Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B01FF/B8C1E7D4412111ECAC525483C4F9AE02/2BB4F074700611EDA897FC3EC4F9AE02.roa
File: 2BB4F074700611EDA897FC3EC4F9AE02.roa (raw, json)
Hash identifier: eK4GQGPPl05io+kT6k6GrX8X9Rn5w2xFhYPTdCfRUQQ=
Subject key identifier: 15:44:CF:CE:B6:CB:BE:61:F3:41:D0:AF:0F:CD:7D:69:12:91:C1:BF
Certificate issuer: /CN=A91B01FF/serialNumber=675E63A4C178C6F5660264024472464EB98E1B5D
Certificate serial: 02AC
Authority key identifier: 67:5E:63:A4:C1:78:C6:F5:66:02:64:02:44:72:46:4E:B9:8E:1B:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z15jpMF4xvVmAmQCRHJGTrmOG10.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B01FF/B8C1E7D4412111ECAC525483C4F9AE02/2BB4F074700611EDA897FC3EC4F9AE02.roa
Signing time: Tue 29 Nov 2022 16:52:12 +0000
ROA not before: Tue 29 Nov 2022 16:52:12 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 141151
IP address blocks: 103.155.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 684 (0x2ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B01FF/serialNumber=675E63A4C178C6F5660264024472464EB98E1B5D
Validity
Not Before: Nov 29 16:52:12 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=638638bc-9002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ed:d5:d1:8b:de:71:89:7e:b8:82:ad:21:20:
0a:44:ee:a6:a0:d0:4f:c8:39:e5:be:41:27:36:cd:
79:38:d4:0d:13:50:37:0c:06:b8:ba:5e:c9:33:a4:
15:b8:9e:a2:59:60:32:a5:a0:a8:ca:a2:dc:9f:3d:
1d:24:73:cd:d3:ba:a3:29:ee:66:fb:df:a5:84:bb:
a9:fa:8c:bb:d8:8e:e3:e0:30:99:46:4c:36:42:11:
9d:b0:db:f3:5d:cb:de:ab:29:a1:6c:a0:47:89:d0:
9e:db:51:45:84:06:15:c0:85:78:92:9c:a3:80:95:
f9:16:69:fb:9b:83:d4:18:3a:37:73:e4:67:1a:5e:
99:ce:d7:20:42:24:15:80:38:43:42:15:de:ef:70:
fd:60:a3:9e:c5:4a:7e:b8:f1:5b:01:a1:10:d8:71:
ce:f0:79:ad:0a:b5:78:3c:6b:7b:7f:52:81:fe:d5:
e1:bc:b0:e8:c9:54:14:56:52:5d:fa:9e:da:52:11:
ff:b7:15:1a:62:a6:26:00:6f:18:f1:a1:0c:37:89:
ac:da:c1:86:e5:6e:9c:8e:ef:80:82:cc:8c:cc:14:
46:e1:e6:a2:54:7c:26:1d:0c:e7:6f:72:98:1a:ed:
c7:00:a8:ae:24:5f:07:64:56:9c:4f:8a:31:db:97:
9a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:44:CF:CE:B6:CB:BE:61:F3:41:D0:AF:0F:CD:7D:69:12:91:C1:BF
X509v3 Authority Key Identifier:
keyid:67:5E:63:A4:C1:78:C6:F5:66:02:64:02:44:72:46:4E:B9:8E:1B:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B01FF/B8C1E7D4412111ECAC525483C4F9AE02/Z15jpMF4xvVmAmQCRHJGTrmOG10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z15jpMF4xvVmAmQCRHJGTrmOG10.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B01FF/B8C1E7D4412111ECAC525483C4F9AE02/2BB4F074700611EDA897FC3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.101.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:45:6e:61:fc:a9:41:5c:79:ba:da:9e:c3:1d:53:91:19:a2:
91:ae:8a:62:27:5f:23:04:94:4f:6e:be:31:be:43:41:96:d6:
41:db:2c:4d:8c:c3:b8:30:3e:6f:d6:e8:7b:70:c3:3c:b2:fb:
5c:0e:fb:84:40:75:73:56:91:b6:2d:a3:86:7b:24:e9:34:7e:
06:0a:97:10:c6:98:dc:6c:df:fb:0f:8b:5c:d7:27:03:98:45:
2b:18:77:bc:d5:47:7b:05:0d:5b:65:8d:c4:02:aa:ef:6b:df:
8e:71:d1:e2:c1:8d:07:3b:2f:e3:3a:e9:df:35:54:59:c9:f5:
23:80:55:f7:00:25:ff:e3:ed:88:9c:0f:88:99:72:24:e7:f4:
59:8d:8b:a1:4d:48:d6:36:45:14:21:e4:1e:70:96:63:82:64:
d9:b2:77:53:cf:dc:d0:7a:8d:8c:55:bf:4d:86:2b:8c:d0:0e:
04:c1:06:88:3b:5d:97:70:4b:9c:c3:a2:54:97:d6:fb:b6:a2:
51:8e:e3:d4:0f:0b:ff:5f:13:a5:e3:31:c1:1d:ec:22:ce:1e:
6b:df:b1:d7:4e:83:cb:d6:43:9d:b3:09:0b:f9:12:15:36:89:
a0:d4:75:1b:2f:1d:ed:84:d0:5d:e7:b2:e8:1c:16:c3:cb:5c:
95:7c:09:17
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAqwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjAxRkYxMTAvBgNVBAUTKDY3NUU2M0E0QzE3OEM2RjU2NjAyNjQwMjQ0NzI0NjRF
Qjk4RTFCNUQwHhcNMjIxMTI5MTY1MjEyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg2MzhiYy05MDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqe3V0YvecYl+uIKtISAKRO6moNBPyDnlvkEnNs15ONQNE1A3DAa4ul7JM6QV
uJ6iWWAypaCoyqLcnz0dJHPN07qjKe5m+9+lhLup+oy72I7j4DCZRkw2QhGdsNvz
XcveqymhbKBHidCe21FFhAYVwIV4kpyjgJX5Fmn7m4PUGDo3c+RnGl6ZztcgQiQV
gDhDQhXe73D9YKOexUp+uPFbAaEQ2HHO8HmtCrV4PGt7f1KB/tXhvLDoyVQUVlJd
+p7aUhH/txUaYqYmAG8Y8aEMN4ms2sGG5W6cju+AgsyMzBRG4eaiVHwmHQznb3KY
Gu3HAKiuJF8HZFacT4ox25eaIwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBVEz862
y75h80HQrw/NfWkSkcG/MB8GA1UdIwQYMBaAFGdeY6TBeMb1ZgJkAkRyRk65jhtd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDFGRi9COEMxRTdENDQx
MjExMUVDQUM1MjU0ODNDNEY5QUUwMi9aMTVqcE1GNHh2Vm1BbVFDUkhKR1RybU9H
MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1oxNWpwTUY0eHZWbUFtUUNSSEpHVHJtT0cxMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjAxRkYvQjhDMUU3RDQ0MTIxMTFFQ0FDNTI1NDgzQzRGOUFFMDIvMkJCNEYwNzQ3
MDA2MTFFREE4OTdGQzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnm2UwDQYJKoZIhvcNAQELBQADggEBAKxFbmH8qUFcebra
nsMdU5EZopGuimInXyMElE9uvjG+Q0GW1kHbLE2Mw7gwPm/W6Htwwzyy+1wO+4RA
dXNWkbYto4Z7JOk0fgYKlxDGmNxs3/sPi1zXJwOYRSsYd7zVR3sFDVtljcQCqu9r
345x0eLBjQc7L+M66d81VFnJ9SOAVfcAJf/j7YicD4iZciTn9FmNi6FNSNY2RRQh
5B5wlmOCZNmyd1PP3NB6jYxVv02GK4zQDgTBBog7XZdwS5zDolSX1vu2olGO49QP
C/9fE6XjMcEd7CLOHmvfsddOg8vWQ52zCQv5EhU2iaDUdRsvHe2E0F3nsugcFsPL
XJV8CRc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org