Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/CFAB082E61F311EDB7B99C70C4F9AE02.roa
File: CFAB082E61F311EDB7B99C70C4F9AE02.roa (raw, json)
Hash identifier: lAzmKP88YDI8WqVhqqeMOPNpWIQMS3tfSk/xdNFpGF8=
Subject key identifier: 5E:96:59:8B:F6:31:D0:19:49:50:83:EB:E8:3D:29:1F:90:03:8C:39
Certificate issuer: /CN=A91BDD82/serialNumber=1F8FA0ABFA8D7F7F7E7EA00D56EA01C70932E607
Certificate serial: 0D45
Authority key identifier: 1F:8F:A0:AB:FA:8D:7F:7F:7E:7E:A0:0D:56:EA:01:C7:09:32:E6:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H4-gq_qNf39-fqANVuoBxwky5gc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/CFAB082E61F311EDB7B99C70C4F9AE02.roa
Signing time: Mon 31 Jul 2023 18:35:53 +0000
ROA not before: Mon 31 Jul 2023 18:35:53 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 139053
IP address blocks: 103.138.250.0/24 maxlen: 24
103.138.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3397 (0xd45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDD82/serialNumber=1F8FA0ABFA8D7F7F7E7EA00D56EA01C70932E607
Validity
Not Before: Jul 31 18:35:53 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64c7ff09-fad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:33:bf:ee:fd:2c:f5:eb:e6:a8:7e:5f:c0:93:
52:18:8d:18:9e:1d:47:44:25:cb:28:4c:15:4d:e6:
1b:ce:9f:5c:9d:c4:f5:fb:fe:6a:15:b2:6d:a6:7d:
14:7b:5c:5d:8a:96:6e:14:50:0f:17:e8:24:70:2f:
70:53:61:63:48:9c:9e:38:03:01:06:1d:69:2d:f9:
58:b3:b0:aa:cd:9c:f6:16:91:43:38:a7:a8:1f:e3:
64:a6:25:75:37:9e:2e:5b:02:17:92:d0:a2:d6:2e:
ed:64:81:f7:b2:8f:56:11:51:f0:fc:60:a0:da:e2:
76:48:94:d5:0b:5e:a0:2d:d6:12:1a:88:83:97:74:
35:ab:25:90:a3:e9:16:0e:bc:59:06:03:e9:06:7b:
57:fe:02:2f:b8:0e:b2:7d:5b:6a:11:03:89:ed:45:
15:0d:5a:0e:c4:71:67:e0:0d:b6:dd:30:67:eb:8e:
85:0c:d4:23:6a:8a:58:4d:c8:37:32:32:c5:15:f1:
0e:4c:1b:f2:2a:19:56:75:2a:53:90:2e:84:5c:5a:
c7:fb:f1:02:8f:ae:87:5c:93:11:88:a3:d3:ce:4f:
9c:ee:23:5d:95:ee:25:26:6f:22:f6:1a:1c:73:3b:
62:ea:a9:54:33:6d:e5:10:ea:f3:eb:7a:0c:66:a5:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:96:59:8B:F6:31:D0:19:49:50:83:EB:E8:3D:29:1F:90:03:8C:39
X509v3 Authority Key Identifier:
keyid:1F:8F:A0:AB:FA:8D:7F:7F:7E:7E:A0:0D:56:EA:01:C7:09:32:E6:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/H4-gq_qNf39-fqANVuoBxwky5gc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H4-gq_qNf39-fqANVuoBxwky5gc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/CFAB082E61F311EDB7B99C70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.250.0/23
