Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9509/274ED15E601A11EDB7416B6CC4F9AE02/D2E21240601C11ED97B8AA6DC4F9AE02.roa
File: D2E21240601C11ED97B8AA6DC4F9AE02.roa (raw, json)
Hash identifier: 6WHtBEHnuhMbMCQ9oX3b2JaB3/4epBbSw2lZqsCH87g=
Subject key identifier: 65:21:A0:FC:00:AC:12:B9:3F:57:86:C9:DB:DB:5B:82:13:9E:91:72
Certificate issuer: /CN=A91E9509/serialNumber=51BEA3609429D91B1C4E4022DA68BD643C33C3FB
Certificate serial: 02
Authority key identifier: 51:BE:A3:60:94:29:D9:1B:1C:4E:40:22:DA:68:BD:64:3C:33:C3:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ub6jYJQp2RscTkAi2mi9ZDwzw_s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E9509/274ED15E601A11EDB7416B6CC4F9AE02/D2E21240601C11ED97B8AA6DC4F9AE02.roa
Signing time: Wed 09 Nov 2022 10:54:03 +0000
ROA not before: Wed 09 Nov 2022 10:54:03 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 150302
IP address blocks: 103.217.98.0/24 maxlen: 24
103.217.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E9509/serialNumber=51BEA3609429D91B1C4E4022DA68BD643C33C3FB
Validity
Not Before: Nov 9 10:54:03 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=636b86cb-6681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2a:d0:95:55:f2:c3:32:2c:06:d8:1c:e2:39:
bf:8c:aa:8f:ae:4f:43:3e:8a:e3:e8:cb:9f:fd:85:
3c:c2:68:5a:f2:2a:b6:39:1e:47:64:51:b1:2a:9d:
21:ef:1c:c7:4f:19:f4:d1:93:26:15:e8:27:4d:c9:
9b:6c:3d:2a:0e:6a:0a:b2:6b:5d:ce:de:7e:42:3e:
7d:9c:bf:82:03:6c:22:9e:64:a9:62:e9:53:31:d1:
20:31:f2:9a:a0:60:94:8c:90:d0:2c:a5:98:5d:3c:
3e:a5:c0:08:b9:dd:83:61:f3:fa:cc:42:82:fc:c5:
a0:20:fa:8b:21:25:46:78:86:43:91:a6:b4:63:1b:
91:14:bc:30:24:0a:e5:bf:1e:6f:fb:60:33:1e:20:
05:e4:d2:8f:ba:32:61:9a:9c:c0:16:01:20:e1:d8:
50:02:f0:4c:d4:53:33:de:28:c6:da:de:37:92:84:
3d:a6:0e:c3:20:8a:3c:b1:59:ae:1d:90:95:f6:35:
de:8d:0f:c5:e5:eb:33:ef:ba:2e:42:10:f6:60:99:
b0:60:83:cf:c7:78:9e:88:25:e4:09:15:f4:67:5d:
14:0b:8e:9c:8c:36:f5:31:46:6e:be:57:c9:7e:45:
30:2c:c4:f3:9c:9a:b6:5d:10:7f:ca:f6:e5:a5:a6:
2c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:21:A0:FC:00:AC:12:B9:3F:57:86:C9:DB:DB:5B:82:13:9E:91:72
X509v3 Authority Key Identifier:
keyid:51:BE:A3:60:94:29:D9:1B:1C:4E:40:22:DA:68:BD:64:3C:33:C3:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E9509/274ED15E601A11EDB7416B6CC4F9AE02/Ub6jYJQp2RscTkAi2mi9ZDwzw_s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ub6jYJQp2RscTkAi2mi9ZDwzw_s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9509/274ED15E601A11EDB7416B6CC4F9AE02/D2E21240601C11ED97B8AA6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.217.98.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:c3:8d:b5:c9:78:9e:07:1a:5d:0c:e5:68:b3:d0:82:7d:5b:
