Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/1304D03292FA11ED8A66E70CC4F9AE02.roa
File: 1304D03292FA11ED8A66E70CC4F9AE02.roa (raw, json)
Hash identifier: MblrtyDoff68SMnYqH7HgTj3ZTVbUQYfvuW2MIH8WC0=
Subject key identifier: 26:CF:1B:3E:11:2E:FF:89:88:6A:81:79:9B:72:01:C6:AD:99:B1:DC
Certificate issuer: /CN=A91C1710/serialNumber=ECDD265743E9211BCE0AADCBB022CE6F33BE0B06
Certificate serial: 02
Authority key identifier: EC:DD:26:57:43:E9:21:1B:CE:0A:AD:CB:B0:22:CE:6F:33:BE:0B:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7N0mV0PpIRvOCq3LsCLObzO-CwY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/1304D03292FA11ED8A66E70CC4F9AE02.roa
Signing time: Fri 13 Jan 2023 04:23:48 +0000
ROA not before: Fri 13 Jan 2023 04:23:48 +0000
ROA not after: Wed 01 Mar 2023 00:00:00 +0000
asID: 58701
IP address blocks: 103.20.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1710/serialNumber=ECDD265743E9211BCE0AADCBB022CE6F33BE0B06
Validity
Not Before: Jan 13 04:23:48 2023 GMT
Not After : Mar 1 00:00:00 2023 GMT
Subject: CN=63c0dcd4-3719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b7:a6:63:34:06:d6:9c:4c:09:b9:3f:f3:bb:
d5:97:2e:db:16:1d:37:25:d0:26:23:3a:de:32:6f:
25:d2:32:0c:74:c5:d0:5d:f4:f3:03:46:f8:0a:52:
43:27:82:26:5a:77:42:a0:10:7f:38:c9:8b:a7:f0:
8e:e5:58:4c:15:1f:68:cf:3a:72:a3:0f:ec:98:78:
78:81:d8:f8:e0:46:29:5e:d4:c1:f0:a5:dd:a5:b1:
f2:f5:bc:6c:f9:21:1c:5a:06:da:e0:63:1e:3f:2f:
35:92:73:f1:ff:0c:15:ca:24:a4:a8:c5:e7:02:b0:
5f:4f:ef:6e:81:16:82:2a:75:e2:bc:db:1b:66:1e:
87:32:48:f0:4f:f7:de:8e:cd:8b:db:be:65:cb:bd:
5e:6d:a8:c7:1b:70:c6:4a:f3:93:20:68:a9:09:64:
b0:9c:ad:24:7e:ab:07:b3:3f:0a:c9:62:dd:0f:df:
a9:8a:bc:c2:f2:67:d5:fe:68:3a:ae:5a:fe:50:4b:
6c:77:2c:6e:e2:01:92:9d:aa:04:21:23:41:0e:46:
b5:76:96:9b:cb:eb:78:f2:93:01:f3:da:e2:30:67:
ee:a7:0b:45:5d:ca:60:4b:25:19:c2:b1:c3:08:c6:
9d:d0:da:53:33:32:5b:51:5e:cb:41:f5:c2:72:16:
22:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:CF:1B:3E:11:2E:FF:89:88:6A:81:79:9B:72:01:C6:AD:99:B1:DC
X509v3 Authority Key Identifier:
keyid:EC:DD:26:57:43:E9:21:1B:CE:0A:AD:CB:B0:22:CE:6F:33:BE:0B:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/7N0mV0PpIRvOCq3LsCLObzO-CwY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7N0mV0PpIRvOCq3LsCLObzO-CwY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/1304D03292FA11ED8A66E70CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.89.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:07:b8:b6:56:f8:de:a6:c4:33:d4:e5:25:84:0d:7f:a9:09:
