIhvcNAQELBQADggEBAINqyVS2
N1npBt9aiavq95uNxmmi2Wd8xSe8yrwemPUZOfvqhA5pkPZnhBF+Tn96VsRnK9uC
/lq78vfJcTKxEN2UI75KAU2fJSMwyGRfyoMTTKiDAV3ORXzWdsRqsT+ruwdG15Xb
QdG2wubxcSxwmiKytDq7wv1YqO9rnvaXh9MMnLcuWrJUIQe9snAjCTKwCaePFzvw
No5s5yjoOGwog2//iAiueODQmvlXMVtuc4CIV0GcaP+0GMj1wLyf6Gh3q+1JOlGX
qGDeg3Ji9EDN4cNIn+qTXKsttnD2FIQeRi18nWkuh2h+J2VFO28aIqj3dMEi09Gv
Bp8RhDk+8iC5RtM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org