Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/C0C23F2AB28011EDA97AFC86C4F9AE02.roa
File: C0C23F2AB28011EDA97AFC86C4F9AE02.roa (raw, json)
Hash identifier: J99eNGVqq8ibA+tjDvk+gx6dytpP/AXQf987XRszN3Y=
Subject key identifier: 03:71:2D:D3:24:9C:A9:CA:6D:C5:63:EB:41:3C:5E:1F:97:B8:F4:A1
Certificate issuer: /CN=A91EA723/serialNumber=B90422559B58C4DAA89F224D49C71FF44F9BCA34
Certificate serial: 02
Authority key identifier: B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/C0C23F2AB28011EDA97AFC86C4F9AE02.roa
Signing time: Wed 22 Feb 2023 07:15:58 +0000
ROA not before: Wed 22 Feb 2023 07:15:58 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 134785
IP address blocks: 103.93.32.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA723/serialNumber=B90422559B58C4DAA89F224D49C71FF44F9BCA34
Validity
Not Before: Feb 22 07:15:58 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=63f5c12e-4e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fb:1f:2f:41:0c:3c:02:ba:5d:3f:bc:00:f2:
14:73:e1:59:09:b0:23:68:0c:39:56:eb:c0:16:1f:
80:75:56:3f:e0:c9:b6:b2:22:67:98:8f:5a:2b:a8:
12:11:e6:01:f0:de:7b:57:9e:24:2d:e1:a5:f1:89:
44:3a:4b:0c:9c:b9:e3:ba:eb:4c:ea:f2:89:13:18:
ae:6b:e0:e0:39:99:77:b4:59:43:3f:ac:7f:cc:d1:
4a:76:e8:c7:6b:17:4a:c2:2b:b7:f4:0a:77:3c:b2:
65:8c:a9:a1:0c:d6:82:8d:fe:76:77:2e:0e:55:49:
fc:06:1e:ca:42:b3:7e:3f:f1:f1:31:fb:3d:ce:d6:
5b:8c:a6:fb:e8:25:b9:4e:40:5d:71:8e:b7:bb:4e:
bd:e4:b6:26:9b:9e:64:72:30:d3:59:5d:12:99:d2:
f3:14:7d:43:b8:46:59:cd:ea:69:c1:2a:da:60:fd:
08:d3:2c:a1:38:d4:80:49:bb:f4:81:f1:fa:18:67:
5f:7d:92:65:e9:60:b4:af:ff:35:ed:c2:90:8a:97:
f8:44:9e:6e:f6:0d:5e:d6:8b:0d:9c:41:1d:fa:f3:
37:06:fa:a8:a0:5f:36:12:5c:8a:7d:26:67:67:60:
01:de:3d:f5:72:19:d9:05:3e:fe:7b:7f:09:21:04:
d3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:71:2D:D3:24:9C:A9:CA:6D:C5:63:EB:41:3C:5E:1F:97:B8:F4:A1
X509v3 Authority Key Identifier:
keyid:B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/uQQiVZtYxNqonyJNSccf9E-byjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/C0C23F2AB28011EDA97AFC86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.32.0/23
Signature Algorithm: sha256WithRSAEncryption
11:0e:3e:04:78:2c:81:da:5c:b1:42:88:c5:b5:03:7a:44:38:
c6:50:45:ee:e2:02:e6:a0:ae:c6:8c:a4:d9:a1:29:21:4c:bc:
5c:6b:13:03:7c:92:dd:da:bd:cc:33:74:95:4c:44:b1:3b:b5:
d1:35:72:fd:ea:57:5a:43:b8:4f:58:f3:71:34:b0:89:01:ea:
b5:6f:03:da:87:3e:61:1e:d1:ed:7d:19:5b:23:1f:8c:99:80:
0c:23:75:2e:24:8c:4a:6f:e3:7c:ed:8e:1f:12:64:96:d3:cb:
92:1d:bc:aa:76:6d:f0:03:90:4d:5c:be:6e:60:90:33:5c:a6:
af:1a:19:15:6b:58:bd:7c:08:2a:bf:07:fd:56:83:b6:e0:78:
38:15:cd:07:77:74:34:5a:f9:63:eb:14:c8:44:c4:83:c0:10:
e4:02:59:c8:fb:97:94:8b:63:d0:fe:f3:07:26:b3:65:30:61:
65:b1:c1:78:99:b3:ad:05:14:fd:1d:51:1e:5d:22:bc:27:8c:
e7:f1:cb:5a:1d:95:a5:7f:b0:a4:6c:0c:b2:16:3f:af:45:7b:
88:b9:05:7b:f1:be:4c:ae:b0:4b:7a:fe:e8:16:66:26:66:40:
7b:aa:8b:27:30:d0:1a:98:2c:cf:e9:00:57:c3:0b:a3:a3:08:
da:c0:a4:56
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QTcyMzExMC8GA1UEBRMoQjkwNDIyNTU5QjU4QzREQUE4OUYyMjRENDlDNzFGRjQ0
RjlCQ0EzNDAeFw0yMzAyMjIwNzE1NThaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZjVjMTJlLTRlNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCy+x8vQQw8ArpdP7wA8hRz4VkJsCNoDDlW68AWH4B1Vj/gybayImeYj1orqBIR
5gHw3ntXniQt4aXxiUQ6SwycueO660zq8okTGK5r4OA5mXe0WUM/rH/M0Up26Mdr
F0rCK7f0Cnc8smWMqaEM1oKN/nZ3Lg5VSfwGHspCs34/8fEx+z3O1luMpvvoJblO
QF1xjre7Tr3ktiabnmRyMNNZXRKZ0vMUfUO4RlnN6mnBKtpg/QjTLKE41IBJu/SB
8foYZ199kmXpYLSv/zXtwpCKl/hEnm72DV7Wiw2cQR368zcG+qigXzYSXIp9Jmdn
YAHePfVyGdkFPv57fwkhBNOnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUA3Et0ySc
qcptxWPrQTxeH5e49KEwHwYDVR0jBBgwFoAUuQQiVZtYxNqonyJNSccf9E+byjQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNzIzLzJDRDdGNUM4QjI3
RDExRUQ4ODU2RkE4MUM0RjlBRTAyL3VRUWlWWnRZeE5xb255Sk5TY2NmOUUtYnlq
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdVFRaVZadFl4TnFvbnlKTlNjY2Y5RS1ieWpRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTcyMy8yQ0Q3RjVDOEIyN0QxMUVEODg1NkZBODFDNEY5QUUwMi9DMEMyM0YyQUIy
ODAxMUVEQTk3QUZDODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWddIDANBgkqhkiG9w0BAQsFAAOCAQEAEQ4+BHgsgdpcsUKI
xbUDekQ4xlBF7uIC5qCuxoyk2aEpIUy8XGsTA3yS3dq9zDN0lUxEsTu10TVy/epX
WkO4T1jzcTSwiQHqtW8D2oc+YR7R7X0ZWyMfjJmADCN1LiSMSm/jfO2OHxJkltPL
kh28qnZt8AOQTVy+bmCQM1ymrxoZFWtYvXwIKr8H/VaDtuB4OBXNB3d0NFr5Y+sU
yETEg8AQ5AJZyPuXlItj0P7zByazZTBhZbHBeJmzrQUU/R1RHl0ivCeM5/HLWh2V
pX+wpGwMshY/r0V7iLkFe/G+TK6wS3r+6BZmJmZAe6qLJzDQGpgsz+kAV8MLo6MI
2sCkVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org