Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/8B2B8106468D11EC9B424564C4F9AE02.roa
File: 8B2B8106468D11EC9B424564C4F9AE02.roa (raw, json)
Hash identifier: SibHZ8qE7aV6N+vLfzicZuRVTHWKJO8bmK6p3KT1mRE=
Subject key identifier: 60:8D:F0:1A:C9:AC:EB:D7:C7:C7:25:50:85:17:3A:AA:35:44:D0:30
Certificate issuer: /CN=A91B29F8/serialNumber=76C8E0115549EDA92DE22236A2A5A50AF09F8411
Certificate serial: 01FF
Authority key identifier: 76:C8:E0:11:55:49:ED:A9:2D:E2:22:36:A2:A5:A5:0A:F0:9F:84:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dsjgEVVJ7akt4iI2oqWlCvCfhBE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/8B2B8106468D11EC9B424564C4F9AE02.roa
Signing time: Thu 02 Dec 2021 07:01:03 +0000
ROA not before: Thu 02 Dec 2021 07:01:03 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 136933
IP address blocks: 103.99.60.0/24 maxlen: 24
103.99.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 511 (0x1ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B29F8/serialNumber=76C8E0115549EDA92DE22236A2A5A50AF09F8411
Validity
Not Before: Dec 2 07:01:03 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61a86f2f-0e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:78:2f:8e:bf:16:80:3d:a0:f8:d6:60:28:cf:
8c:5d:44:5a:c7:3b:a5:1a:77:cf:44:5b:af:6f:49:
2f:21:53:8b:f3:55:4b:73:00:68:b7:c6:12:75:bd:
37:b8:b6:d1:c1:f7:48:8a:78:e3:f5:3f:50:ad:da:
8f:36:94:3e:67:b9:28:09:9e:f1:d1:fd:9d:c3:bc:
e1:ad:f9:ce:77:0c:35:3b:8e:0c:13:d4:d3:ad:7c:
98:1e:a4:40:71:93:9e:a7:6b:a2:6a:bf:7e:6d:cb:
6e:b3:b7:35:a9:d2:18:1d:02:a0:f2:e9:f6:f3:0d:
5b:22:37:e6:e1:37:f3:21:b5:89:d4:31:bc:cc:19:
5e:70:22:ce:e7:5b:5a:45:3f:25:c5:24:ad:ea:3a:
a8:78:2b:f8:42:0b:3a:12:6f:81:e6:4d:30:2d:92:
3f:c6:6f:d2:a8:67:96:3d:54:1a:16:81:1f:b7:e6:
0a:e0:57:77:79:65:ca:79:ee:ed:62:6b:4b:ef:bc:
ad:3f:b3:6a:b7:74:dc:f9:97:38:3c:2e:f6:cb:78:
0d:1f:51:08:b2:ac:02:b9:fe:d7:d3:36:37:38:e9:
57:52:ea:51:b3:e1:0d:c1:9d:d5:0c:d1:64:f0:d7:
e8:01:af:62:a4:a9:63:14:98:98:00:44:39:22:b5:
7f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8D:F0:1A:C9:AC:EB:D7:C7:C7:25:50:85:17:3A:AA:35:44:D0:30
X509v3 Authority Key Identifier:
keyid:76:C8:E0:11:55:49:ED:A9:2D:E2:22:36:A2:A5:A5:0A:F0:9F:84:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/dsjgEVVJ7akt4iI2oqWlCvCfhBE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dsjgEVVJ7akt4iI2oqWlCvCfhBE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/8B2B8106468D11EC9B424564C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.60.0/24
