Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/39766FFE4F4E11EDB169BF33C4F9AE02.roa
File: 39766FFE4F4E11EDB169BF33C4F9AE02.roa (raw, json)
Hash identifier: +odAyLb11FePOPL3iQz+nqaYDod8SrjCXO0XERDsww0=
Subject key identifier: 2D:AD:26:C4:EA:2A:DF:FC:31:A8:80:AE:3E:B9:19:4F:D2:61:02:F8
Certificate issuer: /CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Certificate serial: 78
Authority key identifier: CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/39766FFE4F4E11EDB169BF33C4F9AE02.roa
Signing time: Wed 19 Oct 2022 01:34:51 +0000
ROA not before: Wed 19 Oct 2022 01:34:51 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 17447
IP address blocks: 103.102.125.0/24 maxlen: 24
103.102.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Validity
Not Before: Oct 19 01:34:51 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=634f543b-3e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:00:b1:a0:0b:29:f6:be:94:56:c0:3d:6c:ec:
76:a0:5b:ec:f0:4d:7f:f8:76:b2:a1:69:d1:de:b3:
ce:c2:77:f8:2d:dd:03:9e:5f:b6:b7:4d:74:29:a6:
7a:0f:cc:a6:4c:12:e1:5e:ac:36:99:e7:99:77:b9:
5a:16:7e:45:bc:80:41:7c:8c:5f:07:db:11:58:51:
82:d3:bd:9b:a5:26:a8:0b:60:30:7d:e7:0d:41:83:
13:2e:b6:e9:5d:94:5f:87:b2:ad:8c:a7:70:6b:37:
30:29:1c:46:e4:e4:c7:14:a4:28:09:89:4f:29:df:
2b:8b:32:a0:a8:2b:dd:03:5c:4d:49:00:f9:02:f3:
83:08:a7:8e:0f:0f:19:98:f8:43:82:ed:9b:8a:79:
d4:45:ef:8f:87:8b:f7:98:42:9e:c9:53:18:40:23:
c1:ba:81:b3:a6:cd:c9:67:40:66:27:27:de:b7:ad:
95:02:94:09:e8:2d:4a:34:b3:ed:b6:76:e1:3f:2c:
8c:d9:f5:f5:ca:af:fd:d6:77:00:8f:63:05:02:80:
33:e4:40:dd:a5:21:f9:da:99:e4:6e:e6:bd:b5:68:
a1:d9:33:23:bc:dc:22:d9:63:c2:b6:e6:2f:ef:c6:
79:d0:46:52:6f:0b:05:7b:69:a9:f5:b6:7b:c5:d2:
d9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:AD:26:C4:EA:2A:DF:FC:31:A8:80:AE:3E:B9:19:4F:D2:61:02:F8
X509v3 Authority Key Identifier:
keyid:CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/ypDU0hJfAza1OY7gmXcpby5AkrQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/39766FFE4F4E11EDB169BF33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.125.0-103.102.126.255
Signature Algorithm: sha256WithRSAEncryption
b9:01:52:10:64:d7:83:82:fb:07:09:5c:ad:2a:7f:dc:19:12:
2d:94:56:6f:ec:cd:a0:b3:85:bd:fe:ec:f7:81:31:9c:9b:c2:
ee:df:1e:75:48:63:c2:8c:e9:57:64:5b:3a:9a:49:58:e3:45:
57:63:a1:b4:29:2c:fb:81:01:53:ab:5c:78:b0:86:59:83:8b:
78:5e:45:7a:9a:0f:f8:20:31:29:c1:03:60:6e:8f:57:79:da:
0a:02:39:a9:6c:4f:c4:de:1f:25:bd:b6:ee:9d:d3:5d:b7:b0:
3d:d8:ad:bf:84:ca:29:bb:ef:eb:ba:48:ea:c1:1d:9e:69:63:
46:af:ad:f4:59:48:be:18:83:f9:74:5e:85:32:93:b9:29:da:
c2:d0:ea:25:75:46:32:e2:f8:cc:75:d6:b2:a9:94:f8:bd:0c:
e6:fe:ca:72:04:4d:1e:04:fc:3c:6d:7c:f6:61:bd:c5:9a:ac:
bf:b6:1c:e3:30:da:0e:bf:cc:cf:f3:a4:04:83:f2:05:04:90:
22:fe:f9:a2:a1:e2:00:f6:59:8e:e5:f4:c0:2a:b5:14:e8:5c:
4d:41:f6:de:8f:87:49:b6:2e:57:50:aa:fe:e8:14:c3:d6:06:
cf:bb:a0:63:5d:af:1d:c6:8f:31:c6:23:b6:01:db:27:99:a9:
a0:db:e6:9d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODBEMjExMC8GA1UEBRMoQ0E5MEQ0RDIxMjVGMDMzNkI1Mzk4RUUwOTk3NzI5NkYy
RTQwOTJCNDAeFw0yMjEwMTkwMTM0NTFaFw0yMzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNGY1NDNiLTNlNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOALGgCyn2vpRWwD1s7HagW+zwTX/4drKhadHes87Cd/gt3QOeX7a3TXQppnoP
zKZMEuFerDaZ55l3uVoWfkW8gEF8jF8H2xFYUYLTvZulJqgLYDB95w1BgxMutuld
lF+Hsq2Mp3BrNzApHEbk5McUpCgJiU8p3yuLMqCoK90DXE1JAPkC84MIp44PDxmY
+EOC7ZuKedRF74+Hi/eYQp7JUxhAI8G6gbOmzclnQGYnJ963rZUClAnoLUo0s+22
duE/LIzZ9fXKr/3WdwCPYwUCgDPkQN2lIfnameRu5r21aKHZMyO83CLZY8K25i/v
xnnQRlJvCwV7aan1tnvF0tlfAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQULa0mxOoq
3/wxqICuPrkZT9JhAvgwHwYDVR0jBBgwFoAUypDU0hJfAza1OY7gmXcpby5AkrQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4MEQyL0VCQzFBQzJDMTg0
RjExRURBREJDM0M2NUM0RjlBRTAyL3lwRFUwaEpmQXphMU9ZN2dtWGNwYnk1QWty
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveXBEVTBoSmZBemExT1k3Z21YY3BieTVBa3JRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODBEMi9FQkMxQUMyQzE4NEYxMUVEQURCQzNDNjVDNEY5QUUwMi8zOTc2NkZGRTRG
NEUxMUVEQjE2OUJGMzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAZ2Z9AwQAZ2Z+MA0GCSqGSIb3DQEBCwUAA4IBAQC5AVIQ
ZNeDgvsHCVytKn/cGRItlFZv7M2gs4W9/uz3gTGcm8Lu3x51SGPCjOlXZFs6mklY
40VXY6G0KSz7gQFTq1x4sIZZg4t4XkV6mg/4IDEpwQNgbo9XedoKAjmpbE/E3h8l
vbbundNdt7A92K2/hMopu+/rukjqwR2eaWNGr630WUi+GIP5dF6FMpO5KdrC0Ool
dUYy4vjMddayqZT4vQzm/spyBE0eBPw8bXz2Yb3Fmqy/thzjMNoOv8zP86QEg/IF
BJAi/vmioeIA9lmO5fTAKrUU6FxNQfbej4dJti5XUKr+6BTD1gbPu6BjXa8dxo8x
xiO2Adsnmamg2+ad
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org