Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/00EF5E6EDF9A11EA919D0586C4F9AE02.roa
File: 00EF5E6EDF9A11EA919D0586C4F9AE02.roa (raw, json)
Hash identifier: KizCT9Kl88pSQUOyw+yeMAFEV2j+0g7tzOkiw3pkLsg=
Subject key identifier: 08:36:07:26:42:02:53:72:81:69:2C:8B:60:0A:75:15:1E:CA:DC:AE
Certificate issuer: /CN=A91F1C8C/serialNumber=13BDA64C6F1B5A2C33394736354E9E8E6BCAE256
Certificate serial: 05EE
Authority key identifier: 13:BD:A6:4C:6F:1B:5A:2C:33:39:47:36:35:4E:9E:8E:6B:CA:E2:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E72mTG8bWiwzOUc2NU6ejmvK4lY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/00EF5E6EDF9A11EA919D0586C4F9AE02.roa
Signing time: Thu 15 Sep 2022 11:00:43 +0000
ROA not before: Thu 15 Sep 2022 11:00:43 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 140992
IP address blocks: 103.154.160.0/23 maxlen: 24
2001:df4:9080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1518 (0x5ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1C8C/serialNumber=13BDA64C6F1B5A2C33394736354E9E8E6BCAE256
Validity
Not Before: Sep 15 11:00:43 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=632305db-fa8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:a5:1a:1a:22:da:8c:ab:9b:ed:95:3c:e3:
20:1b:c9:0b:c3:e4:3b:bd:f1:b9:df:68:41:03:6c:
85:1e:1d:22:b7:f4:e7:21:d5:1c:47:70:bd:f1:b8:
e5:ee:3e:32:53:74:00:fb:78:3b:33:70:c9:41:cf:
ea:cc:a4:76:2c:c8:7d:78:6c:f8:7b:fa:87:1c:2a:
a5:aa:a9:eb:c3:b2:a7:48:f9:cb:df:bf:4e:41:e5:
7f:a1:1b:56:e8:af:9f:bf:f5:7f:d2:6e:52:2a:40:
98:7e:c2:d6:00:49:5f:4b:f0:28:e1:5b:5a:aa:30:
27:a6:f7:7c:f4:32:2a:ad:08:d8:8d:a7:5f:25:8c:
0c:38:65:55:fe:cc:5b:1f:7a:1e:96:ac:ae:0a:09:
66:15:ad:91:e1:57:03:44:c4:2c:f3:d3:b2:6e:df:
65:3f:77:d9:59:ee:90:4f:87:6c:76:eb:13:ba:03:
20:d7:50:35:3d:94:36:62:c3:b6:11:a8:f6:6f:8d:
1c:58:0e:49:1e:0d:c7:28:0d:8a:f1:71:9f:63:1b:
1b:fb:ec:e1:41:4e:bd:ba:94:a9:5e:b1:92:f5:2f:
d6:85:a9:7b:86:95:71:0c:43:e2:4d:13:d0:48:bf:
bb:17:60:5c:15:86:b7:ba:34:04:c0:68:67:d9:ce:
8e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:36:07:26:42:02:53:72:81:69:2C:8B:60:0A:75:15:1E:CA:DC:AE
X509v3 Authority Key Identifier:
keyid:13:BD:A6:4C:6F:1B:5A:2C:33:39:47:36:35:4E:9E:8E:6B:CA:E2:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/E72mTG8bWiwzOUc2NU6ejmvK4lY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E72mTG8bWiwzOUc2NU6ejmvK4lY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1C8C/23E5D5DEDF9911EA9F85D982C4F9AE02/00EF5E6EDF9A11EA919D0586C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.154.160.0/23
