Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/84B6C7B4EDDA11EC83C0073EC4F9AE02.roa
File: 84B6C7B4EDDA11EC83C0073EC4F9AE02.roa (raw, json)
Hash identifier: hTT12JsrTbssWAlktXL51V1OZ+df2rzDKG8l02m+EDU=
Subject key identifier: EA:56:CD:FB:49:3E:F2:CD:2A:A9:83:F4:AE:4B:24:FE:B7:21:68:FA
Certificate issuer: /CN=A91B12FB/serialNumber=59118DD753F0530EDC2B8C3BE263BEDB0CCEBC0E
Certificate serial: 04
Authority key identifier: 59:11:8D:D7:53:F0:53:0E:DC:2B:8C:3B:E2:63:BE:DB:0C:CE:BC:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WRGN11PwUw7cK4w74mO-2wzOvA4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/84B6C7B4EDDA11EC83C0073EC4F9AE02.roa
Signing time: Fri 17 Jun 2022 01:12:13 +0000
ROA not before: Fri 17 Jun 2022 01:12:13 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 206888
IP address blocks: 103.189.140.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B12FB/serialNumber=59118DD753F0530EDC2B8C3BE263BEDB0CCEBC0E
Validity
Not Before: Jun 17 01:12:13 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62abd4ed-7ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:10:52:94:f1:a3:11:99:99:81:0f:0c:30:
a6:6e:dd:8e:04:7b:ec:b6:9f:3c:bb:50:e9:a2:35:
2e:99:51:89:bd:56:68:1c:7e:bb:fa:dd:96:d8:02:
83:00:1d:6a:17:41:0d:1b:60:ee:cd:5a:db:38:5c:
eb:46:e1:01:7a:43:6a:a7:c5:35:79:aa:b7:6f:e0:
40:bb:cf:e6:7d:94:09:04:28:c0:d2:3f:32:0f:5d:
0a:c3:e4:6e:f6:55:ea:f8:11:10:01:5b:13:89:90:
ed:e7:de:b2:95:25:6f:72:93:cf:2a:c6:53:e6:b6:
5a:0c:83:bd:c6:0a:97:4b:49:db:6e:c9:11:b8:a3:
c3:9d:8c:dd:8c:0e:a0:6e:5f:2c:3f:ed:f4:a2:96:
e2:d9:59:aa:8a:33:2a:3c:43:2b:10:61:73:95:65:
12:19:7c:1b:93:59:ec:98:5c:b6:60:23:5a:c4:ab:
98:88:f2:d5:e3:7e:79:df:b1:3b:d0:e6:25:13:fe:
40:5b:e1:be:fa:75:78:ae:db:c8:99:6f:8a:29:d1:
af:bf:f5:f9:59:73:d7:73:f4:88:6e:ea:34:21:fc:
fd:50:30:44:a2:99:8f:a3:5d:b5:b8:04:28:be:28:
a9:89:7b:73:e8:99:45:45:89:0d:6e:ea:94:0c:b4:
44:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:56:CD:FB:49:3E:F2:CD:2A:A9:83:F4:AE:4B:24:FE:B7:21:68:FA
X509v3 Authority Key Identifier:
keyid:59:11:8D:D7:53:F0:53:0E:DC:2B:8C:3B:E2:63:BE:DB:0C:CE:BC:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/WRGN11PwUw7cK4w74mO-2wzOvA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WRGN11PwUw7cK4w74mO-2wzOvA4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B12FB/E0D64514ED1D11ECB5FF2B24C4F9AE02/84B6C7B4EDDA11EC83C0073EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.140.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:9a:ad:c2:c4:b9:bb:7f:2c:1d:e0:bb:57:85:be:34:ee:89:
15:f2:65:5d:97:03:0d:35:9b:ad:cc:1f:a5:f1:6d:43:c5:75:
0d:42:a4:b2:a9:77:dd:bf:45:4f:81:ff:6b:9b:9c:27:9e:6a:
ab:df:af:4f:dd:c8:9c:45:6d:de:c7:90:34:ec:5d:bb:5b:a9:
0b:f4:49:ce:96:94:b6:44:a1:2a:65:87:3e:de:43:06:76:b7:
57:57:3a:20:42:6e:3e:0e:c6:b3:1b:b1:2f:e2:c3:28:3a:35:
59:f2:a7:58:0e:dc:35:f1:bc:1f:e7:64:50:96:22:f3:d5:21:
c8:65:6c:69:8b:aa:97:82:80:32:f3:4e:c7:98:c8:1d:07:0a:
38:30:be:85:0b:c1:4b:51:09:ea:af:3b:b7:8b:5c:ac:08:71:
71:5b:5f:6d:ac:73:ad:c8:4b:0d:7a:81:bf:63:ae:00:e8:ce:
97:78:20:46:28:26:f1:40:6d:de:23:0d:18:70:de:72:d1:73:
e7:f1:4f:aa:0e:21:f3:e9:69:31:7c:14:27:2d:90:c9:64:38:
36:c0:b2:4a:25:5a:89:5b:2b:79:f2:e0:81:15:04:ce:e6:dd:
34:bb:59:fc:9a:01:bd:a0:2a:f9:15:6b:40:9b:1b:d1:d1:07:
0a:be:81:7b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MTJGQjExMC8GA1UEBRMoNTkxMThERDc1M0YwNTMwRURDMkI4QzNCRTI2M0JFREIw
Q0NFQkMwRTAeFw0yMjA2MTcwMTEyMTNaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyYWJkNGVkLTdjY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmthBSlPGjEZmZgQ8MMKZu3Y4Ee+y2nzy7UOmiNS6ZUYm9Vmgcfrv63ZbYAoMA
HWoXQQ0bYO7NWts4XOtG4QF6Q2qnxTV5qrdv4EC7z+Z9lAkEKMDSPzIPXQrD5G72
Ver4ERABWxOJkO3n3rKVJW9yk88qxlPmtloMg73GCpdLSdtuyRG4o8OdjN2MDqBu
Xyw/7fSiluLZWaqKMyo8QysQYXOVZRIZfBuTWeyYXLZgI1rEq5iI8tXjfnnfsTvQ
5iUT/kBb4b76dXiu28iZb4op0a+/9flZc9dz9Ihu6jQh/P1QMESimY+jXbW4BCi+
KKmJe3PomUVFiQ1u6pQMtERPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU6lbN+0k+
8s0qqYP0rksk/rchaPowHwYDVR0jBBgwFoAUWRGN11PwUw7cK4w74mO+2wzOvA4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIxMkZCL0UwRDY0NTE0RUQx
RDExRUNCNUZGMkIyNEM0RjlBRTAyL1dSR04xMVB3VXc3Y0s0dzc0bU8tMnd6T3ZB
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV1JHTjExUHdVdzdjSzR3NzRtTy0yd3pPdkE0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MTJGQi9FMEQ2NDUxNEVEMUQxMUVDQjVGRjJCMjRDNEY5QUUwMi84NEI2QzdCNEVE
REExMUVDODNDMDA3M0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe9jDANBgkqhkiG9w0BAQsFAAOCAQEAfZqtwsS5u38sHeC7
V4W+NO6JFfJlXZcDDTWbrcwfpfFtQ8V1DUKksql33b9FT4H/a5ucJ55qq9+vT93I
nEVt3seQNOxdu1upC/RJzpaUtkShKmWHPt5DBna3V1c6IEJuPg7GsxuxL+LDKDo1
WfKnWA7cNfG8H+dkUJYi89UhyGVsaYuql4KAMvNOx5jIHQcKODC+hQvBS1EJ6q87
t4tcrAhxcVtfbaxzrchLDXqBv2OuAOjOl3ggRigm8UBt3iMNGHDectFz5/FPqg4h
8+lpMXwUJy2QyWQ4NsCySiVaiVsrefLggRUEzubdNLtZ/JoBvaAq+RVrQJsb0dEH
Cr6Bew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org