Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E9398E303D9A11EA9606E13AC4F9AE02.roa
File: E9398E303D9A11EA9606E13AC4F9AE02.roa (raw, json)
Hash identifier: 9qnMx+RXL/Y/jQmoa+U1y/hUTOTpPONVQyI7vNLW6eo=
Subject key identifier: 07:72:61:03:93:30:65:38:7F:0C:72:42:B0:28:A8:DB:1E:4B:D9:9F
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 04BF
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E9398E303D9A11EA9606E13AC4F9AE02.roa
Signing time: Mon 01 Mar 2021 09:14:51 +0000
ROA not before: Mon 01 Mar 2021 09:14:51 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 2519
IP address blocks: 43.249.240.0/22 maxlen: 22
103.7.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1215 (0x4bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Mar 1 09:14:51 2021 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=603cb08a-00ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b5:66:84:de:61:4c:4a:ec:60:af:51:6d:47:
e7:c0:8c:22:6c:ee:36:83:20:7f:4b:42:1b:d1:10:
9d:8d:c9:23:4c:68:0e:40:d4:49:37:e7:43:72:46:
9e:18:ce:a4:d0:4e:2c:7f:0c:74:5f:34:71:3e:9a:
f4:88:6e:e5:8a:93:fd:7e:c8:47:e8:8c:37:b7:e2:
1d:95:9d:95:db:14:1c:40:d9:84:d2:cc:4f:f3:84:
c9:26:59:31:69:4b:af:de:f2:d8:60:03:fe:3e:34:
0d:eb:39:d9:c2:c9:16:a9:3c:e7:4f:a0:8b:30:f9:
1b:e3:f5:ea:2a:b4:26:9a:52:0c:c3:8f:df:7d:72:
7f:0c:e6:ae:87:2c:d9:84:65:d1:cc:91:d3:d6:f5:
b8:8a:8c:47:9e:e7:7c:3e:af:f9:25:e2:3a:8a:22:
ba:2b:83:82:b7:c4:3e:f9:da:6b:ee:81:8f:64:e2:
bd:9a:51:b8:ed:9d:a2:2f:f1:af:70:72:52:1a:bd:
0d:c4:f3:5f:e0:07:1e:89:5f:ee:da:3e:7b:dd:de:
ce:55:ed:a1:fe:b1:fd:58:54:7f:95:18:dc:36:8b:
8b:e4:0a:c4:94:b0:bf:50:db:99:a9:83:7e:bc:40:
7e:52:ba:f6:c9:14:4f:b9:fb:d1:fb:d2:f8:84:87:
ca:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:72:61:03:93:30:65:38:7F:0C:72:42:B0:28:A8:DB:1E:4B:D9:9F
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E9398E303D9A11EA9606E13AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.240.0/22
103.7.116.0/22
Signature Algorithm: sha256WithRSAEncryption
04:ee:8d:d8:45:71:cb:69:c0:1a:d5:a9:a3:83:77:e7:97:6b:
d2:35:7c:3c:95:29:27:c1:b7:c2:a2:ff:f1:31:94:c4:d8:b4:
5a:fa:b9:8e:db:cf:c2:34:f4:80:c0:1f:1a:6e:8e:36:01:8e:
ea:a7:95:33:b2:f3:fd:dd:da:b2:66:72:3c:f4:98:20:4b:9e:
a3:8a:95:af:e6:ab:c2:3f:88:29:fd:0d:b8:ab:74:42:a2:71:
8e:ad:57:06:ff:5d:9e:bd:f5:34:e7:72:cb:a1:87:2d:2f:97:
e6:c7:87:d7:d3:7b:0e:0a:54:d1:e6:77:e1:7c:89:45:00:6d:
7e:b9:a5:b8:ff:72:43:37:d0:c4:f6:f1:52:e5:41:c2:4e:67:
7d:25:96:b7:eb:78:c6:c3:09:7e:dc:28:31:ca:df:08:fd:6f:
fe:c6:9e:fb:73:9a:75:bf:a7:47:78:c0:e8:60:fa:15:3f:5c:
e9:1f:23:e5:2b:71:a3:87:68:d0:42:dc:f1:e7:aa:85:5a:f4:
54:0e:6b:b8:bd:18:8e:38:4e:32:12:db:b3:b7:bd:04:66:e3:
6f:cf:de:1c:28:7b:be:5c:f0:e5:dc:ed:5f:71:0d:1c:e5:6a:
18:54:f2:a7:ea:9e:74:8d:23:4e:16:e1:f5:c0:2f:7d:f2:c0:
d3:c6:2b:fe
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjEwMzAxMDkxNDUxWhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MDNjYjA4YS0wMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvLVmhN5hTErsYK9RbUfnwIwibO42gyB/S0Ib0RCdjckjTGgOQNRJN+dDckae
GM6k0E4sfwx0XzRxPpr0iG7lipP9fshH6Iw3t+IdlZ2V2xQcQNmE0sxP84TJJlkx
aUuv3vLYYAP+PjQN6znZwskWqTznT6CLMPkb4/XqKrQmmlIMw4/ffXJ/DOauhyzZ
hGXRzJHT1vW4ioxHnud8Pq/5JeI6iiK6K4OCt8Q++dpr7oGPZOK9mlG47Z2iL/Gv
cHJSGr0NxPNf4AceiV/u2j573d7OVe2h/rH9WFR/lRjcNouL5ArElLC/UNuZqYN+
vEB+Urr2yRRPufvR+9L4hIfKnwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAdyYQOT
MGU4fwxyQrAoqNseS9mfMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvRTkzOThFMzAz
RDlBMTFFQTk2MDZFMTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr+fADBAJnB3QwDQYJKoZIhvcNAQELBQADggEBAATujdhF
cctpwBrVqaODd+eXa9I1fDyVKSfBt8Ki//ExlMTYtFr6uY7bz8I09IDAHxpujjYB
juqnlTOy8/3d2rJmcjz0mCBLnqOKla/mq8I/iCn9DbirdEKicY6tVwb/XZ699TTn
csuhhy0vl+bHh9fTew4KVNHmd+F8iUUAbX65pbj/ckM30MT28VLlQcJOZ30llrfr
eMbDCX7cKDHK3wj9b/7GnvtzmnW/p0d4wOhg+hU/XOkfI+UrcaOHaNBC3PHnqoVa
9FQOa7i9GI44TjIS27O3vQRm42/P3hwoe75c8OXc7V9xDRzlahhU8qfqnnSNI04W
4fXAL33ywNPGK/4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org