IPv6:
2001:df4:9080::/48
Signature Algorithm: sha256WithRSAEncryption
49:fb:a4:12:39:d3:c6:24:7a:cc:52:d6:6f:84:05:4c:dd:2e:
0f:57:79:b7:3b:54:ff:a7:5e:bd:26:02:c4:58:fb:d0:3f:3e:
0e:3a:ad:0a:26:81:85:99:75:95:d3:90:ee:51:2b:d0:bf:8f:
5f:07:d3:46:70:b3:43:ee:51:98:44:d9:ad:2d:80:7f:14:18:
e7:e0:75:2b:6c:cc:d0:73:06:43:3e:54:11:f5:80:49:3e:2f:
92:4d:6c:99:e0:64:93:ea:dd:d9:47:0d:da:f0:62:f9:f7:66:
cf:e7:5c:ff:4c:0b:48:21:c6:6f:72:ab:07:aa:08:64:04:8c:
45:c7:04:ce:1f:b7:61:e8:0e:73:95:d5:68:ee:57:30:60:0c:
1e:dc:7d:63:da:c0:4d:2a:7c:5a:55:80:ca:19:27:ea:48:7c:
33:9c:3e:7a:3b:73:73:f9:40:d4:73:7e:68:d1:a7:f7:ef:22:
b1:fa:5d:1b:6d:3b:44:23:ec:3f:2b:26:7a:ef:89:04:af:18:
e0:0a:6b:f2:52:79:5b:b7:d0:2e:c1:7a:fe:c2:d6:67:9d:17:
43:14:10:27:61:7f:7d:70:48:5a:7d:e2:0c:ae:fc:9a:26:eb:
fe:02:b7:c1:55:81:f7:77:91:63:36:8c:86:5d:91:20:b1:61:
f4:b1:98:90
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjFDOEMxMTAvBgNVBAUTKDEzQkRBNjRDNkYxQjVBMkMzMzM5NDczNjM1NEU5RThF
NkJDQUUyNTYwHhcNMjIwOTE1MTEwMDQzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIzMDVkYi1mYThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtV6lGhoi2oyrm+2VPOMgG8kLw+Q7vfG532hBA2yFHh0it/TnIdUcR3C98bjl
7j4yU3QA+3g7M3DJQc/qzKR2LMh9eGz4e/qHHCqlqqnrw7KnSPnL379OQeV/oRtW
6K+fv/V/0m5SKkCYfsLWAElfS/Ao4VtaqjAnpvd89DIqrQjYjadfJYwMOGVV/sxb
H3oelqyuCglmFa2R4VcDRMQs89Oybt9lP3fZWe6QT4dsdusTugMg11A1PZQ2YsO2
Eaj2b40cWA5JHg3HKA2K8XGfYxsb++zhQU69upSpXrGS9S/Whal7hpVxDEPiTRPQ
SL+7F2BcFYa3ujQEwGhn2c6OQwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAg2ByZC
AlNygWksi2AKdRUeytyuMB8GA1UdIwQYMBaAFBO9pkxvG1osMzlHNjVOno5ryuJW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUM4Qy8yM0U1RDVERURG
OTkxMUVBOUY4NUQ5ODJDNEY5QUUwMi9FNzJtVEc4Yldpd3pPVWMyTlU2ZWptdks0
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U3Mm1URzhiV2l3ek9VYzJOVTZlam12SzRsWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjFDOEMvMjNFNUQ1REVERjk5MTFFQTlGODVEOTgyQzRGOUFFMDIvMDBFRjVFNkVE
RjlBMTFFQTkxOUQwNTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnmqAwDwQCAAIwCQMHACABDfSQgDANBgkqhkiG9w0BAQsF
AAOCAQEASfukEjnTxiR6zFLWb4QFTN0uD1d5tztU/6devSYCxFj70D8+DjqtCiaB
hZl1ldOQ7lEr0L+PXwfTRnCzQ+5RmETZrS2AfxQY5+B1K2zM0HMGQz5UEfWAST4v
kk1smeBkk+rd2UcN2vBi+fdmz+dc/0wLSCHGb3KrB6oIZASMRccEzh+3YegOc5XV
aO5XMGAMHtx9Y9rATSp8WlWAyhkn6kh8M5w+ejtzc/lA1HN+aNGn9+8isfpdG207
RCPsPysmeu+JBK8Y4Apr8lJ5W7fQLsF6/sLWZ50XQxQQJ2F/fXBIWn3iDK78mibr
/gK3wVWB93eRYzaMhl2RILFh9LGYkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org