4b:cd:71:ed:e3:0d:45:77:1b:6b:99:0e:ac:a3:f7:9b:c7:54:
67:b6:60:3c:1a:41:6b:5d:41:d8:e1:5b:da:e3:a7:1d:47:59:
87:53:e6:a6:80:d0:46:6b:ac:f1:49:31:8e:6c:87:25:7f:59:
36:64:8f:36:68:25:f9:77:65:81:39:7f:96:48:21:09:0d:93:
12:8e:72:46:b0:f7:a1:ce:94:6d:e9:7f:bd:6f:c1:59:f2:bc:
49:b9:9a:ba:0d:a0:b5:6f:83:9d:b6:7d:9a:20:af:ea:41:9f:
cd:3c:51:4a:b9:83:67:a4:ab:0d:76:96:18:0c:fa:f8:61:3a:
db:d5:c1:75:0a:a4:07:12:a2:a5:39:87:64:20:e5:0d:29:cf:
ed:b8:d9:fc:b4:af:63:da:4e:56:7e:d0:3c:15:e6:95:e4:36:
13:86:a1:32:ce:ba:92:06:a7:89:8f:07:51:8f:69:59:da:4c:
95:6c:8a:ee:b5:76:cd:c9:a6:f2:8a:02:e8:4d:37:ce:c1:30:
ea:9d:a2:d9:71:7f:23:71:ec:87:8d:44:1b:7b:d9:91:17:a4:
19:b0:4e:00:3e:7f:a9:87:14:43:f9:fb:dd:de:82:5d:10:26:
cc:df:29:db
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OTUwOTExMC8GA1UEBRMoNTFCRUEzNjA5NDI5RDkxQjFDNEU0MDIyREE2OEJENjQz
QzMzQzNGQjAeFw0yMjExMDkxMDU0MDNaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNmI4NmNiLTY2ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7KtCVVfLDMiwG2BziOb+Mqo+uT0M+iuPoy5/9hTzCaFryKrY5HkdkUbEqnSHv
HMdPGfTRkyYV6CdNyZtsPSoOagqya13O3n5CPn2cv4IDbCKeZKli6VMx0SAx8pqg
YJSMkNAspZhdPD6lwAi53YNh8/rMQoL8xaAg+oshJUZ4hkORprRjG5EUvDAkCuW/
Hm/7YDMeIAXk0o+6MmGanMAWASDh2FAC8EzUUzPeKMba3jeShD2mDsMgijyxWa4d
kJX2Nd6ND8Xl6zPvui5CEPZgmbBgg8/HeJ6IJeQJFfRnXRQLjpyMNvUxRm6+V8l+
RTAsxPOcmrZdEH/K9uWlpizRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZSGg/ACs
Erk/V4bJ29tbghOekXIwHwYDVR0jBBgwFoAUUb6jYJQp2RscTkAi2mi9ZDwzw/sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5NTA5LzI3NEVEMTVFNjAx
QTExRURCNzQxNkI2Q0M0RjlBRTAyL1ViNmpZSlFwMlJzY1RrQWkybWk5WkR3endf
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWI2allKUXAyUnNjVGtBaTJtaTlaRHd6d19zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OTUwOS8yNzRFRDE1RTYwMUExMUVEQjc0MTZCNkNDNEY5QUUwMi9EMkUyMTI0MDYw
MUMxMUVEOTdCOEFBNkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWfZYjANBgkqhkiG9w0BAQsFAAOCAQEAoMONtcl4ngcaXQzl
aLPQgn1bS81x7eMNRXcba5kOrKP3m8dUZ7ZgPBpBa11B2OFb2uOnHUdZh1PmpoDQ
Rmus8UkxjmyHJX9ZNmSPNmgl+XdlgTl/lkghCQ2TEo5yRrD3oc6Ubel/vW/BWfK8
Sbmaug2gtW+DnbZ9miCv6kGfzTxRSrmDZ6SrDXaWGAz6+GE629XBdQqkBxKipTmH
ZCDlDSnP7bjZ/LSvY9pOVn7QPBXmleQ2E4ahMs66kganiY8HUY9pWdpMlWyK7rV2
zcmm8ooC6E03zsEw6p2i2XF/I3Hsh41EG3vZkRekGbBOAD5/qYcUQ/n73d6CXRAm
zN8p2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org