Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/E87E274AC78611EB988BB15BC4F9AE02.roa
File: E87E274AC78611EB988BB15BC4F9AE02.roa (raw, json)
Hash identifier: Bgpi7snXDyQheQ6GvDNVFbKk2gX/C8kYxdrVCoKgJm4=
Subject key identifier: 0B:79:6E:AB:9A:A3:AB:98:F1:26:6B:78:06:8D:BE:EB:5E:F3:DF:6E
Certificate issuer: /CN=A91AF5F7/serialNumber=0A277D26A9C2402B8A1CD4577935E4F3C259C19F
Certificate serial: 0239
Authority key identifier: 0A:27:7D:26:A9:C2:40:2B:8A:1C:D4:57:79:35:E4:F3:C2:59:C1:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cid9JqnCQCuKHNRXeTXk88JZwZ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/E87E274AC78611EB988BB15BC4F9AE02.roa
Signing time: Tue 15 Mar 2022 12:32:44 +0000
ROA not before: Tue 15 Mar 2022 12:32:44 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 137443
IP address blocks: 103.101.204.0/24 maxlen: 24
103.101.205.0/24 maxlen: 24
103.101.206.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 569 (0x239)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF5F7/serialNumber=0A277D26A9C2402B8A1CD4577935E4F3C259C19F
Validity
Not Before: Mar 15 12:32:44 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=6230876b-9ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0c:be:17:1f:0d:af:9e:59:fe:57:0c:dc:5c:
2d:6f:82:d1:f0:a4:d7:e7:fd:fc:28:4c:78:2f:9a:
35:3c:25:51:64:63:d1:74:a5:c2:c5:9f:51:98:24:
48:37:2e:b7:36:1a:5d:15:7d:e4:f5:cb:44:9e:53:
ea:94:4a:55:39:0d:4a:ac:52:08:a2:2c:38:d1:be:
15:a2:84:d2:47:d8:a8:18:e0:6d:5e:60:7d:ba:5b:
17:da:12:98:a0:d3:06:11:32:15:28:27:1c:f5:eb:
47:03:18:b1:95:c3:13:1a:6e:42:ee:47:78:78:2e:
f9:10:0a:04:73:9a:e6:9a:2e:1d:9d:ee:e4:58:d0:
36:72:6b:16:f2:47:b7:0c:71:c3:85:6a:39:50:d7:
c1:a8:fb:19:9e:f6:82:54:a5:3a:b9:da:0c:20:2f:
8e:26:15:b2:2a:d4:49:53:a1:40:2d:7c:ba:bb:d6:
e8:04:df:a3:70:f4:45:fa:62:56:9a:e9:ab:24:5a:
fb:a9:d6:78:46:b7:7a:02:dc:82:06:88:ef:a6:34:
dc:dd:b7:d5:da:f0:0b:71:7c:7b:40:5c:96:a5:25:
84:04:e6:a0:d6:b5:20:5f:f5:d0:ff:41:5b:4f:8b:
45:14:d6:dc:db:f9:fd:81:b7:ef:47:af:64:0d:31:
ac:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:79:6E:AB:9A:A3:AB:98:F1:26:6B:78:06:8D:BE:EB:5E:F3:DF:6E
X509v3 Authority Key Identifier:
keyid:0A:27:7D:26:A9:C2:40:2B:8A:1C:D4:57:79:35:E4:F3:C2:59:C1:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/Cid9JqnCQCuKHNRXeTXk88JZwZ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cid9JqnCQCuKHNRXeTXk88JZwZ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF5F7/44FCE568C78411EBAD4C9659C4F9AE02/E87E274AC78611EB988BB15BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.204.0/22
