Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/FFE7A16C834311EC8B56E409C4F9AE02.roa
File: FFE7A16C834311EC8B56E409C4F9AE02.roa (raw, json)
Hash identifier: gQoxz9jrp8PrgwHa+wVsHZbOxDlECCNkdEgRxvWJ8TM=
Subject key identifier: BF:30:0D:1E:6B:22:FA:71:51:94:D5:D2:A0:32:5E:67:6B:09:67:C7
Certificate issuer: /CN=A91FAE47/serialNumber=22F303C4AE2BBDCC1E9765106D235E9F32FF54FD
Certificate serial: 0963
Authority key identifier: 22:F3:03:C4:AE:2B:BD:CC:1E:97:65:10:6D:23:5E:9F:32:FF:54:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IvMDxK4rvcwel2UQbSNenzL_VP0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/FFE7A16C834311EC8B56E409C4F9AE02.roa
Signing time: Mon 30 Jan 2023 21:48:02 +0000
ROA not before: Mon 30 Jan 2023 21:48:01 +0000
ROA not after: Fri 02 Jun 2023 00:00:00 +0000
asID: 137245
IP address blocks: 103.106.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2403 (0x963)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAE47/serialNumber=22F303C4AE2BBDCC1E9765106D235E9F32FF54FD
Validity
Not Before: Jan 30 21:48:01 2023 GMT
Not After : Jun 2 00:00:00 2023 GMT
Subject: CN=63d83b11-47ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b3:5a:31:03:e9:7b:eb:0e:1b:56:9a:f6:17:
21:6e:83:29:e1:6c:fb:c5:d0:d2:7e:f9:be:83:b6:
4f:5e:4e:f9:71:db:ea:f8:ce:6e:f9:83:cf:60:2e:
eb:ef:8b:97:ce:ea:08:db:2a:b6:e2:7d:a0:2c:f6:
9c:b9:b6:33:cd:ff:55:0d:4f:e7:f7:3d:6c:5a:07:
bf:56:52:35:5f:22:40:ac:83:41:61:43:38:4b:5c:
ae:44:ff:1c:59:e0:16:cc:60:40:4e:04:8a:3d:5f:
63:ca:99:3a:d2:56:6a:09:5e:0f:9a:79:8b:6b:54:
0b:49:f3:1e:e8:04:c9:44:06:c2:9b:23:32:89:d2:
cd:cf:0c:df:79:bb:b6:d4:f5:de:71:19:04:f1:c3:
01:9a:8b:46:d8:19:87:01:29:4e:64:dc:54:2c:2f:
58:98:46:e8:16:eb:e1:a1:73:a6:6d:a8:75:6f:76:
40:00:bc:14:09:4a:53:b8:e2:03:8c:34:be:a7:11:
52:e4:39:64:23:a5:ae:7b:73:1e:72:7f:53:d0:a2:
00:03:b5:43:6e:75:ba:3d:9b:0e:00:9c:dd:9f:d0:
21:f0:0d:6e:55:2f:19:0d:a0:db:64:e9:78:8d:10:
90:90:29:94:c1:51:0c:92:d3:59:6c:12:3e:c9:4b:
a4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:30:0D:1E:6B:22:FA:71:51:94:D5:D2:A0:32:5E:67:6B:09:67:C7
X509v3 Authority Key Identifier:
keyid:22:F3:03:C4:AE:2B:BD:CC:1E:97:65:10:6D:23:5E:9F:32:FF:54:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/IvMDxK4rvcwel2UQbSNenzL_VP0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IvMDxK4rvcwel2UQbSNenzL_VP0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAE47/974D6D7E48F011EA886EB445C4F9AE02/FFE7A16C834311EC8B56E409C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.3.0/24