Signature Algorithm: sha256WithRSAEncryption
47:db:61:2a:6c:91:2c:5c:00:8d:6d:93:4c:fb:77:61:10:a7:
da:c1:96:e9:c5:56:0d:bc:4c:f0:4c:f3:66:3e:b2:66:51:29:
d7:2d:ad:9f:39:3e:86:24:1d:c0:0e:ca:2e:42:a6:2e:e5:a6:
8c:aa:12:b7:cc:00:16:5f:2a:9d:a3:a7:3d:5b:6f:02:4e:5b:
b9:5c:8d:e2:75:90:0e:ad:7f:e6:0f:79:7e:94:29:a3:84:b1:
6c:cc:0c:e4:b6:d8:50:46:b1:40:25:05:b1:09:ca:50:bb:fd:
5b:d0:e2:8e:0d:4f:90:ee:ed:c0:8e:5b:df:60:4b:08:5e:16:
ea:31:92:70:28:c2:28:8d:08:7b:cf:f1:81:f8:85:81:b6:8c:
b3:4c:a0:7f:d5:74:1e:03:cc:ee:9a:28:f6:e9:ee:9c:73:ba:
34:45:29:b1:92:a7:c2:b5:f6:73:3e:46:5e:51:78:b8:61:de:
27:e1:90:6d:66:2a:30:4b:2e:0b:77:10:1d:d4:bb:c3:46:c3:
ad:d9:15:59:e0:e9:55:4c:3e:f5:76:4b:59:1e:84:5f:c9:9a:
bb:d3:2d:85:ac:de:0a:7a:09:3e:4c:bb:39:e2:ce:6f:ec:75:
f5:25:4a:72:60:8e:6d:ca:48:6b:a7:e5:d2:70:5f:41:49:d2:
ba:24:16:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkREODIxMTAvBgNVBAUTKDFGOEZBMEFCRkE4RDdGN0Y3RTdFQTAwRDU2RUEwMUM3
MDkzMkU2MDcwHhcNMjMwNzMxMTgzNTUzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM3ZmYwOS1mYWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszO/7v0s9evmqH5fwJNSGI0Ynh1HRCXLKEwVTeYbzp9cncT1+/5qFbJtpn0U
e1xdipZuFFAPF+gkcC9wU2FjSJyeOAMBBh1pLflYs7CqzZz2FpFDOKeoH+NkpiV1
N54uWwIXktCi1i7tZIH3so9WEVHw/GCg2uJ2SJTVC16gLdYSGoiDl3Q1qyWQo+kW
DrxZBgPpBntX/gIvuA6yfVtqEQOJ7UUVDVoOxHFn4A223TBn646FDNQjaopYTcg3
MjLFFfEOTBvyKhlWdSpTkC6EXFrH+/ECj66HXJMRiKPTzk+c7iNdle4lJm8i9hoc
czti6qlUM23lEOrz63oMZqVZzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF6WWYv2
MdAZSVCD6+g9KR+QA4w5MB8GA1UdIwQYMBaAFB+PoKv6jX9/fn6gDVbqAccJMuYH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREQ4Mi8xOTdGOUQ5Mjkx
RTIxMUU5OTc2ODg5MEVDNEY5QUUwMi9INC1ncV9xTmYzOS1mcUFOVnVvQnh3a3k1
Z2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0g0LWdxX3FOZjM5LWZxQU5WdW9CeHdreTVnYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkREODIvMTk3RjlEOTI5MUUyMTFFOTk3Njg4OTBFQzRGOUFFMDIvQ0ZBQjA4MkU2
MUYzMTFFREI3Qjk5QzcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnivowDQYJKoZIhvcNAQELBQADggEBAEfbYSpskSxcAI1t
k0z7d2EQp9rBlunFVg28TPBM82Y+smZRKdctrZ85PoYkHcAOyi5Cpi7lpoyqErfM
ABZfKp2jpz1bbwJOW7lcjeJ1kA6tf+YPeX6UKaOEsWzMDOS22FBGsUAlBbEJylC7
/VvQ4o4NT5Du7cCOW99gSwheFuoxknAowiiNCHvP8YH4hYG2jLNMoH/VdB4DzO6a
KPbp7pxzujRFKbGSp8K19nM+Rl5ReLhh3ifhkG1mKjBLLgt3EB3Uu8NGw63ZFVng
6VVMPvV2S1kehF/JmrvTLYWs3gp6CT5Muznizm/sdfUlSnJgjm3KSGun5dJwX0FJ
0rokFnc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org