Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91976E2/47C44AD8AE8911EC8A8D3368C4F9AE02/CF9EC74AAE8D11ECA5262871C4F9AE02.roa
File: CF9EC74AAE8D11ECA5262871C4F9AE02.roa (raw, json)
Hash identifier: mjiqiJncPpQ42wNywgHg/fphpISb1GLiyFuR5aZT4Cs=
Subject key identifier: F5:19:14:C1:96:F7:1C:68:4E:B3:32:D5:68:72:18:8B:13:AB:2E:A5
Certificate issuer: /CN=A91976E2/serialNumber=710A2FC723D377BD3AA5FB271A4AE894E57A7454
Certificate serial: 22
Authority key identifier: 71:0A:2F:C7:23:D3:77:BD:3A:A5:FB:27:1A:4A:E8:94:E5:7A:74:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQovxyPTd706pfsnGkrolOV6dFQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91976E2/47C44AD8AE8911EC8A8D3368C4F9AE02/CF9EC74AAE8D11ECA5262871C4F9AE02.roa
Signing time: Tue 12 Apr 2022 17:53:29 +0000
ROA not before: Tue 12 Apr 2022 17:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149658
IP address blocks: 103.185.20.0/23 maxlen: 23
103.185.20.0/24 maxlen: 24
103.185.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91976E2/serialNumber=710A2FC723D377BD3AA5FB271A4AE894E57A7454
Validity
Not Before: Apr 12 17:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6255bc99-5b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9b:56:4a:65:e2:3e:54:49:8b:16:2d:15:d1:
26:1a:eb:2c:0f:95:53:0a:5a:bf:a2:cf:7f:c5:6d:
58:71:a8:d6:c2:23:f2:4a:bc:4e:f8:7c:ab:f2:a1:
d9:49:c9:6f:76:e8:54:32:75:f4:1e:70:47:aa:de:
0d:19:d4:df:d8:4c:e3:cc:a5:7a:10:ad:a1:9d:68:
bb:e2:e8:e3:93:c8:3c:6a:57:77:51:65:33:77:1c:
3c:a4:6f:e5:77:77:56:aa:b8:12:2a:47:af:8d:81:
15:a5:b9:b0:a2:39:e1:78:92:2e:6b:b2:8e:82:0c:
84:aa:f6:1c:79:11:f8:0a:e4:d1:e1:20:6a:d3:93:
57:7e:be:39:0a:c8:ee:d2:5d:2c:b7:9c:da:cd:9e:
b7:70:7f:94:ed:0e:64:f6:25:a0:b3:a9:f6:29:c2:
09:31:10:54:e8:c4:f4:b4:ee:6a:a2:a4:e0:20:af:
97:46:ee:27:51:56:8e:1c:d9:ba:65:1e:81:26:ff:
57:f2:7a:46:27:3d:c5:90:e8:41:8c:db:b2:bb:fd:
ba:cc:7f:04:0b:83:15:cd:13:25:fa:8d:0c:d8:7a:
5c:66:57:28:b4:44:a6:7e:a1:00:45:57:3a:d5:87:
2a:87:13:d4:63:a4:5b:d7:99:fb:97:7e:d3:62:91:
34:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:19:14:C1:96:F7:1C:68:4E:B3:32:D5:68:72:18:8B:13:AB:2E:A5
X509v3 Authority Key Identifier:
keyid:71:0A:2F:C7:23:D3:77:BD:3A:A5:FB:27:1A:4A:E8:94:E5:7A:74:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91976E2/47C44AD8AE8911EC8A8D3368C4F9AE02/cQovxyPTd706pfsnGkrolOV6dFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQovxyPTd706pfsnGkrolOV6dFQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91976E2/47C44AD8AE8911EC8A8D3368C4F9AE02/CF9EC74AAE8D11ECA5262871C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.185.20.0/23
