Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/3FDA5554F33711ECB31B9420C4F9AE02.roa
File: 3FDA5554F33711ECB31B9420C4F9AE02.roa (raw, json)
Hash identifier: NCe+MFyaZwX2muJJCODe53u/YcgpymBUylJcv1XRnqg=
Subject key identifier: 72:DB:06:6E:64:E5:E7:DB:12:17:EB:5C:4A:08:A0:97:5F:83:C7:55
Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial: 0A23
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/3FDA5554F33711ECB31B9420C4F9AE02.roa
Signing time: Thu 23 Jun 2022 20:58:36 +0000
ROA not before: Thu 23 Jun 2022 20:58:36 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 134599
IP address blocks: 103.214.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2595 (0xa23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Validity
Not Before: Jun 23 20:58:36 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62b4d3fc-fbfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:28:70:5c:74:08:a6:be:23:8a:e0:a7:db:64:
e6:9b:d8:19:1f:34:da:65:7a:73:27:4b:6a:25:72:
c8:5a:af:6f:33:94:e1:f1:47:39:35:fe:b4:ca:46:
68:2c:c5:54:c0:7f:16:67:36:93:32:82:b7:41:a3:
60:52:09:25:ad:50:5e:da:02:6d:68:1a:67:aa:ea:
66:45:c8:00:7a:03:a0:2f:08:c1:36:82:85:6a:54:
b4:db:8f:25:6e:d8:3a:2e:81:1f:d0:b7:a9:33:8a:
c0:a6:6e:50:cf:64:c5:8d:fc:6a:4a:3d:bd:b2:d1:
64:e6:80:ea:f3:fb:ca:f3:00:34:de:f9:66:01:8f:
0e:1a:73:e7:e7:8b:cc:c8:ab:ec:46:81:cf:d7:4b:
7a:cb:ae:1f:0d:27:88:30:ec:ea:25:92:e2:f8:dd:
28:bc:e0:42:90:b6:78:c1:5e:56:68:88:58:e2:90:
83:90:1f:1f:a3:0a:7d:51:97:fe:f0:fc:6f:b5:77:
01:45:c3:c5:7d:03:9a:f3:26:da:5b:c8:9c:89:76:
ac:d6:17:6f:3c:28:78:d9:5a:b2:ea:8e:6f:79:02:
26:02:2f:5c:aa:9c:86:6b:17:e4:4f:12:99:b9:8b:
3c:62:0c:49:0a:90:d3:09:eb:ab:8b:bf:b2:80:67:
de:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DB:06:6E:64:E5:E7:DB:12:17:EB:5C:4A:08:A0:97:5F:83:C7:55
X509v3 Authority Key Identifier:
keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/3FDA5554F33711ECB31B9420C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.203.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:17:b8:fb:e9:6f:c6:3a:fc:64:40:27:3e:78:07:32:4c:a0:
0d:17:54:40:2d:3a:1b:f3:82:cd:36:71:e0:f5:8d:ed:e4:c6:
f5:1d:b7:a1:fe:fe:46:10:c9:4e:fb:82:77:4a:24:58:28:36:
b8:d7:2f:2f:ac:3e:79:17:e8:f3:82:f4:c4:12:bf:ed:81:71:
c5:5b:29:37:e3:c3:5a:19:1c:bd:46:f5:85:1c:65:8b:10:c4:
ba:60:52:7e:6a:d3:49:1f:11:5c:fe:b8:69:32:df:ab:a8:9c:
12:9a:68:8d:ce:ce:db:8a:68:3b:c6:dc:63:28:03:6c:9e:05:
08:53:74:9d:3c:e7:c0:77:6a:c5:47:fb:25:bd:60:eb:5f:16:
67:57:6b:6f:d8:c1:a0:f3:a1:5c:1b:94:e6:ef:c9:28:ea:44:
99:73:7d:d6:a2:38:11:60:d3:7a:a6:3d:0d:85:70:62:0d:1d:
4c:af:cc:62:74:d5:98:54:b3:e3:c8:d7:7b:d3:bd:6d:92:88:
5e:7d:b0:45:7b:06:be:b4:45:f5:9c:c1:3c:88:10:c5:7f:07:
15:76:06:a8:d9:69:51:b9:dd:1e:ce:d0:3b:90:f0:1b:66:44:
d5:df:81:03:61:f9:5a:5c:8f:e3:b0:cb:5e:ea:93:2b:f7:9c:
10:f9:89:23
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjIwNjIzMjA1ODM2WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmI0ZDNmYy1mYmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuihwXHQIpr4jiuCn22Tmm9gZHzTaZXpzJ0tqJXLIWq9vM5Th8Uc5Nf60ykZo
LMVUwH8WZzaTMoK3QaNgUgklrVBe2gJtaBpnqupmRcgAegOgLwjBNoKFalS0248l
btg6LoEf0LepM4rApm5Qz2TFjfxqSj29stFk5oDq8/vK8wA03vlmAY8OGnPn54vM
yKvsRoHP10t6y64fDSeIMOzqJZLi+N0ovOBCkLZ4wV5WaIhY4pCDkB8fowp9UZf+
8PxvtXcBRcPFfQOa8ybaW8iciXas1hdvPCh42Vqy6o5veQImAi9cqpyGaxfkTxKZ
uYs8YgxJCpDTCeuri7+ygGfeOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHLbBm5k
5efbEhfrXEoIoJdfg8dVMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvM0ZEQTU1NTRG
MzM3MTFFQ0IzMUI5NDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn1sswDQYJKoZIhvcNAQELBQADggEBAJ4XuPvpb8Y6/GRA
Jz54BzJMoA0XVEAtOhvzgs02ceD1je3kxvUdt6H+/kYQyU77gndKJFgoNrjXLy+s
PnkX6POC9MQSv+2BccVbKTfjw1oZHL1G9YUcZYsQxLpgUn5q00kfEVz+uGky36uo
nBKaaI3OztuKaDvG3GMoA2yeBQhTdJ0858B3asVH+yW9YOtfFmdXa2/YwaDzoVwb
lObvySjqRJlzfdaiOBFg03qmPQ2FcGINHUyvzGJ01ZhUs+PI13vTvW2SiF59sEV7
Br60RfWcwTyIEMV/BxV2BqjZaVG53R7O0DuQ8BtmRNXfgQNh+Vpcj+Owy17qkyv3
nBD5iSM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-ams.rpki-client.org