Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/67FD60C87AD011EDBB0E666BC4F9AE02.roa
File: 67FD60C87AD011EDBB0E666BC4F9AE02.roa (raw, json)
Hash identifier: wA0uTQ4ijfHD+SCh9rLUaQmkAr2ab00AwSd3t9JGhaY=
Subject key identifier: FA:6F:FB:DA:9E:81:53:C9:66:81:80:86:0C:92:81:B7:24:EB:45:0A
Certificate issuer: /CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Certificate serial: 06
Authority key identifier: 02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/67FD60C87AD011EDBB0E666BC4F9AE02.roa
Signing time: Tue 13 Dec 2022 10:25:04 +0000
ROA not before: Tue 13 Dec 2022 10:25:04 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 149280
IP address blocks: 103.52.34.0/24 maxlen: 24
103.52.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Validity
Not Before: Dec 13 10:25:04 2022 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=639852ff-23c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:26:7f:a1:d6:43:65:c6:a2:ab:a3:dc:53:e2:
56:88:9d:90:af:c7:f5:4c:93:29:58:da:40:47:d4:
37:af:a2:f0:75:be:87:68:44:29:1d:57:57:75:79:
31:19:8a:74:07:09:09:4e:72:7e:93:fe:b9:6c:52:
ca:5a:46:b7:f8:4b:a4:70:d2:59:ba:d5:97:ad:2a:
ea:d2:cd:8d:73:88:79:61:df:43:d9:8c:eb:da:3e:
2a:68:8e:2d:7f:5d:dc:c4:28:e8:7f:22:9c:fd:9d:
16:a9:07:e4:f3:bd:1e:06:d1:6d:5a:b6:50:31:ae:
e6:c5:18:4b:e0:40:ef:23:44:bc:84:4f:2d:75:60:
5f:95:fe:c8:d0:72:b6:f5:8a:b5:43:9f:07:04:b8:
76:ff:c1:f9:9f:4c:9c:ba:dc:88:28:2e:e3:db:59:
bf:a8:1f:33:23:1b:73:3b:20:ac:0e:ef:24:b6:64:
da:6a:94:03:5d:65:3d:96:dc:6b:5c:a2:a9:1a:41:
03:af:e4:b7:06:8f:5e:16:22:65:61:4e:86:ab:39:
e2:76:7a:26:05:75:17:15:19:1e:0c:86:76:77:c1:
bb:56:55:0a:ea:ce:51:5d:b7:70:19:3f:c7:d0:6b:
26:a1:b6:b5:38:ef:82:a0:c2:bf:41:6e:70:d9:e4:
0d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6F:FB:DA:9E:81:53:C9:66:81:80:86:0C:92:81:B7:24:EB:45:0A
X509v3 Authority Key Identifier:
keyid:02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/AkIpyBrDU1oh1g4twyqbiL1q2B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/67FD60C87AD011EDBB0E666BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.52.34.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:1d:1a:eb:db:d1:03:b1:43:cf:76:0c:45:69:03:26:fb:21:
d2:d5:d3:42:45:c8:c7:d0:71:88:f7:ee:19:2f:a2:27:9c:2d:
8a:82:3c:6b:24:05:49:0c:ee:09:ff:8b:3f:e7:91:2b:76:d3:
10:9c:60:1a:e9:5b:c7:a4:2f:92:77:ad:89:51:00:48:49:9a:
65:2f:ba:7c:20:ab:88:b8:37:9f:15:3f:26:33:2e:83:59:d6:
d5:b0:90:2e:5e:f5:ab:ef:0f:4b:e3:9e:60:d4:4e:82:0e:93:
90:03:3e:a4:68:9f:8a:c1:83:74:fb:47:76:5f:1f:2e:71:5c:
ac:d7:81:7a:82:c7:c4:c0:51:6c:46:cc:9b:c3:0d:23:18:72:
c2:cd:20:b4:a4:c2:51:d5:34:64:d0:cc:81:ab:b8:96:76:bd:
4c:4b:e9:7c:24:6f:d6:78:45:cf:c2:1a:73:b7:87:17:ef:6b:
c9:85:7a:ff:2e:f3:9f:15:24:f9:66:f4:8f:24:8c:d5:8d:ba:
87:8e:79:8c:d4:8f:63:9c:ca:e4:71:7e:a2:59:fb:b9:6a:7c:
b4:71:12:ee:f5:07:b5:c8:03:65:16:cd:09:08:5c:38:e2:91:
5a:78:74:20:bb:34:98:9b:9d:cb:bc:60:2b:bf:e2:af:f4:ba:
77:19:65:01
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MDg0ODExMC8GA1UEBRMoMDI0MjI5QzgxQUMzNTM1QTIxRDYwRTJEQzMyQTlCODhC
RDZBRDgxRjAeFw0yMjEyMTMxMDI1MDRaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTg1MmZmLTIzYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIJn+h1kNlxqKro9xT4laInZCvx/VMkylY2kBH1DevovB1vodoRCkdV1d1eTEZ
inQHCQlOcn6T/rlsUspaRrf4S6Rw0lm61ZetKurSzY1ziHlh30PZjOvaPipoji1/
XdzEKOh/Ipz9nRapB+TzvR4G0W1atlAxrubFGEvgQO8jRLyETy11YF+V/sjQcrb1
irVDnwcEuHb/wfmfTJy63IgoLuPbWb+oHzMjG3M7IKwO7yS2ZNpqlANdZT2W3Gtc
oqkaQQOv5LcGj14WImVhToarOeJ2eiYFdRcVGR4MhnZ3wbtWVQrqzlFdt3AZP8fQ
ayahtrU474Kgwr9BbnDZ5A1JAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+m/72p6B
U8lmgYCGDJKBtyTrRQowHwYDVR0jBBgwFoAUAkIpyBrDU1oh1g4twyqbiL1q2B8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwODQ4LzY0RDhCMURFNzdF
NDExRUQ5N0Y1OTM0REM0RjlBRTAyL0FrSXB5QnJEVTFvaDFnNHR3eXFiaUwxcTJC
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQWtJcHlCckRVMW9oMWc0dHd5cWJpTDFxMkI4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MDg0OC82NEQ4QjFERTc3RTQxMUVEOTdGNTkzNERDNEY5QUUwMi82N0ZENjBDODdB
RDAxMUVEQkIwRTY2NkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWc0IjANBgkqhkiG9w0BAQsFAAOCAQEAxx0a69vRA7FDz3YM
RWkDJvsh0tXTQkXIx9BxiPfuGS+iJ5wtioI8ayQFSQzuCf+LP+eRK3bTEJxgGulb
x6QvknetiVEASEmaZS+6fCCriLg3nxU/JjMug1nW1bCQLl71q+8PS+OeYNROgg6T
kAM+pGifisGDdPtHdl8fLnFcrNeBeoLHxMBRbEbMm8MNIxhyws0gtKTCUdU0ZNDM
gau4lna9TEvpfCRv1nhFz8Iac7eHF+9ryYV6/y7znxUk+Wb0jySM1Y26h455jNSP
Y5zK5HF+oln7uWp8tHES7vUHtcgDZRbNCQhcOOKRWnh0ILs0mJudy7xgK7/ir/S6
dxllAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org