Signature Algorithm: sha256WithRSAEncryption
17:25:29:6f:6b:d6:3b:e0:2d:09:0a:42:00:92:4f:6b:70:64:
76:d2:90:a3:3e:75:da:40:6e:1a:78:39:9e:d7:45:58:7a:82:
63:c2:28:9f:78:8f:a1:7d:71:f4:0f:b1:c4:20:69:9f:d6:4a:
90:d4:da:0d:3f:9c:f6:9e:be:2c:49:2a:b2:7f:be:e5:58:99:
17:24:e5:82:61:9c:56:fc:e7:53:35:07:03:ef:23:8e:f3:e1:
da:4f:8a:66:68:96:43:b7:08:5b:11:a0:a6:fb:b7:14:4c:72:
8e:a4:2b:b1:ce:24:f1:8c:af:ab:84:8d:14:12:5f:f2:0f:ca:
ac:5a:86:b2:34:37:51:6c:12:f9:e3:8d:b5:14:1b:45:b8:fb:
ac:5b:8e:c0:c9:7b:ce:34:b5:fb:cd:72:7d:94:02:0b:70:f8:
b6:2b:0c:fe:bb:29:6e:f7:8d:a4:95:07:19:12:81:b7:c1:a6:
3b:bf:08:f4:e4:11:dd:64:53:85:fe:b0:25:d7:5d:05:ef:3e:
f3:31:9e:55:22:82:23:aa:bb:e6:07:b6:17:8f:48:ae:f0:e8:
01:23:0a:3b:62:51:6c:cf:dc:f2:8a:64:ce:4b:1c:0f:2f:bc:
c7:49:f8:4d:03:f1:d5:93:05:f3:2f:f7:00:6d:94:68:fe:ab:
7e:bb:86:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkFFNDcxMTAvBgNVBAUTKDIyRjMwM0M0QUUyQkJEQ0MxRTk3NjUxMDZEMjM1RTlG
MzJGRjU0RkQwHhcNMjMwMTMwMjE0ODAxWhcNMjMwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q4M2IxMS00N2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwbNaMQPpe+sOG1aa9hchboMp4Wz7xdDSfvm+g7ZPXk75cdvq+M5u+YPPYC7r
74uXzuoI2yq24n2gLPacubYzzf9VDU/n9z1sWge/VlI1XyJArINBYUM4S1yuRP8c
WeAWzGBATgSKPV9jypk60lZqCV4PmnmLa1QLSfMe6ATJRAbCmyMyidLNzwzfebu2
1PXecRkE8cMBmotG2BmHASlOZNxULC9YmEboFuvhoXOmbah1b3ZAALwUCUpTuOID
jDS+pxFS5DlkI6Wue3Mecn9T0KIAA7VDbnW6PZsOAJzdn9Ah8A1uVS8ZDaDbZOl4
jRCQkCmUwVEMktNZbBI+yUukgwIDAQABo4IClTCCApEwHQYDVR0OBBYEFL8wDR5r
IvpxUZTV0qAyXmdrCWfHMB8GA1UdIwQYMBaAFCLzA8SuK73MHpdlEG0jXp8y/1T9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUU0Ny85NzRENkQ3RTQ4
RjAxMUVBODg2RUI0NDVDNEY5QUUwMi9Jdk1EeEs0cnZjd2VsMlVRYlNOZW56TF9W
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0l2TUR4SzRydmN3ZWwyVVFiU05lbnpMX1ZQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkFFNDcvOTc0RDZEN0U0OEYwMTFFQTg4NkVCNDQ1QzRGOUFFMDIvRkZFN0ExNkM4
MzQzMTFFQzhCNTZFNDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnagMwDQYJKoZIhvcNAQELBQADggEBABclKW9r1jvgLQkK
QgCST2twZHbSkKM+ddpAbhp4OZ7XRVh6gmPCKJ94j6F9cfQPscQgaZ/WSpDU2g0/
nPaevixJKrJ/vuVYmRck5YJhnFb851M1BwPvI47z4dpPimZolkO3CFsRoKb7txRM
co6kK7HOJPGMr6uEjRQSX/IPyqxahrI0N1FsEvnjjbUUG0W4+6xbjsDJe840tfvN
cn2UAgtw+LYrDP67KW73jaSVBxkSgbfBpju/CPTkEd1kU4X+sCXXXQXvPvMxnlUi
giOqu+YHthePSK7w6AEjCjtiUWzP3PKKZM5LHA8vvMdJ+E0D8dWTBfMv9wBtlGj+
q367hiw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org