103.99.63.0/24
Signature Algorithm: sha256WithRSAEncryption
48:77:95:f1:62:55:ee:25:f7:15:a7:30:ec:c1:84:9a:17:68:
cf:40:66:ae:26:96:83:96:9b:98:35:eb:e5:0b:df:75:16:ff:
be:f0:b9:57:ef:4b:70:1c:c7:28:73:da:29:d7:a2:18:b1:43:
fe:c4:98:42:d4:16:bb:42:28:dd:56:bf:50:8f:79:8d:1c:c6:
1a:de:85:68:3d:38:01:c4:e3:d9:77:bf:b9:f9:eb:63:b8:ab:
b5:13:37:4c:a4:e2:80:1a:71:de:c1:6d:78:cb:86:0f:7e:b3:
64:d8:26:0a:19:6a:aa:4f:13:2a:0a:47:8e:fe:57:c2:4e:dc:
52:c8:c9:33:1d:80:b4:28:2f:24:f7:56:f1:31:bc:5d:d6:e3:
f2:68:69:72:95:30:c1:17:ba:b0:41:d1:6b:a3:19:58:21:b5:
68:81:ac:bb:8f:58:84:5d:48:84:ce:2c:71:1c:9d:6b:af:ba:
61:26:bc:49:e5:41:98:2b:9c:c8:17:8f:c8:e0:59:1b:85:ad:
70:4e:33:ca:e2:e5:72:0a:34:ed:0b:1e:29:f1:e7:be:b0:ef:
3f:e9:38:fb:2c:ff:af:8e:da:e0:b1:c0:bf:d3:38:1e:fb:c4:
3c:90:52:18:95:96:77:19:1e:ec:ac:57:08:77:8f:74:81:e6:
31:c8:9e:64
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI5RjgxMTAvBgNVBAUTKDc2QzhFMDExNTU0OUVEQTkyREUyMjIzNkEyQTVBNTBB
RjA5Rjg0MTEwHhcNMjExMjAyMDcwMTAzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWE4NmYyZi0wZTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Xgvjr8WgD2g+NZgKM+MXURaxzulGnfPRFuvb0kvIVOL81VLcwBot8YSdb03
uLbRwfdIinjj9T9QrdqPNpQ+Z7koCZ7x0f2dw7zhrfnOdww1O44ME9TTrXyYHqRA
cZOep2uiar9+bctus7c1qdIYHQKg8un28w1bIjfm4TfzIbWJ1DG8zBlecCLO51ta
RT8lxSSt6jqoeCv4Qgs6Em+B5k0wLZI/xm/SqGeWPVQaFoEft+YK4Fd3eWXKee7t
YmtL77ytP7Nqt3Tc+Zc4PC72y3gNH1EIsqwCuf7X0zY3OOlXUupRs+ENwZ3VDNFk
8NfoAa9ipKljFJiYAEQ5IrV/BwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGCN8BrJ
rOvXx8clUIUXOqo1RNAwMB8GA1UdIwQYMBaAFHbI4BFVSe2pLeIiNqKlpQrwn4QR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjlGOC85MkQwQkUwMjkw
NjgxMUVCOUUzRkM2NkNDNEY5QUUwMi9kc2pnRVZWSjdha3Q0aUkyb3FXbEN2Q2Zo
QkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RzamdFVlZKN2FrdDRpSTJvcVdsQ3ZDZmhCRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI5RjgvOTJEMEJFMDI5MDY4MTFFQjlFM0ZDNjZDQzRGOUFFMDIvOEIyQjgxMDY0
NjhEMTFFQzlCNDI0NTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnYzwDBABnYz8wDQYJKoZIhvcNAQELBQADggEBAEh3lfFi
Ve4l9xWnMOzBhJoXaM9AZq4mloOWm5g16+UL33UW/77wuVfvS3Acxyhz2inXohix
Q/7EmELUFrtCKN1Wv1CPeY0cxhrehWg9OAHE49l3v7n562O4q7UTN0yk4oAacd7B
bXjLhg9+s2TYJgoZaqpPEyoKR47+V8JO3FLIyTMdgLQoLyT3VvExvF3W4/JoaXKV
MMEXurBB0WujGVghtWiBrLuPWIRdSITOLHEcnWuvumEmvEnlQZgrnMgXj8jgWRuF
rXBOM8ri5XIKNO0LHinx576w7z/pOPss/6+O2uCxwL/TOB77xDyQUhiVlncZHuys
Vwh3j3SB5jHInmQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-ams.rpki-client.org