Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/320F08D6828311EC9A7C1D34C4F9AE02.roa
File: 320F08D6828311EC9A7C1D34C4F9AE02.roa (raw, json)
Hash identifier: tpHTOTpYH35sDcIw4yARkRmuw34KjzhfG/I1Kaqv32g=
Subject key identifier: AB:5A:53:67:AD:73:F1:D6:ED:2D:5E:26:3F:1B:D7:A8:D0:A7:64:F6
Certificate issuer: /CN=A91409DC/serialNumber=14A6CABC302EC1E3DCE74DE98BF558A042BEAC56
Certificate serial: 045F
Authority key identifier: 14:A6:CA:BC:30:2E:C1:E3:DC:E7:4D:E9:8B:F5:58:A0:42:BE:AC:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FKbKvDAuwePc503pi_VYoEK-rFY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/320F08D6828311EC9A7C1D34C4F9AE02.roa
Signing time: Mon 31 Jan 2022 10:47:34 +0000
ROA not before: Mon 31 Jan 2022 10:47:34 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 63526
IP address blocks: 103.137.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1119 (0x45f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91409DC/serialNumber=14A6CABC302EC1E3DCE74DE98BF558A042BEAC56
Validity
Not Before: Jan 31 10:47:34 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61f7be45-ade9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:c1:fc:78:aa:e5:a4:fc:52:ef:1e:fa:90:
5d:68:3e:5d:d9:c1:58:fb:77:89:02:95:bc:80:57:
4e:d7:80:a8:09:d0:61:c0:00:06:ab:86:bf:49:ef:
6f:cc:fb:85:78:79:17:41:58:5b:b8:e7:3f:62:18:
be:34:63:55:81:23:b3:fe:47:29:f7:a5:79:70:63:
fa:73:d9:ea:8b:ea:e9:c5:03:b0:f9:8d:ea:9d:0e:
ea:8d:cc:59:4b:cd:80:3b:c2:f7:f3:52:b7:ea:51:
d1:29:02:a3:9e:58:3a:20:28:a4:06:5e:3e:77:c8:
a6:5d:31:ae:92:2d:bf:67:d4:13:78:5d:a4:46:3e:
b3:57:6b:d3:e1:10:b5:a2:b9:7e:4d:e7:db:f2:8b:
58:14:c1:df:06:84:c6:c7:80:ec:f1:01:29:bb:17:
a9:9d:ac:32:36:2f:b6:c3:cf:b3:c5:f8:3f:41:c1:
2e:8b:30:4d:9a:2a:4a:01:ca:4f:06:01:28:a6:57:
8e:25:e0:70:2d:86:c8:ab:b1:fc:27:e9:62:5d:92:
c8:6a:4c:ab:4b:94:d9:9a:87:96:51:af:4a:f5:03:
83:fc:f1:0e:55:49:4a:51:b5:64:0b:5c:68:f8:7c:
43:30:a8:14:a8:98:f5:e2:9a:85:bb:6d:00:8b:03:
08:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5A:53:67:AD:73:F1:D6:ED:2D:5E:26:3F:1B:D7:A8:D0:A7:64:F6
X509v3 Authority Key Identifier:
keyid:14:A6:CA:BC:30:2E:C1:E3:DC:E7:4D:E9:8B:F5:58:A0:42:BE:AC:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/FKbKvDAuwePc503pi_VYoEK-rFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FKbKvDAuwePc503pi_VYoEK-rFY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/320F08D6828311EC9A7C1D34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.40.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:71:16:a5:f7:ec:e3:53:c8:32:56:d1:75:75:94:64:f1:bb:
f9:f9:75:c0:df:05:5b:6a:e4:79:b3:96:40:5e:3b:e5:d3:34:
dc:fc:94:d5:a5:9b:56:9e:7d:f8:c8:c9:1e:64:f1:08:e5:a7:
b3:96:41:98:b2:2f:bd:81:98:8f:40:1c:e8:94:29:87:4f:9b:
64:77:b8:6b:c1:41:7c:f1:46:96:9d:a1:89:eb:3b:1e:42:f8:
7e:89:d6:ce:ee:e5:21:5e:40:2a:e1:07:6b:ae:8c:65:32:49:
18:73:e2:7f:74:d3:45:00:64:de:9a:9a:2f:07:fd:3a:43:15:
df:80:a1:8d:b3:8a:b5:db:35:a3:78:87:3f:6d:c6:24:bd:ba:
fa:5a:1e:76:02:ff:e7:df:99:62:e1:e4:f9:93:e1:95:d6:60:
62:51:5a:7f:98:3d:ee:81:84:4d:ee:aa:6a:ee:62:8d:6a:c2:
4e:29:0a:94:bc:eb:cf:65:c2:77:45:f5:1b:81:2d:bd:ad:ff:
6d:0d:e2:ce:8f:93:e9:b2:18:d0:25:be:f6:b0:13:72:50:94:
6f:1f:69:62:21:c0:45:67:9f:30:9e:54:8a:f9:a0:76:46:04:
fc:1d:55:d5:18:16:ba:2b:06:64:3a:b4:76:be:65:ac:f6:3f:
8e:4e:a7:a8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA5REMxMTAvBgNVBAUTKDE0QTZDQUJDMzAyRUMxRTNEQ0U3NERFOThCRjU1OEEw
NDJCRUFDNTYwHhcNMjIwMTMxMTA0NzM0WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY3YmU0NS1hZGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArKDB/Hiq5aT8Uu8e+pBdaD5d2cFY+3eJApW8gFdO14CoCdBhwAAGq4a/Se9v
zPuFeHkXQVhbuOc/Yhi+NGNVgSOz/kcp96V5cGP6c9nqi+rpxQOw+Y3qnQ7qjcxZ
S82AO8L381K36lHRKQKjnlg6ICikBl4+d8imXTGuki2/Z9QTeF2kRj6zV2vT4RC1
orl+Tefb8otYFMHfBoTGx4Ds8QEpuxepnawyNi+2w8+zxfg/QcEuizBNmipKAcpP
BgEopleOJeBwLYbIq7H8J+liXZLIakyrS5TZmoeWUa9K9QOD/PEOVUlKUbVkC1xo
+HxDMKgUqJj14pqFu20AiwMIzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKtaU2et
c/HW7S1eJj8b16jQp2T2MB8GA1UdIwQYMBaAFBSmyrwwLsHj3OdN6Yv1WKBCvqxW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDlEQy9BNUJCRkFBNjA5
MzUxMUVBQUIxMEM5MUZDNEY5QUUwMi9GS2JLdkRBdXdlUGM1MDNwaV9WWW9FSy1y
RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZLYkt2REF1d2VQYzUwM3BpX1ZZb0VLLXJGWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA5REMvQTVCQkZBQTYwOTM1MTFFQUFCMTBDOTFGQzRGOUFFMDIvMzIwRjA4RDY4
MjgzMTFFQzlBN0MxRDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniSgwDQYJKoZIhvcNAQELBQADggEBAJ1xFqX37ONTyDJW
0XV1lGTxu/n5dcDfBVtq5HmzlkBeO+XTNNz8lNWlm1aeffjIyR5k8Qjlp7OWQZiy
L72BmI9AHOiUKYdPm2R3uGvBQXzxRpadoYnrOx5C+H6J1s7u5SFeQCrhB2uujGUy
SRhz4n9000UAZN6ami8H/TpDFd+AoY2zirXbNaN4hz9txiS9uvpaHnYC/+ffmWLh
5PmT4ZXWYGJRWn+YPe6BhE3uqmruYo1qwk4pCpS8689lwndF9RuBLb2t/20N4s6P
k+myGNAlvvawE3JQlG8faWIhwEVnnzCeVIr5oHZGBPwdVdUYFrorBmQ6tHa+Zaz2
P45Op6g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org