Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE567/E67994DE8FF411EC90472F7DC4F9AE02/DD7E2ECC8FF811ECA9DCDE82C4F9AE02.roa
File: DD7E2ECC8FF811ECA9DCDE82C4F9AE02.roa (raw, json)
Hash identifier: NZjZZTTa1S8CiZKJyj3rP6Jkk41dAlcMJDXViYSsNUc=
Subject key identifier: 2D:6D:1D:3F:FA:9B:B0:D1:18:2F:8B:7B:0B:46:32:8E:8E:DE:A8:25
Certificate issuer: /CN=A91AE567/serialNumber=FB4AB5A9A4DC37BBD65E61E42A4256CF951B8C73
Certificate serial: 02
Authority key identifier: FB:4A:B5:A9:A4:DC:37:BB:D6:5E:61:E4:2A:42:56:CF:95:1B:8C:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0q1qaTcN7vWXmHkKkJWz5UbjHM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE567/E67994DE8FF411EC90472F7DC4F9AE02/DD7E2ECC8FF811ECA9DCDE82C4F9AE02.roa
Signing time: Thu 17 Feb 2022 13:52:37 +0000
ROA not before: Thu 17 Feb 2022 13:52:37 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 149484
IP address blocks: 103.180.242.0/24 maxlen: 24
103.180.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE567/serialNumber=FB4AB5A9A4DC37BBD65E61E42A4256CF951B8C73
Validity
Not Before: Feb 17 13:52:37 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=620e5325-f33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:87:92:f6:02:13:a0:21:9b:bf:ba:56:58:db:
78:49:54:08:63:3b:8d:41:6a:38:20:14:1f:5b:9f:
9e:7a:2b:bd:58:40:02:f9:86:62:fe:34:7e:e0:64:
96:30:65:b9:8d:aa:77:20:27:ef:81:4b:25:40:61:
2d:99:14:69:6b:ae:c3:49:7b:de:70:3c:17:ff:58:
c2:40:0b:b9:91:c2:59:40:b9:4a:aa:b2:fe:80:6d:
78:af:3f:43:8d:d9:dd:00:c4:e6:24:d1:95:a4:47:
62:01:c1:b6:66:a6:af:bf:e3:9c:f9:4d:63:e7:c1:
37:41:fb:a2:97:db:a1:63:31:cc:50:54:57:f7:3a:
e5:77:e4:5b:21:4a:22:01:47:48:14:86:9b:95:ab:
d9:ac:13:5f:f2:d8:b7:05:2f:7d:59:32:40:40:27:
bc:49:c4:d0:52:e6:8f:04:5a:8e:8c:7d:a8:8f:78:
ce:54:eb:06:1c:6a:d4:52:7b:9b:2d:c1:9f:13:87:
83:8e:6f:d6:78:06:ca:4b:8c:f7:b6:b5:ce:c8:f7:
e9:34:78:c0:2d:0b:a8:8b:a3:8f:82:b8:71:78:32:
04:50:cd:a7:52:8a:12:b6:cb:c4:56:8c:d5:c3:41:
a6:db:2d:df:84:0d:1a:09:2b:22:6c:e8:89:b7:b0:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6D:1D:3F:FA:9B:B0:D1:18:2F:8B:7B:0B:46:32:8E:8E:DE:A8:25
X509v3 Authority Key Identifier:
keyid:FB:4A:B5:A9:A4:DC:37:BB:D6:5E:61:E4:2A:42:56:CF:95:1B:8C:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE567/E67994DE8FF411EC90472F7DC4F9AE02/-0q1qaTcN7vWXmHkKkJWz5UbjHM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0q1qaTcN7vWXmHkKkJWz5UbjHM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE567/E67994DE8FF411EC90472F7DC4F9AE02/DD7E2ECC8FF811ECA9DCDE82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.242.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:26:89:6e:ec:33:9d:59:db:b9:1a:35:58:c0:d7:93:ab:81:
6c:0d:a3:87:61:a1:2a:49:69:bc:ff:10:19:83:04:22:04:49:
9b:a2:ee:96:c0:97:ce:87:f0:14:63:10:a5:cf:b4:e5:7f:e8:
f2:90:12:a8:a5:15:f9:d4:f6:16:2c:e9:b8:65:26:4f:17:89:
88:49:53:ed:21:db:df:5a:c8:2a:24:80:d7:ac:a7:2a:51:cb:
31:8e:fb:5f:3b:6a:29:56:59:f0:62:d9:2f:a1:08:82:bd:d9:
7f:b2:16:62:fe:0c:42:ac:09:1a:29:5d:84:4c:a4:6f:83:a0:
ee:33:75:f7:2b:7c:9e:8e:34:13:81:bc:d1:5b:fa:dc:d1:20:
f2:ab:85:57:9c:3f:76:49:f8:da:91:8e:09:3f:7b:ea:1a:07:
42:d4:84:0e:06:49:6b:a3:fe:3e:85:c5:9a:b4:a0:db:c1:9e:
7c:9e:41:cc:cd:e2:82:23:13:b1:78:8e:ea:3a:d2:23:bb:13:
ec:dc:f7:a2:13:35:dd:17:9f:99:81:c6:6e:88:bf:dd:7d:13:
fc:3b:5f:1b:aa:4f:24:83:39:45:2e:7a:92:e2:9b:5c:90:31:
d3:b0:82:4f:a4:dc:bc:2a:a5:8e:e8:e7:74:a0:ed:84:81:9c:
1b:03:9d:3e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RTU2NzExMC8GA1UEBRMoRkI0QUI1QTlBNERDMzdCQkQ2NUU2MUU0MkE0MjU2Q0Y5
NTFCOEM3MzAeFw0yMjAyMTcxMzUyMzdaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMGU1MzI1LWYzM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgh5L2AhOgIZu/ulZY23hJVAhjO41BajggFB9bn556K71YQAL5hmL+NH7gZJYw
ZbmNqncgJ++BSyVAYS2ZFGlrrsNJe95wPBf/WMJAC7mRwllAuUqqsv6AbXivP0ON
2d0AxOYk0ZWkR2IBwbZmpq+/45z5TWPnwTdB+6KX26FjMcxQVFf3OuV35FshSiIB
R0gUhpuVq9msE1/y2LcFL31ZMkBAJ7xJxNBS5o8EWo6MfaiPeM5U6wYcatRSe5st
wZ8Th4OOb9Z4BspLjPe2tc7I9+k0eMAtC6iLo4+CuHF4MgRQzadSihK2y8RWjNXD
QabbLd+EDRoJKyJs6Im3sJ4dAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULW0dP/qb
sNEYL4t7C0Yyjo7eqCUwHwYDVR0jBBgwFoAU+0q1qaTcN7vWXmHkKkJWz5UbjHMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFFNTY3L0U2Nzk5NERFOEZG
NDExRUM5MDQ3MkY3REM0RjlBRTAyLy0wcTFxYVRjTjd2V1htSGtLa0pXejVVYmpI
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLTBxMXFhVGNON3ZXWG1Ia0trSld6NVViakhNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RTU2Ny9FNjc5OTRERThGRjQxMUVDOTA0NzJGN0RDNEY5QUUwMi9ERDdFMkVDQzhG
RjgxMUVDQTlEQ0RFODJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe08jANBgkqhkiG9w0BAQsFAAOCAQEALyaJbuwznVnbuRo1
WMDXk6uBbA2jh2GhKklpvP8QGYMEIgRJm6LulsCXzofwFGMQpc+05X/o8pASqKUV
+dT2FizpuGUmTxeJiElT7SHb31rIKiSA16ynKlHLMY77XztqKVZZ8GLZL6EIgr3Z
f7IWYv4MQqwJGildhEykb4Og7jN19yt8no40E4G80Vv63NEg8quFV5w/dkn42pGO
CT976hoHQtSEDgZJa6P+PoXFmrSg28GefJ5BzM3igiMTsXiO6jrSI7sT7Nz3ohM1
3RefmYHGboi/3X0T/DtfG6pPJIM5RS56kuKbXJAx07CCT6TcvCqljujndKDthIGc
GwOdPg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:04 2023 by rpki-client on console-fra.rpki-client.org