Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/B54C96D8E18C11ECB1697F55C4F9AE02.roa
File: B54C96D8E18C11ECB1697F55C4F9AE02.roa (raw, json)
Hash identifier: pi524MobC8nNRCsyg3R7901AZRBDr2fQLTaKfbDqdNw=
Subject key identifier: B2:3C:62:31:F9:79:43:07:09:1C:40:87:6B:45:91:AF:24:04:93:2B
Certificate issuer: /CN=A91580A1/serialNumber=437FF34EE7BC7050C9C84886AA94CE8CF50C24F9
Certificate serial: 0510
Authority key identifier: 43:7F:F3:4E:E7:BC:70:50:C9:C8:48:86:AA:94:CE:8C:F5:0C:24:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q3_zTue8cFDJyEiGqpTOjPUMJPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/B54C96D8E18C11ECB1697F55C4F9AE02.roa
Signing time: Wed 01 Jun 2022 21:20:20 +0000
ROA not before: Wed 01 Jun 2022 21:20:20 +0000
ROA not after: Sat 01 Oct 2022 00:00:00 +0000
asID: 137491
IP address blocks: 103.137.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1296 (0x510)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91580A1/serialNumber=437FF34EE7BC7050C9C84886AA94CE8CF50C24F9
Validity
Not Before: Jun 1 21:20:20 2022 GMT
Not After : Oct 1 00:00:00 2022 GMT
Subject: CN=6297d814-38bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2a:92:31:88:18:d5:3a:86:3f:31:27:8f:6a:
f0:82:e6:61:ae:8d:2f:d9:2e:b6:6e:95:2b:0d:22:
13:b3:49:36:5a:12:7c:b3:f8:ce:f3:21:50:09:18:
fe:54:90:9b:96:4f:36:89:c2:a1:ca:9e:25:58:c6:
7e:00:4d:c8:84:b8:55:23:4b:f8:3f:cb:2f:85:47:
c7:02:84:07:68:3b:fd:36:30:86:88:ed:41:ae:67:
eb:7e:86:4f:c9:10:16:39:5b:e0:d6:dd:d9:0a:2f:
a3:5a:ca:d0:d5:2e:d1:6b:ae:c0:b5:e9:69:00:c5:
f8:4a:fc:7f:b3:ab:b4:ac:5f:77:64:d3:bb:2f:c2:
c8:d7:18:8c:f5:79:d0:95:be:01:64:07:6e:ba:ab:
6d:ac:89:be:f6:c2:35:a6:48:91:f5:2d:8a:9f:c3:
fd:42:4d:dd:25:6a:5e:44:9b:ad:9d:44:6d:6e:7e:
1f:73:63:39:1c:f2:01:85:0b:80:b0:f5:2c:10:4d:
4a:13:a3:ff:58:d7:70:40:23:db:4b:72:14:7f:f9:
83:0c:90:30:13:ba:af:a2:d1:ed:01:73:ea:a9:e5:
9e:e0:a6:b5:d8:f5:bf:e9:a3:ae:f8:26:57:29:84:
b5:e8:7d:db:bc:75:a7:02:c8:51:40:0d:b5:a5:49:
f8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:3C:62:31:F9:79:43:07:09:1C:40:87:6B:45:91:AF:24:04:93:2B
X509v3 Authority Key Identifier:
keyid:43:7F:F3:4E:E7:BC:70:50:C9:C8:48:86:AA:94:CE:8C:F5:0C:24:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/Q3_zTue8cFDJyEiGqpTOjPUMJPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q3_zTue8cFDJyEiGqpTOjPUMJPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/B54C96D8E18C11ECB1697F55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.7.0/24
