Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/8E96C6AE199D11EEA0AE3622C4F9AE02.roa
File: 8E96C6AE199D11EEA0AE3622C4F9AE02.roa (raw, json)
Hash identifier: IVRdMB48TZsvOCNIM6Jz85lsKIhWpLFfL7ft7jfhhbk=
Subject key identifier: DE:31:44:30:6E:05:D2:DB:F2:4C:A3:64:D9:28:D1:BA:4F:EB:1D:9F
Certificate issuer: /CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Certificate serial: 034A
Authority key identifier: 49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/8E96C6AE199D11EEA0AE3622C4F9AE02.roa
Signing time: Mon 03 Jul 2023 12:31:39 +0000
ROA not before: Mon 03 Jul 2023 12:31:39 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 211256
IP address blocks: 103.120.129.0/24 maxlen: 24
103.134.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 842 (0x34a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Validity
Not Before: Jul 3 12:31:39 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64a2bfab-665b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a9:e0:d8:1f:bf:6b:f3:ba:71:ef:f1:54:62:
91:d0:71:f4:b1:2e:ec:c1:51:16:89:86:3b:d5:24:
d2:82:d8:d2:7c:d1:85:de:8a:73:28:10:06:07:15:
48:35:55:09:10:c4:be:4a:fa:ac:fa:fa:7c:f9:8c:
58:93:ae:b3:cc:26:31:b1:2b:c1:ff:b8:0c:d0:3f:
bb:a0:14:8d:ac:60:6a:e1:54:b2:d8:5b:17:22:37:
60:6b:8a:bf:75:86:10:10:03:e6:80:21:ac:2c:b6:
08:94:d3:7d:20:52:3e:14:d4:3c:a3:38:31:c7:ce:
3d:53:da:f6:69:91:08:79:31:c6:02:37:c0:c1:df:
a7:c3:ec:e2:75:36:16:fa:a1:d8:b8:d8:03:03:15:
52:90:e6:4c:60:41:b3:c4:e0:cc:71:ad:3f:88:f7:
5f:79:04:d2:23:9e:6c:3d:f6:ff:8e:95:fa:53:23:
79:1d:a9:9c:07:4c:81:7d:8c:76:6a:7e:e6:bd:cb:
f6:b1:00:5c:3d:0f:1f:43:5b:c6:2e:42:39:3e:21:
b8:23:65:9d:cd:c9:16:93:72:8f:dd:0b:f9:da:f1:
7b:a4:76:01:49:e5:92:0d:05:93:fb:5b:9f:5d:d2:
2f:d0:24:01:f4:ab:87:4f:01:7c:cc:9e:96:dc:a7:
53:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:31:44:30:6E:05:D2:DB:F2:4C:A3:64:D9:28:D1:BA:4F:EB:1D:9F
X509v3 Authority Key Identifier:
keyid:49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/SUICsDHp9CdkMVegbvqkwHDH8-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/8E96C6AE199D11EEA0AE3622C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.129.0/24
103.134.75.0/24
Signature Algorithm: sha256WithRSAEncryption
40:57:91:f9:c3:ea:9d:36:e5:ce:4e:c6:d9:f5:60:ab:16:71:
4d:47:d8:3d:b6:16:d8:10:fd:c2:02:b5:e1:14:83:94:1a:b3:
14:8d:cd:16:f5:ed:68:9a:d5:5d:b4:7e:b9:25:f5:89:eb:8e:
db:ed:56:bc:3d:5d:de:02:40:48:8b:1f:86:1b:e3:ee:3c:43:
1a:16:70:4f:b6:bb:47:66:6d:e8:d8:34:ae:47:df:03:f7:32:
e1:f1:75:e5:26:dd:c3:c8:0e:e0:9e:6c:9b:8c:44:d9:8f:8f:
c5:3b:54:dd:fd:2f:83:18:5f:ba:0e:7d:70:55:2c:cd:e3:43:
51:49:82:8a:7e:59:78:cc:7d:ec:ea:ab:f6:16:9f:71:05:6f:
8a:ce:f9:0a:09:d9:49:85:27:d8:fe:0b:b8:ee:d5:a5:6c:b8:
13:12:8a:2c:9b:94:00:02:aa:36:48:14:48:3b:e1:4b:b4:30:
79:5c:8d:01:ee:1e:f7:e2:49:b4:05:7c:6f:b7:ae:b9:ee:d9:
b4:99:38:13:6b:94:08:67:38:02:20:f8:cb:f8:c6:2a:27:34:
8d:86:22:a5:39:ef:a2:24:83:14:f3:2a:12:92:2d:7d:14:ce:
d8:76:9d:6b:f5:f5:df:87:e3:b5:9b:45:59:20:6c:04:ab:6a:
57:b3:79:89
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBDOUIxMTAvBgNVBAUTKDQ5NDIwMkIwMzFFOUY0Mjc2NDMxNTdBMDZFRkFBNEMw
NzBDN0YzRUQwHhcNMjMwNzAzMTIzMTM5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEyYmZhYi02NjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuqng2B+/a/O6ce/xVGKR0HH0sS7swVEWiYY71STSgtjSfNGF3opzKBAGBxVI
NVUJEMS+Svqs+vp8+YxYk66zzCYxsSvB/7gM0D+7oBSNrGBq4VSy2FsXIjdga4q/
dYYQEAPmgCGsLLYIlNN9IFI+FNQ8ozgxx849U9r2aZEIeTHGAjfAwd+nw+zidTYW
+qHYuNgDAxVSkOZMYEGzxODMca0/iPdfeQTSI55sPfb/jpX6UyN5HamcB0yBfYx2
an7mvcv2sQBcPQ8fQ1vGLkI5PiG4I2WdzckWk3KP3Qv52vF7pHYBSeWSDQWT+1uf
XdIv0CQB9KuHTwF8zJ6W3KdTxwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN4xRDBu
BdLb8kyjZNko0bpP6x2fMB8GA1UdIwQYMBaAFElCArAx6fQnZDFXoG76pMBwx/Pt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEM5Qi9BNDZFOTg5QTMy
MkIxMUVDOTdGOENGN0NDNEY5QUUwMi9TVUlDc0RIcDlDZGtNVmVnYnZxa3dIREg4
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NVSUNzREhwOUNka01WZWdidnFrd0hESDgtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBDOUIvQTQ2RTk4OUEzMjJCMTFFQzk3RjhDRjdDQzRGOUFFMDIvOEU5NkM2QUUx
OTlEMTFFRUEwQUUzNjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABneIEDBABnhkswDQYJKoZIhvcNAQELBQADggEBAEBXkfnD
6p025c5Oxtn1YKsWcU1H2D22FtgQ/cICteEUg5QasxSNzRb17Wia1V20frkl9Ynr
jtvtVrw9Xd4CQEiLH4Yb4+48QxoWcE+2u0dmbejYNK5H3wP3MuHxdeUm3cPIDuCe
bJuMRNmPj8U7VN39L4MYX7oOfXBVLM3jQ1FJgop+WXjMfezqq/YWn3EFb4rO+QoJ
2UmFJ9j+C7ju1aVsuBMSiiyblAACqjZIFEg74Uu0MHlcjQHuHvfiSbQFfG+3rrnu
2bSZOBNrlAhnOAIg+Mv4xionNI2GIqU576IkgxTzKhKSLX0Uzth2nWv19d+H47Wb
RVkgbASralezeYk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org