Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4AA0/1041E5EAE2C311EAB818D17FC4F9AE02/F5AFA228D7F711EB864AF77BC4F9AE02.roa
File: F5AFA228D7F711EB864AF77BC4F9AE02.roa (raw, json)
Hash identifier: yjJWvobUvu+4xiHa4+4EG5KkIfa6xRNI2yo1/ECnV7o=
Subject key identifier: 6A:67:B7:25:25:A9:49:5C:97:D8:2C:83:F7:E5:E3:7C:72:BA:82:64
Certificate issuer: /CN=A91B4AA0/serialNumber=04CF57F2A7FFCA72C07468A8C6D5F24517FF46B9
Certificate serial: 03AF
Authority key identifier: 04:CF:57:F2:A7:FF:CA:72:C0:74:68:A8:C6:D5:F2:45:17:FF:46:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BM9X8qf_ynLAdGioxtXyRRf_Rrk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B4AA0/1041E5EAE2C311EAB818D17FC4F9AE02/F5AFA228D7F711EB864AF77BC4F9AE02.roa
Signing time: Tue 30 Nov 2021 11:38:19 +0000
ROA not before: Tue 30 Nov 2021 11:38:18 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 141003
IP address blocks: 103.154.188.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943 (0x3af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B4AA0/serialNumber=04CF57F2A7FFCA72C07468A8C6D5F24517FF46B9
Validity
Not Before: Nov 30 11:38:18 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=61a60d2a-ef17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:55:05:56:8e:9a:5c:e4:67:af:ca:45:a5:
03:3d:ec:34:15:b2:a0:04:5f:43:5b:2f:6d:7b:ba:
c9:75:38:61:5a:8b:75:08:35:8d:90:fd:51:9f:5e:
bf:c2:29:51:f4:f9:49:9e:fb:4c:c3:5c:d1:5e:4b:
70:d8:ef:34:e7:ff:14:24:1d:e9:19:dc:61:de:58:
6a:ee:ce:78:c6:25:e2:6b:2a:99:d0:26:4d:cc:06:
e5:5b:6c:76:17:1b:8c:df:76:0d:25:a4:32:a9:ad:
65:22:61:c4:3b:d4:12:f5:0e:d0:7d:14:b1:0c:1d:
ec:85:ee:08:8b:4e:a0:f4:07:b1:3a:a0:13:70:c7:
31:47:7d:f2:7f:15:91:70:39:4e:d6:16:ea:1b:e4:
49:1f:44:7b:2e:db:45:d5:85:6f:9c:ca:fe:85:0d:
27:a5:f0:63:f5:a1:da:bb:4b:7c:2e:a6:d9:d4:16:
92:c7:4f:e0:f6:fb:b9:46:31:cf:4c:a3:7c:45:b2:
d6:72:82:74:2c:2f:ad:fa:c1:6d:37:1a:aa:7e:ec:
34:2d:dc:20:9b:d6:d2:0e:73:2e:e0:76:14:7a:23:
28:91:bd:23:8f:0f:17:44:af:a8:92:53:78:f7:7b:
d3:55:4f:d2:7d:61:ec:72:e9:78:1c:20:eb:3e:71:
15:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:67:B7:25:25:A9:49:5C:97:D8:2C:83:F7:E5:E3:7C:72:BA:82:64
X509v3 Authority Key Identifier:
keyid:04:CF:57:F2:A7:FF:CA:72:C0:74:68:A8:C6:D5:F2:45:17:FF:46:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B4AA0/1041E5EAE2C311EAB818D17FC4F9AE02/BM9X8qf_ynLAdGioxtXyRRf_Rrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BM9X8qf_ynLAdGioxtXyRRf_Rrk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4AA0/1041E5EAE2C311EAB818D17FC4F9AE02/F5AFA228D7F711EB864AF77BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.154.188.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:3a:ca:87:09:4f:fb:fe:4e:8f:ee:56:1c:23:c6:5f:5d:36:
e1:7e:9e:3a:4e:73:b2:e6:02:51:cc:0c:5d:ce:bf:da:62:78:
ab:14:71:02:a1:44:b8:bf:b7:76:b5:c3:fd:50:fc:fe:14:49:
c7:6c:e4:2c:cd:18:51:5d:61:9b:27:c9:ad:a1:20:7f:b3:1f:
b0:5f:7d:4a:58:e5:ec:34:a3:f1:70:63:2a:05:1f:89:2a:fe:
f0:ff:2a:40:62:06:78:15:cf:ec:16:89:9d:3f:f0:d0:3f:24:
24:98:f2:76:dd:f3:bd:f5:2c:4f:8e:cd:3d:e8:37:dc:5c:cc:
7b:a1:bc:81:41:b8:2e:dc:7f:fe:48:92:ac:e4:fa:2d:f3:62:
e3:39:48:33:33:a6:be:2e:39:5f:75:a1:27:b3:b8:74:a1:9c:
21:77:8b:d6:7a:7e:cd:9a:ef:bd:59:f8:98:f6:7e:44:67:7b:
b7:2e:a2:c4:b7:d3:f7:1d:3e:66:c4:3e:50:c9:f9:cc:76:93:
fe:2d:b1:45:85:9b:40:cb:20:2f:c9:a4:e6:28:2b:76:58:a8:
b2:77:54:b9:03:dc:2d:01:69:7c:7c:d3:af:50:4c:4e:7c:66:
92:65:69:6f:47:e4:78:95:fb:1e:1c:ea:ed:0c:d8:82:96:a9:
7e:55:13:65
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjRBQTAxMTAvBgNVBAUTKDA0Q0Y1N0YyQTdGRkNBNzJDMDc0NjhBOEM2RDVGMjQ1
MTdGRjQ2QjkwHhcNMjExMTMwMTEzODE4WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWE2MGQyYS1lZjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs3VVBVaOmlzkZ6/KRaUDPew0FbKgBF9DWy9te7rJdThhWot1CDWNkP1Rn16/
wilR9PlJnvtMw1zRXktw2O805/8UJB3pGdxh3lhq7s54xiXiayqZ0CZNzAblW2x2
FxuM33YNJaQyqa1lImHEO9QS9Q7QfRSxDB3she4Ii06g9AexOqATcMcxR33yfxWR
cDlO1hbqG+RJH0R7LttF1YVvnMr+hQ0npfBj9aHau0t8LqbZ1BaSx0/g9vu5RjHP
TKN8RbLWcoJ0LC+t+sFtNxqqfuw0Ldwgm9bSDnMu4HYUeiMokb0jjw8XRK+oklN4
93vTVU/SfWHscul4HCDrPnEVxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGpntyUl
qUlcl9gsg/fl43xyuoJkMB8GA1UdIwQYMBaAFATPV/Kn/8pywHRoqMbV8kUX/0a5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNEFBMC8xMDQxRTVFQUUy
QzMxMUVBQjgxOEQxN0ZDNEY5QUUwMi9CTTlYOHFmX3luTEFkR2lveHRYeVJSZl9S
cmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JNOVg4cWZfeW5MQWRHaW94dFh5UlJmX1Jyay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjRBQTAvMTA0MUU1RUFFMkMzMTFFQUI4MThEMTdGQzRGOUFFMDIvRjVBRkEyMjhE
N0Y3MTFFQjg2NEFGNzdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmrwwDQYJKoZIhvcNAQELBQADggEBAKQ6yocJT/v+To/u
Vhwjxl9dNuF+njpOc7LmAlHMDF3Ov9pieKsUcQKhRLi/t3a1w/1Q/P4UScds5CzN
GFFdYZsnya2hIH+zH7BffUpY5ew0o/FwYyoFH4kq/vD/KkBiBngVz+wWiZ0/8NA/
JCSY8nbd8731LE+OzT3oN9xczHuhvIFBuC7cf/5Ikqzk+i3zYuM5SDMzpr4uOV91
oSezuHShnCF3i9Z6fs2a771Z+Jj2fkRne7cuosS30/cdPmbEPlDJ+cx2k/4tsUWF
m0DLIC/JpOYoK3ZYqLJ3VLkD3C0BaXx8069QTE58ZpJlaW9H5HiV+x4c6u0M2IKW
qX5VE2U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org