Signature Algorithm: sha256WithRSAEncryption
92:60:b0:77:97:6b:db:28:5a:7a:e7:61:6e:3d:dd:7d:75:89:
fb:b6:46:a8:97:08:85:02:5f:98:6f:fa:3c:bc:8f:69:a6:fa:
c6:9e:85:ea:bc:3b:83:ac:18:2a:dd:67:2d:ef:8d:a9:56:56:
2a:03:b9:d1:c9:c9:2f:15:1a:31:3b:66:e0:4b:04:5f:75:89:
2f:49:00:99:6c:02:ab:f8:a8:cf:0a:5f:84:31:13:0e:0b:e2:
c4:cc:7b:ac:53:db:dd:f2:ff:d7:89:de:7a:cb:49:0e:44:d0:
a3:2d:05:48:41:0a:4a:9d:9c:0d:b3:f9:60:70:45:cd:15:c7:
4e:ae:d8:7b:b1:e8:80:51:3a:29:93:21:e3:eb:98:41:34:99:
84:c8:42:66:bf:af:90:59:39:10:26:e8:8b:d7:6c:9e:9c:ed:
13:e1:cc:26:9e:32:f5:b2:34:bb:9c:42:11:ca:18:73:54:0d:
78:f1:6d:24:d2:5d:cd:11:59:3c:b6:80:fa:49:74:c5:4f:fa:
6b:f2:8c:b5:47:7d:a3:95:99:ff:94:e9:ea:d6:da:b8:3b:17:
3a:c2:5e:9b:d2:f9:cf:6b:58:a1:ca:93:46:32:73:84:d2:b2:
08:e6:4d:12:5b:1a:9b:dd:87:8b:6e:89:a8:aa:55:67:38:3b:
97:fe:6c:7d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUY1RjcxMTAvBgNVBAUTKDBBMjc3RDI2QTlDMjQwMkI4QTFDRDQ1Nzc5MzVFNEYz
QzI1OUMxOUYwHhcNMjIwMzE1MTIzMjQ0WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMwODc2Yi05ZWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArAy+Fx8Nr55Z/lcM3Fwtb4LR8KTX5/38KEx4L5o1PCVRZGPRdKXCxZ9RmCRI
Ny63NhpdFX3k9ctEnlPqlEpVOQ1KrFIIoiw40b4VooTSR9ioGOBtXmB9ulsX2hKY
oNMGETIVKCcc9etHAxixlcMTGm5C7kd4eC75EAoEc5rmmi4dne7kWNA2cmsW8ke3
DHHDhWo5UNfBqPsZnvaCVKU6udoMIC+OJhWyKtRJU6FALXy6u9boBN+jcPRF+mJW
mumrJFr7qdZ4Rrd6AtyCBojvpjTc3bfV2vALcXx7QFyWpSWEBOag1rUgX/XQ/0Fb
T4tFFNbc2/n9gbfvR69kDTGsCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAt5bqua
o6uY8SZreAaNvute899uMB8GA1UdIwQYMBaAFAonfSapwkArihzUV3k15PPCWcGf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjVGNy80NEZDRTU2OEM3
ODQxMUVCQUQ0Qzk2NTlDNEY5QUUwMi9DaWQ5SnFuQ1FDdUtITlJYZVRYazg4Slp3
WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NpZDlKcW5DUUN1S0hOUlhlVFhrODhKWndaOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUY1RjcvNDRGQ0U1NjhDNzg0MTFFQkFENEM5NjU5QzRGOUFFMDIvRTg3RTI3NEFD
Nzg2MTFFQjk4OEJCMTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnZcwwDQYJKoZIhvcNAQELBQADggEBAJJgsHeXa9soWnrn
YW493X11ifu2RqiXCIUCX5hv+jy8j2mm+saeheq8O4OsGCrdZy3vjalWVioDudHJ
yS8VGjE7ZuBLBF91iS9JAJlsAqv4qM8KX4QxEw4L4sTMe6xT293y/9eJ3nrLSQ5E
0KMtBUhBCkqdnA2z+WBwRc0Vx06u2Hux6IBROimTIePrmEE0mYTIQma/r5BZORAm
6IvXbJ6c7RPhzCaeMvWyNLucQhHKGHNUDXjxbSTSXc0RWTy2gPpJdMVP+mvyjLVH
faOVmf+U6erW2rg7FzrCXpvS+c9rWKHKk0Yyc4TSsgjmTRJbGpvdh4tuiaiqVWc4
O5f+bH0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org