Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/05E123781D3A11EDA7336C83C4F9AE02.roa
File: 05E123781D3A11EDA7336C83C4F9AE02.roa (raw, json)
Hash identifier: LsZO/w7gjKW9awXJdzUix0pZAhcokeyjwjvvXIALrLk=
Subject key identifier: 14:69:02:32:E2:22:BE:C0:26:DC:96:21:B4:29:5D:1A:AF:00:17:D6
Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B
Certificate serial: 02
Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/05E123781D3A11EDA7336C83C4F9AE02.roa
Signing time: Tue 16 Aug 2022 08:04:16 +0000
ROA not before: Tue 16 Aug 2022 08:04:16 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 139642
IP address blocks: 103.141.200.0/23 maxlen: 23
103.141.200.0/24 maxlen: 24
2001:df1:23c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B
Validity
Not Before: Aug 16 08:04:16 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=62fb4f80-70b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:58:08:f3:fe:b6:10:97:2b:d9:50:00:53:ab:
a6:43:db:f6:12:22:62:56:c0:62:d3:1e:18:fe:bd:
e7:03:8c:80:82:f2:9c:d0:fd:f7:38:2f:96:f8:a0:
82:93:34:9f:d1:ab:f4:35:70:4a:4f:3a:c3:cf:b3:
6b:fb:05:33:8a:71:5f:f0:8a:4a:8d:45:46:4f:ed:
66:ed:79:87:84:17:51:a0:ca:35:bc:ae:05:b3:44:
73:70:73:c5:cc:44:7b:b3:de:41:8f:75:55:b9:28:
61:5e:3e:eb:fb:82:31:5f:6f:3b:37:c4:72:a3:99:
3d:86:4a:78:35:11:f5:50:a2:04:ef:3f:48:51:b6:
aa:fe:f6:2a:6a:da:75:3b:86:02:4b:dd:e2:c9:d1:
ab:f2:99:be:3b:b9:5d:46:a1:d5:32:b0:71:6e:b6:
53:90:4c:cd:d0:3b:b6:8d:00:83:c5:7c:ec:5e:86:
f7:b2:26:07:b2:7c:ea:e2:0a:1a:2a:0b:c3:86:e4:
e9:7d:d2:a7:4d:57:91:af:80:bb:2d:b3:63:e6:ce:
87:18:5b:e3:c0:84:4a:b6:db:45:50:e5:da:72:1f:
d9:7b:9d:76:cc:3c:a1:2f:d6:cd:7c:5a:c7:bd:5e:
fb:61:cc:1e:23:9a:10:43:98:b2:d9:a0:35:0a:5c:
fa:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:69:02:32:E2:22:BE:C0:26:DC:96:21:B4:29:5D:1A:AF:00:17:D6
X509v3 Authority Key Identifier:
keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/05E123781D3A11EDA7336C83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.200.0/23
IPv6:
2001:df1:23c0::/48
Signature Algorithm: sha256WithRSAEncryption
40:ea:e2:ad:ce:b0:5b:70:b5:1a:44:fc:13:0e:fd:92:a9:e6:
52:c9:8b:11:32:a3:16:f3:d7:37:79:2c:6c:cf:f6:62:fa:00:
80:2a:50:b3:eb:11:24:27:79:33:1e:38:ec:a0:14:99:ff:98:
83:36:23:9f:b5:5d:36:04:d0:d2:04:27:dc:7a:ed:bb:22:20:
c5:3f:a2:77:15:0e:60:a1:84:25:ed:a2:38:f1:57:e1:5d:24:
c5:36:8d:66:d7:20:cb:fa:26:83:88:c1:fd:10:52:07:2b:2a:
be:33:79:56:c1:db:7c:b2:2f:d9:02:52:51:a5:81:20:5b:84:
be:0d:05:84:99:11:64:85:9a:92:38:3c:62:04:bb:b5:20:e8:
1e:b8:ab:16:55:fb:eb:22:35:f7:9d:4c:8e:bb:94:12:55:ad:
e8:a1:5b:33:e2:7b:e1:01:10:9f:6e:e6:c4:49:30:b7:b8:0f:
a1:0c:8e:96:f1:2e:aa:f3:82:94:2b:ca:d6:86:67:2d:cd:bf:
41:5f:ac:cf:80:f6:94:3d:a8:e6:95:68:24:20:8c:76:11:be:
9e:a0:00:fb:03:36:7d:98:13:f3:3f:c1:04:e7:04:db:f3:cb:
dd:5a:45:06:1b:f8:b3:54:75:61:91:0d:48:5c:b4:53:9c:2c:
fa:9f:97:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
Nzg5NzExMC8GA1UEBRMoMkFBMjc4OTQ0QjQxMEZBMkM4M0I3QzJBRjMyQzY2QUZB
MjBDMTI3QjAeFw0yMjA4MTYwODA0MTZaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZmI0ZjgwLTcwYjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCbWAjz/rYQlyvZUABTq6ZD2/YSImJWwGLTHhj+vecDjICC8pzQ/fc4L5b4oIKT
NJ/Rq/Q1cEpPOsPPs2v7BTOKcV/wikqNRUZP7WbteYeEF1GgyjW8rgWzRHNwc8XM
RHuz3kGPdVW5KGFePuv7gjFfbzs3xHKjmT2GSng1EfVQogTvP0hRtqr+9ipq2nU7
hgJL3eLJ0avymb47uV1GodUysHFutlOQTM3QO7aNAIPFfOxehveyJgeyfOriChoq
C8OG5Ol90qdNV5GvgLsts2PmzocYW+PAhEq220VQ5dpyH9l7nXbMPKEv1s18Wse9
XvthzB4jmhBDmLLZoDUKXPrpAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUFGkCMuIi
vsAm3JYhtCldGq8AF9YwHwYDVR0jBBgwFoAUKqJ4lEtBD6LIO3wq8yxmr6IMEnsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3ODk3L0I2QzU5NDFDMUQz
NTExRURBNUU2MzA3REM0RjlBRTAyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVu
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS3FKNGxFdEJENkxJTzN3cTh5eG1yNklNRW5zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi8wNUUxMjM3ODFE
M0ExMUVEQTczMzZDODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWeNyDAPBAIAAjAJAwcAIAEN8SPAMA0GCSqGSIb3DQEBCwUA
A4IBAQBA6uKtzrBbcLUaRPwTDv2SqeZSyYsRMqMW89c3eSxsz/Zi+gCAKlCz6xEk
J3kzHjjsoBSZ/5iDNiOftV02BNDSBCfceu27IiDFP6J3FQ5goYQl7aI48VfhXSTF
No1m1yDL+iaDiMH9EFIHKyq+M3lWwdt8si/ZAlJRpYEgW4S+DQWEmRFkhZqSODxi
BLu1IOgeuKsWVfvrIjX3nUyOu5QSVa3ooVsz4nvhARCfbubESTC3uA+hDI6W8S6q
84KUK8rWhmctzb9BX6zPgPaUPajmlWgkIIx2Eb6eoAD7AzZ9mBPzP8EE5wTb88vd
WkUGG/izVHVhkQ1IXLRTnCz6n5d8
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org