Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/A2E99F80D39511ED9156CA29C4F9AE02.roa
File: A2E99F80D39511ED9156CA29C4F9AE02.roa (raw, json)
Hash identifier: yNnasY9FR8tKERhFouXLNwIcNMk0uOMoZ7p8pvAFDzw=
Subject key identifier: FF:6C:AD:86:D1:22:0F:51:E9:26:3E:16:85:D2:07:64:D6:CA:D2:CA
Certificate issuer: /CN=A91522E0/serialNumber=4F32ECFF8CD46C3EC03FA75E1008F4AA9A0CF893
Certificate serial: 0966
Authority key identifier: 4F:32:EC:FF:8C:D4:6C:3E:C0:3F:A7:5E:10:08:F4:AA:9A:0C:F8:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TzLs_4zUbD7AP6deEAj0qpoM-JM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/A2E99F80D39511ED9156CA29C4F9AE02.roa
Signing time: Wed 05 Apr 2023 09:38:36 +0000
ROA not before: Wed 05 Apr 2023 09:38:36 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 131243
IP address blocks: 103.103.98.0/23 maxlen: 23
103.103.98.0/24 maxlen: 24
103.103.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2406 (0x966)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91522E0/serialNumber=4F32ECFF8CD46C3EC03FA75E1008F4AA9A0CF893
Validity
Not Before: Apr 5 09:38:36 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=642d419b-9123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7a:b8:51:f3:c8:25:86:6d:3e:75:8e:7f:e3:
89:04:dd:31:1b:c9:ea:ff:f4:43:ae:d9:8e:a8:69:
2e:7d:d2:a1:ae:75:ac:0f:a5:54:2c:dc:1f:46:cc:
68:17:32:d5:07:bb:2d:6b:d2:fc:55:e1:8a:d8:9b:
80:2e:d5:44:3c:2b:ff:c3:5d:b0:ec:44:82:63:5a:
b1:76:82:47:e3:6f:ad:a7:16:6b:95:92:80:10:ec:
7f:d9:09:16:61:18:9e:4c:60:ed:82:a9:1f:b9:e2:
cd:0e:ad:5f:1f:7c:09:98:7a:df:93:31:9a:76:9a:
7a:e8:d1:f8:a7:65:aa:1f:15:d6:5c:9c:da:72:da:
f5:6c:d8:0f:5e:c3:63:b8:ae:c3:33:50:e7:71:c1:
bc:07:66:af:88:65:10:16:1b:9d:46:03:9d:5e:b1:
a5:2f:53:bf:7b:a7:ea:2b:4f:95:4d:9c:3f:ed:99:
82:f5:f4:12:bb:06:bd:4d:25:01:89:a9:05:fa:de:
42:c8:7c:4c:a9:22:c8:4b:6d:84:16:db:ea:9a:0a:
c4:f8:50:7a:cb:02:f4:d8:50:60:30:86:4c:69:1b:
f1:c3:b8:d5:53:3c:20:23:cf:e1:aa:ce:69:57:10:
a5:2f:7a:e6:9a:40:8a:ca:a3:0c:f8:89:04:1a:ae:
d2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6C:AD:86:D1:22:0F:51:E9:26:3E:16:85:D2:07:64:D6:CA:D2:CA
X509v3 Authority Key Identifier:
keyid:4F:32:EC:FF:8C:D4:6C:3E:C0:3F:A7:5E:10:08:F4:AA:9A:0C:F8:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/TzLs_4zUbD7AP6deEAj0qpoM-JM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TzLs_4zUbD7AP6deEAj0qpoM-JM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/A2E99F80D39511ED9156CA29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.98.0/23