86:b9:5e:fc:6f:06:82:68:3c:0f:2f:4d:3c:12:67:6a:44:1e:
39:5c:c0:82:58:26:6a:d4:1e:4f:a9:fa:45:7e:ec:30:97:58:
b7:30:1f:52:b4:3d:31:83:38:1e:d2:a7:31:c0:25:81:f8:49:
e9:13:5e:6e:93:4c:69:f9:8b:f6:aa:8d:ab:bb:93:ca:f0:a6:
e2:af:29:19:ea:bd:cc:27:d0:34:58:c3:b9:45:b7:8f:6a:ba:
ad:64:ca:91:c5:4c:58:6f:19:a5:d2:c1:d9:d4:a9:12:09:9a:
86:e5:a7:0a:42:f4:4e:b0:fb:2e:1c:d5:0b:c7:32:ab:a4:61:
97:ab:f6:a7:92:3a:40:77:7e:55:e5:8e:e0:d2:0a:ae:fe:a6:
9d:90:24:78:00:10:87:ba:2f:a2:c8:38:75:a7:3c:2f:00:4e:
54:12:bf:ab:35:9e:5c:b3:ce:ad:af:72:92:eb:65:63:89:ee:
49:92:12:13:a4:df:c0:63:a1:ed:f5:c9:29:42:5c:a2:2f:6e:
6b:94:7c:b2:9f:17:84:c1:4f:ba:1e:75:41:94:6d:17:67:66:
12:15:dc:a1:06:97:0c:19:14:d5:4c:de:13:34:3d:ed:3f:7d:
4b:42:58:66
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MTcxMDExMC8GA1UEBRMoRUNERDI2NTc0M0U5MjExQkNFMEFBRENCQjAyMkNFNkYz
M0JFMEIwNjAeFw0yMzAxMTMwNDIzNDhaFw0yMzAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYzBkY2Q0LTM3MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8t6ZjNAbWnEwJuT/zu9WXLtsWHTcl0CYjOt4ybyXSMgx0xdBd9PMDRvgKUkMn
giZad0KgEH84yYun8I7lWEwVH2jPOnKjD+yYeHiB2PjgRile1MHwpd2lsfL1vGz5
IRxaBtrgYx4/LzWSc/H/DBXKJKSoxecCsF9P726BFoIqdeK82xtmHocySPBP996O
zYvbvmXLvV5tqMcbcMZK85MgaKkJZLCcrSR+qwezPwrJYt0P36mKvMLyZ9X+aDqu
Wv5QS2x3LG7iAZKdqgQhI0EORrV2lpvL63jykwHz2uIwZ+6nC0VdymBLJRnCscMI
xp3Q2lMzMltRXstB9cJyFiKJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJs8bPhEu
/4mIaoF5m3IBxq2ZsdwwHwYDVR0jBBgwFoAU7N0mV0PpIRvOCq3LsCLObzO+CwYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNzEwLzE4MjI5QTg2ODI2
QjExRUNBMTFCQTUyQkM0RjlBRTAyLzdOMG1WMFBwSVJ2T0NxM0xzQ0xPYnpPLUN3
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN04wbVYwUHBJUnZPQ3EzTHNDTE9iek8tQ3dZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MTcxMC8xODIyOUE4NjgyNkIxMUVDQTExQkE1MkJDNEY5QUUwMi8xMzA0RDAzMjky
RkExMUVEOEE2NkU3MENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcUWTANBgkqhkiG9w0BAQsFAAOCAQEALAe4tlb43qbEM9Tl
JYQNf6kJhrle/G8Ggmg8Dy9NPBJnakQeOVzAglgmatQeT6n6RX7sMJdYtzAfUrQ9
MYM4HtKnMcAlgfhJ6RNebpNMafmL9qqNq7uTyvCm4q8pGeq9zCfQNFjDuUW3j2q6
rWTKkcVMWG8ZpdLB2dSpEgmahuWnCkL0TrD7LhzVC8cyq6Rhl6v2p5I6QHd+VeWO
4NIKrv6mnZAkeAAQh7ovosg4dac8LwBOVBK/qzWeXLPOra9ykutlY4nuSZISE6Tf
wGOh7fXJKUJcoi9ua5R8sp8XhMFPuh51QZRtF2dmEhXcoQaXDBkU1UzeEzQ97T99
S0JYZg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:04 2023 by rpki-client on console-ams.rpki-client.org