Signature Algorithm: sha256WithRSAEncryption
99:49:30:d4:1b:af:e7:17:b9:ec:32:71:aa:04:77:5e:08:6b:
04:d5:06:74:db:2a:ff:bb:65:c0:d4:50:74:d5:9e:4d:0e:c0:
c3:66:80:45:40:bd:20:e2:37:67:0c:ec:82:90:af:9f:b4:93:
78:97:98:1a:54:76:39:cb:57:36:b3:10:4c:5a:ba:49:be:97:
f7:2f:22:81:2a:c9:3d:64:7c:e2:db:5e:ad:31:2a:c9:64:85:
7c:8d:85:3c:50:e8:7f:60:02:7c:ac:2c:67:4f:03:3d:de:38:
4c:80:de:78:d5:2f:c6:70:3f:b3:d9:00:6d:1a:16:c5:a9:ac:
11:10:c8:0c:18:99:6d:ed:b6:a0:e4:1e:04:d0:fd:7a:3c:d3:
4d:10:d1:b7:96:62:56:d2:c9:c1:f5:09:d7:84:59:c2:fc:7b:
97:13:39:86:03:4d:5b:bf:5f:28:08:22:03:b1:c7:04:34:02:
19:3f:e0:79:9c:95:69:8b:e5:50:7e:1f:90:4a:1f:63:c1:2c:
72:f8:2b:d6:ae:74:5b:6f:07:27:8d:31:10:3f:b4:a4:be:17:
e6:e2:f5:a8:2e:86:72:fa:73:1e:db:7a:cb:62:ae:0a:73:a3:
44:f0:47:44:89:7b:6e:c5:05:3c:2d:27:f0:6d:bc:d6:dd:b8:
b2:d1:b2:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBRAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTgwQTExMTAvBgNVBAUTKDQzN0ZGMzRFRTdCQzcwNTBDOUM4NDg4NkFBOTRDRThD
RjUwQzI0RjkwHhcNMjIwNjAxMjEyMDIwWhcNMjIxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk3ZDgxNC0zOGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyiqSMYgY1TqGPzEnj2rwguZhro0v2S62bpUrDSITs0k2WhJ8s/jO8yFQCRj+
VJCblk82icKhyp4lWMZ+AE3IhLhVI0v4P8svhUfHAoQHaDv9NjCGiO1BrmfrfoZP
yRAWOVvg1t3ZCi+jWsrQ1S7Ra67AtelpAMX4Svx/s6u0rF93ZNO7L8LI1xiM9XnQ
lb4BZAduuqttrIm+9sI1pkiR9S2Kn8P9Qk3dJWpeRJutnURtbn4fc2M5HPIBhQuA
sPUsEE1KE6P/WNdwQCPbS3IUf/mDDJAwE7qvotHtAXPqqeWe4Ka12PW/6aOu+CZX
KYS16H3bvHWnAshRQA21pUn4GQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLI8YjH5
eUMHCRxAh2tFka8kBJMrMB8GA1UdIwQYMBaAFEN/807nvHBQychIhqqUzoz1DCT5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODBBMS85MjU2MEE2QTM3
NEQxMUVBQTBBM0JFNTVDNEY5QUUwMi9RM196VHVlOGNGREp5RWlHcXBUT2pQVU1K
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1EzX3pUdWU4Y0ZESnlFaUdxcFRPalBVTUpQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTgwQTEvOTI1NjBBNkEzNzREMTFFQUEwQTNCRTU1QzRGOUFFMDIvQjU0Qzk2RDhF
MThDMTFFQ0IxNjk3RjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniQcwDQYJKoZIhvcNAQELBQADggEBAJlJMNQbr+cXuewy
caoEd14IawTVBnTbKv+7ZcDUUHTVnk0OwMNmgEVAvSDiN2cM7IKQr5+0k3iXmBpU
djnLVzazEExaukm+l/cvIoEqyT1kfOLbXq0xKslkhXyNhTxQ6H9gAnysLGdPAz3e
OEyA3njVL8ZwP7PZAG0aFsWprBEQyAwYmW3ttqDkHgTQ/Xo8000Q0beWYlbSycH1
CdeEWcL8e5cTOYYDTVu/XygIIgOxxwQ0Ahk/4HmclWmL5VB+H5BKH2PBLHL4K9au
dFtvByeNMRA/tKS+F+bi9aguhnL6cx7bestirgpzo0TwR0SJe27FBTwtJ/BtvNbd
uLLRspg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-ams.rpki-client.org