Signature Algorithm: sha256WithRSAEncryption
d4:39:ea:0f:c9:08:5e:6f:bc:fb:f1:51:d0:a6:8c:de:16:82:
38:f3:4a:ca:5e:25:1a:a9:b2:52:4f:e1:c8:ff:53:97:f6:00:
82:7f:e9:e0:97:6f:fd:9f:a6:bc:1d:ec:8c:dd:d6:8f:5f:66:
a3:0f:64:00:4d:02:7c:07:ca:47:ae:e9:56:01:5a:72:ab:fd:
6d:e0:73:5a:df:9f:da:99:db:25:df:46:61:ab:3f:74:55:b5:
77:d1:c6:9e:5d:58:8d:cd:1f:88:25:a1:eb:e4:c6:60:07:ab:
5e:03:64:11:2f:f7:a6:1f:7f:ce:0f:17:87:a7:91:5f:73:22:
a0:33:64:01:02:3f:7f:67:3a:17:e5:59:bf:16:9d:ba:30:e8:
e0:d9:c5:d6:dd:12:de:f3:c0:a9:de:57:a1:20:5b:8e:5d:69:
d1:f6:85:9a:89:ce:80:6c:76:12:80:e5:74:2f:e4:d6:4e:fb:
09:7b:9f:b2:ca:a5:2a:89:a0:68:3f:18:3e:c2:9a:57:37:e2:
56:3c:5b:65:10:35:ca:3f:6a:4e:b4:60:89:c9:f7:89:d5:14:
0a:de:e0:38:26:8b:35:9e:fc:4c:e8:79:ab:6e:a1:57:b3:97:
c0:ff:92:f0:33:8f:62:0c:00:cc:21:61:3f:47:5c:0b:64:16:
05:27:20:42
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTIyRTAxMTAvBgNVBAUTKDRGMzJFQ0ZGOENENDZDM0VDMDNGQTc1RTEwMDhGNEFB
OUEwQ0Y4OTMwHhcNMjMwNDA1MDkzODM2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJkNDE5Yi05MTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsnq4UfPIJYZtPnWOf+OJBN0xG8nq//RDrtmOqGkufdKhrnWsD6VULNwfRsxo
FzLVB7sta9L8VeGK2JuALtVEPCv/w12w7ESCY1qxdoJH42+tpxZrlZKAEOx/2QkW
YRieTGDtgqkfueLNDq1fH3wJmHrfkzGadpp66NH4p2WqHxXWXJzactr1bNgPXsNj
uK7DM1DnccG8B2aviGUQFhudRgOdXrGlL1O/e6fqK0+VTZw/7ZmC9fQSuwa9TSUB
iakF+t5CyHxMqSLIS22EFtvqmgrE+FB6ywL02FBgMIZMaRvxw7jVUzwgI8/hqs5p
VxClL3rmmkCKyqMM+IkEGq7SgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFP9srYbR
Ig9R6SY+FoXSB2TWytLKMB8GA1UdIwQYMBaAFE8y7P+M1Gw+wD+nXhAI9KqaDPiT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjJFMC9DOUI5MEZGODQ2
ODgxMUVBQUNGMThBMjhDNEY5QUUwMi9UekxzXzR6VWJEN0FQNmRlRUFqMHFwb00t
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R6THNfNHpVYkQ3QVA2ZGVFQWowcXBvTS1KTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTIyRTAvQzlCOTBGRjg0Njg4MTFFQUFDRjE4QTI4QzRGOUFFMDIvQTJFOTlGODBE
Mzk1MTFFRDkxNTZDQTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnZ2IwDQYJKoZIhvcNAQELBQADggEBANQ56g/JCF5vvPvx
UdCmjN4WgjjzSspeJRqpslJP4cj/U5f2AIJ/6eCXb/2fprwd7Izd1o9fZqMPZABN
AnwHykeu6VYBWnKr/W3gc1rfn9qZ2yXfRmGrP3RVtXfRxp5dWI3NH4gloevkxmAH
q14DZBEv96Yff84PF4enkV9zIqAzZAECP39nOhflWb8Wnbow6ODZxdbdEt7zwKne
V6EgW45dadH2hZqJzoBsdhKA5XQv5NZO+wl7n7LKpSqJoGg/GD7Cmlc34lY8W2UQ
Nco/ak60YInJ94nVFAre4DgmizWe/EzoeatuoVezl8D/kvAzj2IMAMwhYT9HXAtk
FgUnIEI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-ams.rpki-client.org