Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/31FAEA4AB4B511EC86294C57C4F9AE02.roa
File: 31FAEA4AB4B511EC86294C57C4F9AE02.roa (raw, json)
Hash identifier: nFvgpvpkHQNx16Nczqeg/7es750DHlrXHDI4eBs2YDo=
Subject key identifier: B9:0B:51:EB:15:DE:8B:A0:84:B1:BB:83:BA:45:94:B7:6E:1F:5C:52
Certificate issuer: /CN=A9131067/serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6
Certificate serial: 02BD
Authority key identifier: B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/31FAEA4AB4B511EC86294C57C4F9AE02.roa
Signing time: Tue 05 Apr 2022 11:31:55 +0000
ROA not before: Tue 05 Apr 2022 11:31:54 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 142063
IP address blocks: 103.166.102.0/24 maxlen: 24
103.166.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 701 (0x2bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131067/serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6
Validity
Not Before: Apr 5 11:31:54 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=624c28aa-4dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:f2:41:ad:dd:a9:7a:5a:c6:0b:b3:94:7e:e2:
8e:f6:0f:0d:d6:1e:bd:ff:81:1a:24:9f:56:01:d8:
56:9a:83:e1:c0:1c:88:2c:b3:cb:e7:13:0e:09:73:
5b:ae:88:60:4a:7d:1a:27:4a:e0:b0:48:a0:fa:7e:
2d:5d:d6:60:b9:4d:49:a9:77:08:54:41:b8:37:ce:
2f:17:fb:2f:3f:58:b0:cc:9d:be:c1:1b:4c:4a:d2:
8f:f7:43:b1:a3:1d:40:df:30:17:fa:d8:08:67:26:
62:a8:24:f2:35:0b:78:f5:11:e3:48:eb:68:c6:ab:
cd:d7:9c:9c:24:7c:32:c9:0a:6d:ef:29:7b:3c:9e:
c1:fe:45:db:39:48:fd:31:dd:a5:13:1e:cd:76:40:
ee:ea:72:83:a0:18:81:8c:d1:81:0b:87:c5:b3:fd:
63:8a:b8:8d:a6:f6:82:f3:45:aa:93:6f:73:37:cf:
8e:e7:0a:c4:91:27:f0:57:63:b3:7d:2a:e9:07:4c:
42:be:24:82:08:cc:c1:a9:70:18:24:87:26:f3:bd:
bd:e6:3d:1f:7e:9a:d4:1e:4c:c0:b5:3b:9b:61:84:
fe:10:97:f5:14:b5:71:96:78:03:4a:7f:35:7b:dc:
e0:c9:42:c4:b7:59:54:65:fa:5b:34:fc:12:f0:f6:
62:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0B:51:EB:15:DE:8B:A0:84:B1:BB:83:BA:45:94:B7:6E:1F:5C:52
X509v3 Authority Key Identifier:
keyid:B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/ssR8Lj1Px-3JmuIORrF0sQoDdfY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/31FAEA4AB4B511EC86294C57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.102.0/23
Signature Algorithm: sha256WithRSAEncryption
44:02:bd:85:1d:65:01:35:5f:90:e6:80:ae:a2:9c:9a:4f:c2:
ed:b3:1a:03:4e:ab:f7:6d:d7:1a:14:c5:7a:fd:d4:2b:c5:98:
eb:65:7a:e1:4d:45:a7:e9:d5:6b:f9:be:8b:ff:52:e7:18:09:
c2:fd:c0:30:16:6c:6b:6e:7b:b1:66:c6:ed:a2:a0:6d:02:ae:
b4:c9:6a:d8:31:12:f8:39:f3:88:79:64:8c:0b:c8:80:f7:e8:
11:b8:c9:65:c6:ff:d0:5c:21:df:63:5d:a5:a6:aa:56:40:92:
b0:91:9b:a7:13:cb:89:dd:6b:9d:43:3f:3a:6d:b7:1b:14:6d:
2a:48:6e:33:9c:b5:07:b6:c5:2c:6f:0f:1f:f6:95:ee:b6:b3:
83:8b:09:94:33:91:c4:35:0f:81:b7:54:97:a6:3b:75:11:b6:
e9:29:89:b7:f6:d4:6b:8e:88:87:aa:34:ea:2f:5c:25:86:7b:
77:cf:71:f2:7b:94:8b:26:e6:d1:e6:1c:a2:16:14:26:9e:f5:
ca:a5:71:66:98:00:3a:34:ae:4a:da:d6:e8:97:d8:74:ab:0b:
eb:6d:7b:7c:ca:71:83:0f:40:33:ee:ad:56:96:13:70:30:8e:
8c:67:b0:fa:56:0c:0f:6e:08:af:0c:34:20:37:38:4a:1c:11:
a0:a6:10:e5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzEwNjcxMTAvBgNVBAUTKEIyQzQ3QzJFM0Q0RkM3RURDOTlBRTIwRTQ2QjE3NEIx
MEEwMzc1RjYwHhcNMjIwNDA1MTEzMTU0WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRjMjhhYS00ZGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+fJBrd2pelrGC7OUfuKO9g8N1h69/4EaJJ9WAdhWmoPhwByILLPL5xMOCXNb
rohgSn0aJ0rgsEig+n4tXdZguU1JqXcIVEG4N84vF/svP1iwzJ2+wRtMStKP90Ox
ox1A3zAX+tgIZyZiqCTyNQt49RHjSOtoxqvN15ycJHwyyQpt7yl7PJ7B/kXbOUj9
Md2lEx7NdkDu6nKDoBiBjNGBC4fFs/1jiriNpvaC80Wqk29zN8+O5wrEkSfwV2Oz
fSrpB0xCviSCCMzBqXAYJIcm87295j0ffprUHkzAtTubYYT+EJf1FLVxlngDSn81
e9zgyULEt1lUZfpbNPwS8PZiMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLkLUesV
3oughLG7g7pFlLduH1xSMB8GA1UdIwQYMBaAFLLEfC49T8ftyZriDkaxdLEKA3X2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTA2Ny84REQwMEY1NkE2
QUQxMUVCODI3RkMxMUNDNEY5QUUwMi9zc1I4TGoxUHgtM0ptdUlPUnJGMHNRb0Rk
ZlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NzUjhMajFQeC0zSm11SU9SckYwc1FvRGRmWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzEwNjcvOEREMDBGNTZBNkFEMTFFQjgyN0ZDMTFDQzRGOUFFMDIvMzFGQUVBNEFC
NEI1MTFFQzg2Mjk0QzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnpmYwDQYJKoZIhvcNAQELBQADggEBAEQCvYUdZQE1X5Dm
gK6inJpPwu2zGgNOq/dt1xoUxXr91CvFmOtleuFNRafp1Wv5vov/UucYCcL9wDAW
bGtue7Fmxu2ioG0CrrTJatgxEvg584h5ZIwLyID36BG4yWXG/9BcId9jXaWmqlZA
krCRm6cTy4nda51DPzpttxsUbSpIbjOctQe2xSxvDx/2le62s4OLCZQzkcQ1D4G3
VJemO3URtukpibf21GuOiIeqNOovXCWGe3fPcfJ7lIsm5tHmHKIWFCae9cqlcWaY
ADo0rkra1uiX2HSrC+tte3zKcYMPQDPurVaWE3AwjoxnsPpWDA9uCK8MNCA3OEoc
EaCmEOU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org