Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/6571BF7A8A3911ED93F4BA70C4F9AE02.roa
File: 6571BF7A8A3911ED93F4BA70C4F9AE02.roa (raw, json)
Hash identifier: vaA5HnhaUOwVmKdBkkpH6hcidD1AqPicZkbNF9ug9zU=
Subject key identifier: 14:8E:FD:86:FA:01:B3:77:E0:84:35:B3:27:D0:90:C5:5A:3D:4E:57
Certificate issuer: /CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Certificate serial: AB
Authority key identifier: CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/6571BF7A8A3911ED93F4BA70C4F9AE02.roa
Signing time: Mon 02 Jan 2023 01:04:24 +0000
ROA not before: Mon 02 Jan 2023 01:04:24 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 211432
IP address blocks: 103.102.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171 (0xab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Validity
Not Before: Jan 2 01:04:24 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63b22d98-94e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:20:b2:e5:c7:ca:a0:15:34:de:b6:6b:18:
92:56:e5:37:da:d6:a8:7d:b6:eb:5a:d9:6c:97:96:
6c:de:62:54:94:24:f4:ec:19:f6:90:24:ac:de:3b:
54:e7:12:0f:b3:b6:99:ef:eb:97:80:0f:a9:f0:cb:
bc:cf:1b:97:61:63:97:1d:1d:fe:5b:a0:2f:c2:45:
98:fd:a2:67:9f:74:4d:0d:cc:ff:82:34:69:2c:2a:
a0:da:33:e2:75:1c:e9:54:e1:c4:67:47:b7:85:8d:
1d:1a:07:4a:fb:4d:ac:72:92:d9:fe:c1:f6:45:4a:
6f:94:32:bd:3d:d2:e4:bc:00:54:95:4c:2c:94:cf:
d1:2d:11:6b:50:a6:26:0d:94:8d:a8:4d:9f:46:2d:
78:29:38:74:cb:5d:a3:07:a3:64:1a:00:e1:12:ee:
79:d0:f6:47:aa:49:1f:c8:3f:9a:bb:23:80:40:61:
04:f7:94:db:25:85:fc:1b:8d:37:8b:0d:32:e1:59:
8a:bd:cc:e2:b3:d8:a9:47:10:df:48:f9:24:50:ca:
58:c9:73:8d:d5:08:c3:f8:ba:0d:62:e1:f9:21:81:
37:d2:4f:b8:31:97:1c:46:94:85:c6:d3:ef:8b:2b:
6f:84:63:93:c4:3a:18:72:6b:88:83:03:d0:19:9e:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8E:FD:86:FA:01:B3:77:E0:84:35:B3:27:D0:90:C5:5A:3D:4E:57
X509v3 Authority Key Identifier:
keyid:CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/ypDU0hJfAza1OY7gmXcpby5AkrQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/6571BF7A8A3911ED93F4BA70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.125.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:7d:ae:2f:f3:1d:f7:78:56:be:ac:d9:be:91:d5:14:8f:33:
cd:09:ee:b6:64:51:76:21:49:6e:dd:13:ce:65:8f:f7:b3:6e:
3f:a2:66:b0:c6:b3:78:1f:8d:6b:5a:b0:96:24:39:7e:e0:1d:
62:88:1e:c6:83:28:b9:a5:65:0c:a4:57:d7:8e:a3:4d:72:96:
7d:5e:cb:64:5b:d5:4e:32:ba:23:2d:0a:5f:fa:8e:41:1b:b6:
00:3d:7f:69:7c:7e:6f:fb:a8:c4:9c:cd:08:69:48:c8:a7:4f:
4e:6e:3d:47:81:62:59:a0:74:d6:67:6b:e2:58:43:89:96:44:
62:37:78:74:ff:7b:7b:14:00:f0:5a:c2:b1:e1:96:64:7c:4f:
45:43:84:cc:c5:98:6f:44:f3:21:19:42:8b:8e:d1:79:10:8b:
be:7e:d0:fb:5b:ff:04:9f:f4:39:94:74:e6:b9:4b:fa:43:8f:
e0:94:2e:fd:e5:44:41:db:4f:28:d5:19:a4:8f:61:a0:26:38:
f4:f1:a5:0b:13:37:0d:6f:2c:3d:71:9e:a1:19:ef:fc:2c:ca:
d6:71:f1:79:ff:01:09:15:7b:ec:8d:a6:7f:b3:e4:a3:22:35:
42:24:7a:7d:3e:4d:cd:da:52:88:4d:df:6a:df:09:ed:c8:63:
0a:a2:7b:55
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTgwRDIxMTAvBgNVBAUTKENBOTBENEQyMTI1RjAzMzZCNTM5OEVFMDk5NzcyOTZG
MkU0MDkyQjQwHhcNMjMwMTAyMDEwNDI0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IyMmQ5OC05NGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp7wgsuXHyqAVNN62axiSVuU32taofbbrWtlsl5Zs3mJUlCT07Bn2kCSs3jtU
5xIPs7aZ7+uXgA+p8Mu8zxuXYWOXHR3+W6AvwkWY/aJnn3RNDcz/gjRpLCqg2jPi
dRzpVOHEZ0e3hY0dGgdK+02scpLZ/sH2RUpvlDK9PdLkvABUlUwslM/RLRFrUKYm
DZSNqE2fRi14KTh0y12jB6NkGgDhEu550PZHqkkfyD+auyOAQGEE95TbJYX8G403
iw0y4VmKvczis9ipRxDfSPkkUMpYyXON1QjD+LoNYuH5IYE30k+4MZccRpSFxtPv
iytvhGOTxDoYcmuIgwPQGZ7v6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBSO/Yb6
AbN34IQ1syfQkMVaPU5XMB8GA1UdIwQYMBaAFMqQ1NISXwM2tTmO4Jl3KW8uQJK0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODBEMi9FQkMxQUMyQzE4
NEYxMUVEQURCQzNDNjVDNEY5QUUwMi95cERVMGhKZkF6YTFPWTdnbVhjcGJ5NUFr
clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lwRFUwaEpmQXphMU9ZN2dtWGNwYnk1QWtyUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTgwRDIvRUJDMUFDMkMxODRGMTFFREFEQkMzQzY1QzRGOUFFMDIvNjU3MUJGN0E4
QTM5MTFFRDkzRjRCQTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZn0wDQYJKoZIhvcNAQELBQADggEBAMZ9ri/zHfd4Vr6s
2b6R1RSPM80J7rZkUXYhSW7dE85lj/ezbj+iZrDGs3gfjWtasJYkOX7gHWKIHsaD
KLmlZQykV9eOo01yln1ey2Rb1U4yuiMtCl/6jkEbtgA9f2l8fm/7qMSczQhpSMin
T05uPUeBYlmgdNZna+JYQ4mWRGI3eHT/e3sUAPBawrHhlmR8T0VDhMzFmG9E8yEZ
QouO0XkQi75+0Ptb/wSf9DmUdOa5S/pDj+CULv3lREHbTyjVGaSPYaAmOPTxpQsT
Nw1vLD1xnqEZ7/wsytZx8Xn/AQkVe+yNpn+z5KMiNUIken0+Tc3aUohN32rfCe3I
Ywqie1U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org