Signature Algorithm: sha256WithRSAEncryption
66:26:90:8d:74:b2:21:e2:98:94:34:72:88:26:18:c6:03:38:
65:f8:0f:23:09:4f:00:6f:8d:aa:36:b0:be:36:3c:e1:d0:cb:
bd:07:36:c2:4e:e2:da:6d:79:d6:f7:30:9a:cf:ae:c7:10:ba:
54:b9:b4:99:62:43:db:1e:66:2f:78:ca:c8:9a:01:10:1f:20:
d2:7f:d7:d9:3c:43:b1:75:a6:96:c5:59:b9:18:4f:f1:22:b6:
06:a8:c4:23:e9:10:48:b8:75:29:ae:40:18:6d:ca:40:4f:ab:
fa:6d:ce:26:22:eb:bf:11:42:c9:8f:87:a2:22:f6:4c:05:6e:
75:fb:51:e5:9f:7c:e3:82:6a:74:04:77:69:64:5f:e1:c8:f1:
99:1b:50:97:a8:b6:62:d4:29:fc:e5:5d:f8:91:0e:28:99:c7:
be:2c:52:73:2d:a4:38:1d:40:13:a9:51:e0:a3:58:7d:f1:a7:
c7:e6:ad:d6:e9:bc:53:2e:b7:56:e4:eb:5a:9a:c7:a9:27:cd:
f9:cf:36:89:c0:e5:f4:f3:25:24:fe:48:fa:42:7c:47:6f:4d:
6a:5f:cc:58:1c:43:cc:73:c7:7c:cc:6b:d3:b1:64:b5:aa:2d:
01:06:a3:ff:d8:c0:36:b5:6c:86:13:57:d1:a1:af:00:93:3f:
03:bf:ed:31
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzZFMjExMC8GA1UEBRMoNzEwQTJGQzcyM0QzNzdCRDNBQTVGQjI3MUE0QUU4OTRF
NTdBNzQ1NDAeFw0yMjA0MTIxNzUzMjlaFw0yMzA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNTViYzk5LTViM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnm1ZKZeI+VEmLFi0V0SYa6ywPlVMKWr+iz3/FbVhxqNbCI/JKvE74fKvyodlJ
yW926FQydfQecEeq3g0Z1N/YTOPMpXoQraGdaLvi6OOTyDxqV3dRZTN3HDykb+V3
d1aquBIqR6+NgRWlubCiOeF4ki5rso6CDISq9hx5EfgK5NHhIGrTk1d+vjkKyO7S
XSy3nNrNnrdwf5TtDmT2JaCzqfYpwgkxEFToxPS07mqipOAgr5dG7idRVo4c2bpl
HoEm/1fyekYnPcWQ6EGM27K7/brMfwQLgxXNEyX6jQzYelxmVyi0RKZ+oQBFVzrV
hyqHE9RjpFvXmfuXftNikTRlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU9RkUwZb3
HGhOszLVaHIYixOrLqUwHwYDVR0jBBgwFoAUcQovxyPTd706pfsnGkrolOV6dFQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3NkUyLzQ3QzQ0QUQ4QUU4
OTExRUM4QThEMzM2OEM0RjlBRTAyL2NRb3Z4eVBUZDcwNnBmc25Ha3JvbE9WNmRG
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvY1Fvdnh5UFRkNzA2cGZzbkdrcm9sT1Y2ZEZRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzZFMi80N0M0NEFEOEFFODkxMUVDOEE4RDMzNjhDNEY5QUUwMi9DRjlFQzc0QUFF
OEQxMUVDQTUyNjI4NzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe5FDANBgkqhkiG9w0BAQsFAAOCAQEAZiaQjXSyIeKYlDRy
iCYYxgM4ZfgPIwlPAG+NqjawvjY84dDLvQc2wk7i2m151vcwms+uxxC6VLm0mWJD
2x5mL3jKyJoBEB8g0n/X2TxDsXWmlsVZuRhP8SK2BqjEI+kQSLh1Ka5AGG3KQE+r
+m3OJiLrvxFCyY+HoiL2TAVudftR5Z9844JqdAR3aWRf4cjxmRtQl6i2YtQp/OVd
+JEOKJnHvixScy2kOB1AE6lR4KNYffGnx+at1um8Uy63VuTrWprHqSfN+c82icDl
9PMlJP5I+kJ8R29Nal/MWBxDzHPHfMxr07FktaotAQaj/9jANrVshhNX0aGvAJM/
A7/tMQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-ams.rpki-client.org