Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/5C570732340511ECB0C4FB38C4F9AE02.roa
File: 5C570732340511ECB0C4FB38C4F9AE02.roa (raw, json)
Hash identifier: ORcggF2EKQTjsfS4Vxd4BsCEoW5wCLjI+tbPRy5GbFE=
Subject key identifier: 92:F7:1B:83:6A:45:A6:8D:12:10:EC:24:43:7D:FF:8E:D2:9C:E5:19
Certificate issuer: /CN=A9131067/serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6
Certificate serial: 01FB
Authority key identifier: B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/5C570732340511ECB0C4FB38C4F9AE02.roa
Signing time: Tue 04 Jan 2022 11:21:41 +0000
ROA not before: Tue 04 Jan 2022 11:21:40 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 140900
IP address blocks: 103.166.102.0/24 maxlen: 24
103.166.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 507 (0x1fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131067/serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6
Validity
Not Before: Jan 4 11:21:40 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61d42dc4-f84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:36:15:23:8c:42:e3:dd:88:86:6d:ff:85:99:
8d:85:85:c6:35:08:10:b9:c1:7c:5c:ca:98:d1:10:
06:1e:9e:dd:10:bb:55:29:d4:9d:6f:06:be:09:5c:
f1:e3:f3:44:57:78:a9:c0:39:92:1b:95:2f:3d:bd:
c1:b3:0f:68:17:bd:9d:0d:6f:dc:c4:ad:f6:0f:13:
94:b4:e6:47:5b:e2:28:c4:69:63:dc:bd:11:a5:56:
7f:f7:e1:8a:e6:e4:d1:b1:58:77:ca:0d:b5:d0:00:
00:2c:83:ca:da:a6:70:e8:a3:86:43:e7:f3:cd:be:
f9:d6:f8:e0:05:39:77:b8:1e:60:ce:dd:70:b5:4f:
0a:6b:01:84:a6:b7:3c:5d:50:9e:09:2b:9e:e3:4c:
81:e0:30:f1:03:13:5b:71:a6:54:14:d2:d0:65:79:
c4:31:d4:16:51:e8:79:be:9b:e6:2f:cd:71:07:10:
75:0c:1f:b7:e5:6a:37:8e:0d:59:69:a7:f6:5f:4d:
d8:0c:a0:31:9a:4c:44:2d:d9:7a:08:2d:03:20:14:
c5:18:83:95:2e:33:95:c9:42:3a:3d:34:b3:57:1c:
5c:7f:1b:7f:77:22:b8:20:d0:95:10:57:54:e0:ad:
da:f7:d0:b0:9f:ec:13:81:05:81:48:46:91:cc:ec:
71:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F7:1B:83:6A:45:A6:8D:12:10:EC:24:43:7D:FF:8E:D2:9C:E5:19
X509v3 Authority Key Identifier:
keyid:B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/ssR8Lj1Px-3JmuIORrF0sQoDdfY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/5C570732340511ECB0C4FB38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.102.0/23
Signature Algorithm: sha256WithRSAEncryption
72:3b:7f:79:b5:85:f3:ed:d1:ca:95:5d:71:c4:7f:13:4c:31:
1a:f6:01:f8:7f:64:d9:a1:86:e0:9c:45:07:3d:81:10:9f:d0:
88:da:dc:04:f6:6e:23:02:1a:27:34:0c:15:59:d2:33:27:82:
72:38:d6:01:0f:cd:c1:1c:53:71:37:8f:4c:ce:3c:6b:6a:0f:
cf:fc:c8:a0:f3:b0:d0:51:a5:0b:28:24:ae:9f:41:ef:e2:9d:
ee:c2:e9:95:8b:ad:2c:51:f4:34:2f:9a:41:f6:47:04:c4:e5:
72:ab:87:2d:2d:34:d1:45:7f:e6:df:b6:b7:0a:44:c2:33:6e:
56:a9:e4:24:d1:7d:ad:a8:59:c2:b7:1b:b8:f7:62:fd:4b:72:
7b:ff:af:37:d8:ec:bf:34:e3:6b:05:a0:d3:b1:78:cc:e6:72:
bc:3b:b3:33:c3:44:8f:11:1f:da:ce:9a:d7:8c:17:93:e0:6b:
c4:51:d9:25:82:86:e7:5d:90:4a:e0:ed:58:44:6a:29:b3:98:
4e:51:4f:c1:d0:40:d9:ee:36:21:e9:ec:38:9d:b9:6c:3e:69:
66:4c:e7:5e:0e:2a:dc:0f:e1:62:de:25:0b:01:3f:83:fb:15:
7b:31:1c:85:89:e8:7f:00:1c:9c:18:3c:dd:03:36:47:bd:a9:
f9:ee:cb:3f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzEwNjcxMTAvBgNVBAUTKEIyQzQ3QzJFM0Q0RkM3RURDOTlBRTIwRTQ2QjE3NEIx
MEEwMzc1RjYwHhcNMjIwMTA0MTEyMTQwWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWQ0MmRjNC1mODRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlDYVI4xC492Ihm3/hZmNhYXGNQgQucF8XMqY0RAGHp7dELtVKdSdbwa+CVzx
4/NEV3ipwDmSG5UvPb3Bsw9oF72dDW/cxK32DxOUtOZHW+IoxGlj3L0RpVZ/9+GK
5uTRsVh3yg210AAALIPK2qZw6KOGQ+fzzb751vjgBTl3uB5gzt1wtU8KawGEprc8
XVCeCSue40yB4DDxAxNbcaZUFNLQZXnEMdQWUeh5vpvmL81xBxB1DB+35Wo3jg1Z
aaf2X03YDKAxmkxELdl6CC0DIBTFGIOVLjOVyUI6PTSzVxxcfxt/dyK4INCVEFdU
4K3a99Cwn+wTgQWBSEaRzOxxMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJL3G4Nq
RaaNEhDsJEN9/47SnOUZMB8GA1UdIwQYMBaAFLLEfC49T8ftyZriDkaxdLEKA3X2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTA2Ny84REQwMEY1NkE2
QUQxMUVCODI3RkMxMUNDNEY5QUUwMi9zc1I4TGoxUHgtM0ptdUlPUnJGMHNRb0Rk
ZlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NzUjhMajFQeC0zSm11SU9SckYwc1FvRGRmWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzEwNjcvOEREMDBGNTZBNkFEMTFFQjgyN0ZDMTFDQzRGOUFFMDIvNUM1NzA3MzIz
NDA1MTFFQ0IwQzRGQjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnpmYwDQYJKoZIhvcNAQELBQADggEBAHI7f3m1hfPt0cqV
XXHEfxNMMRr2Afh/ZNmhhuCcRQc9gRCf0Ija3AT2biMCGic0DBVZ0jMngnI41gEP
zcEcU3E3j0zOPGtqD8/8yKDzsNBRpQsoJK6fQe/ine7C6ZWLrSxR9DQvmkH2RwTE
5XKrhy0tNNFFf+bftrcKRMIzblap5CTRfa2oWcK3G7j3Yv1Lcnv/rzfY7L8042sF
oNOxeMzmcrw7szPDRI8RH9rOmteMF5Pga8RR2SWChuddkErg7VhEaimzmE5RT8HQ
QNnuNiHp7DiduWw+aWZM514OKtwP4WLeJQsBP4P7FXsxHIWJ6H8AHJwYPN0DNke9
qfnuyz8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org