Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CF1642DCF29A11E98F388E35C4F9AE02.roa
File: CF1642DCF29A11E98F388E35C4F9AE02.roa (raw, json)
Hash identifier: 2WObvzkh9Bgvinu0ptRXXu7gpyqs4pP06qTWnYMtF0Q=
Subject key identifier: 7B:26:43:5D:A5:04:58:0D:43:18:C6:E3:E7:8F:38:AE:D2:35:7D:BE
Certificate issuer: /CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Certificate serial: 0D2A
Authority key identifier: 0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CF1642DCF29A11E98F388E35C4F9AE02.roa
Signing time: Tue 08 Nov 2022 19:05:32 +0000
ROA not before: Tue 08 Nov 2022 19:05:32 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 23750
IP address blocks: 103.130.156.0/24 maxlen: 24
103.130.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3370 (0xd2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Validity
Not Before: Nov 8 19:05:32 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=636aa87c-0ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:74:4b:1c:05:15:23:d2:23:9a:d8:31:55:
9e:83:be:f4:b3:e9:f2:05:be:65:35:77:aa:1f:21:
14:83:da:8e:e0:a7:9f:71:3c:a3:aa:2b:25:2c:1a:
71:1f:23:d0:d7:e0:fc:67:85:8c:4c:ef:14:d3:21:
69:f5:47:5d:10:be:0d:5a:bc:41:03:62:89:52:22:
b9:e9:1b:04:74:aa:1f:5a:65:eb:5a:c3:be:85:a0:
85:de:0d:49:86:37:dd:ea:14:1a:59:0e:af:6e:58:
58:4b:9a:f1:ef:ae:4f:3c:97:13:a2:fe:ab:e7:ac:
f6:8b:2c:61:a2:e7:d6:b1:c3:e4:f9:14:33:41:2b:
91:1b:a3:91:b4:00:84:cb:66:fa:1e:bd:2a:55:05:
5c:54:92:bb:e0:b2:4f:6f:4f:80:fd:2c:15:24:d0:
b3:eb:12:73:f6:25:33:92:1b:74:0e:49:bb:e7:5d:
83:3b:38:2b:d1:ba:c4:9e:a8:f0:e4:97:bd:ad:61:
1b:09:cc:5e:b2:c1:75:bd:9e:20:e0:ee:a7:4f:ec:
46:69:a9:c8:1c:b6:79:1e:b3:7c:b0:10:4e:00:36:
39:22:50:a9:21:40:6b:03:63:b9:24:91:4f:01:a0:
b2:f9:4c:10:fb:35:4b:03:f2:3f:59:a4:11:3f:53:
f1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:26:43:5D:A5:04:58:0D:43:18:C6:E3:E7:8F:38:AE:D2:35:7D:BE
X509v3 Authority Key Identifier:
keyid:0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CF1642DCF29A11E98F388E35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.156.0/24
103.130.158.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:2c:ff:89:47:5e:ad:ec:e4:64:47:f6:00:d1:71:91:0a:47:
8b:17:73:85:5d:69:b1:d0:25:d4:85:9d:f8:6c:10:bb:22:8a:
dd:74:bd:de:6c:b8:11:82:cd:ed:70:f3:82:c2:a6:42:4d:df:
fc:b1:1c:a8:a1:59:f1:38:88:60:b6:ab:0c:c5:4b:9e:d4:37:
04:93:8e:10:f4:58:35:38:5f:6c:d9:e5:ab:cd:b1:f7:8e:fb:
b9:5d:f9:dd:d6:41:7e:2f:be:e1:8c:f2:4b:7f:2a:e2:2e:ac:
09:6e:ae:6a:cd:d6:48:3c:6b:25:c2:81:7c:8d:cc:9d:11:77:
31:af:e3:ee:88:a4:c4:90:99:da:13:e1:06:70:42:93:f0:f0:
c0:97:27:02:cd:84:9e:4a:ea:df:3c:07:ff:15:c9:50:48:1f:
76:03:8d:4a:59:bf:ed:55:34:a3:8f:9f:09:9b:3d:30:c7:ee:
0c:1c:e9:e6:dc:25:d6:3a:de:0e:30:2c:a8:ba:e7:b7:1d:2d:
1e:7d:c7:11:7b:6c:18:4d:7f:a6:d9:1e:bd:e9:d0:ad:ad:df:
88:2c:b1:ec:6f:c3:ea:de:26:98:09:c4:77:08:4c:0e:9d:81:
28:86:be:83:e3:8e:7a:57:75:69:54:85:a8:ad:e9:bd:f6:a4:
5a:68:cb:ad
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkZFOUYxMTAvBgNVBAUTKDBCMDk1MjM2MjM0RTY5MzVCQUEzNDFFMzIzNUEzREI0
NzNBQ0M2N0YwHhcNMjIxMTA4MTkwNTMyWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhYTg3Yy0wZWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsLV0SxwFFSPSI5rYMVWeg770s+nyBb5lNXeqHyEUg9qO4KefcTyjqislLBpx
HyPQ1+D8Z4WMTO8U0yFp9UddEL4NWrxBA2KJUiK56RsEdKofWmXrWsO+haCF3g1J
hjfd6hQaWQ6vblhYS5rx765PPJcTov6r56z2iyxhoufWscPk+RQzQSuRG6ORtACE
y2b6Hr0qVQVcVJK74LJPb0+A/SwVJNCz6xJz9iUzkht0Dkm7512DOzgr0brEnqjw
5Je9rWEbCcxessF1vZ4g4O6nT+xGaanIHLZ5HrN8sBBOADY5IlCpIUBrA2O5JJFP
AaCy+UwQ+zVLA/I/WaQRP1PxxQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHsmQ12l
BFgNQxjG4+ePOK7SNX2+MB8GA1UdIwQYMBaAFAsJUjYjTmk1uqNB4yNaPbRzrMZ/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkU5Ri84QkUwNjNFMDdC
MTYxMUU5OTk0OUFDNTFDNEY5QUUwMi9Dd2xTTmlOT2FUVzZvMEhqSTFvOXRIT3N4
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N3bFNOaU5PYVRXNm8wSGpJMW85dEhPc3huOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkZFOUYvOEJFMDYzRTA3QjE2MTFFOTk5NDlBQzUxQzRGOUFFMDIvQ0YxNjQyRENG
MjlBMTFFOThGMzg4RTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABngpwDBABngp4wDQYJKoZIhvcNAQELBQADggEBAHws/4lH
Xq3s5GRH9gDRcZEKR4sXc4VdabHQJdSFnfhsELsiit10vd5suBGCze1w84LCpkJN
3/yxHKihWfE4iGC2qwzFS57UNwSTjhD0WDU4X2zZ5avNsfeO+7ld+d3WQX4vvuGM
8kt/KuIurAlurmrN1kg8ayXCgXyNzJ0RdzGv4+6IpMSQmdoT4QZwQpPw8MCXJwLN
hJ5K6t88B/8VyVBIH3YDjUpZv+1VNKOPnwmbPTDH7gwc6ebcJdY63g4wLKi657cd
LR59xxF7bBhNf6bZHr3p0K2t34gssexvw+reJpgJxHcITA6dgSiGvoPjjnpXdWlU
hait6b32pFpoy60=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org