Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/8FBD838CA1E911EDAD7CE929C4F9AE02.roa
File: 8FBD838CA1E911EDAD7CE929C4F9AE02.roa (raw, json)
Hash identifier: 3mBetG4H/K5tyXsw/8ITuyqfXivfoWtaqni39kIEQV4=
Subject key identifier: CA:67:78:06:E1:85:7C:3A:E1:65:7B:6C:6B:0B:55:1E:0B:C4:D8:FE
Certificate issuer: /CN=A91C1710/serialNumber=ECDD265743E9211BCE0AADCBB022CE6F33BE0B06
Certificate serial: 16
Authority key identifier: EC:DD:26:57:43:E9:21:1B:CE:0A:AD:CB:B0:22:CE:6F:33:BE:0B:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7N0mV0PpIRvOCq3LsCLObzO-CwY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/8FBD838CA1E911EDAD7CE929C4F9AE02.roa
Signing time: Fri 03 Feb 2023 04:53:42 +0000
ROA not before: Fri 03 Feb 2023 04:53:42 +0000
ROA not after: Thu 01 Jun 2023 00:00:00 +0000
asID: 58701
IP address blocks: 103.20.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1710/serialNumber=ECDD265743E9211BCE0AADCBB022CE6F33BE0B06
Validity
Not Before: Feb 3 04:53:42 2023 GMT
Not After : Jun 1 00:00:00 2023 GMT
Subject: CN=63dc9356-85e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bd:0e:81:1b:8a:ec:5e:16:07:e5:95:ff:df:
1d:3d:c9:65:02:2c:8f:f1:4d:65:80:91:8c:6d:9d:
5c:8c:5f:b9:d1:22:a1:29:32:15:ae:86:f8:5f:17:
ac:c7:8b:14:90:60:74:0d:8c:ed:72:af:24:56:50:
0d:18:0f:77:77:8f:da:ce:61:06:41:19:59:45:41:
1a:ba:f5:a6:f9:bf:3a:ec:a2:15:4f:35:ee:e0:26:
d4:42:4e:ed:45:db:bd:ad:08:88:11:ec:17:96:36:
ee:4b:16:6a:ab:cf:b9:ee:95:b5:cd:95:92:a4:8c:
9d:ed:3c:45:a5:d0:2a:84:ab:7b:64:36:3c:21:a9:
51:f4:56:23:82:1b:86:2c:70:67:41:7f:91:52:51:
25:37:09:01:de:f5:bf:fd:08:db:a6:07:84:49:94:
a4:90:11:55:c0:8a:b4:da:64:3f:13:23:5f:6b:c8:
19:5d:24:cb:8e:de:38:7c:2b:c6:b3:bf:49:0e:db:
cc:12:dd:36:45:1f:7f:f1:60:aa:92:bf:83:6d:de:
22:5b:ff:b0:d4:bd:64:fa:ce:56:fc:6c:79:14:2c:
c4:26:f6:da:2e:0a:20:a8:76:ba:42:62:4a:55:2a:
61:18:62:b8:2f:d8:0c:4c:e1:ef:f4:f0:90:68:f1:
bb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:67:78:06:E1:85:7C:3A:E1:65:7B:6C:6B:0B:55:1E:0B:C4:D8:FE
X509v3 Authority Key Identifier:
keyid:EC:DD:26:57:43:E9:21:1B:CE:0A:AD:CB:B0:22:CE:6F:33:BE:0B:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/7N0mV0PpIRvOCq3LsCLObzO-CwY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7N0mV0PpIRvOCq3LsCLObzO-CwY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/8FBD838CA1E911EDAD7CE929C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.89.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:f9:55:ea:05:dc:a2:c9:2b:43:74:c0:dd:8d:90:01:69:92:
1b:d2:6a:84:8c:06:23:ab:b6:7a:21:a4:77:83:a2:cf:a0:ed:
b4:5a:4b:a0:b1:3f:c8:cd:01:c6:5e:f2:0d:dc:4d:06:0e:e6:
90:1c:d8:17:aa:a6:84:42:27:c9:87:37:c5:82:a1:f8:23:a9:
26:9f:a9:2a:1e:7a:37:ae:11:4a:0e:a4:ae:35:ec:94:90:7f:
77:3d:a5:b7:76:02:64:e3:f6:2a:3b:36:3e:14:77:5b:6d:fd:
4e:8e:cd:a4:b4:a2:25:d9:fc:38:68:a2:59:ee:b4:6c:e0:49:
fd:a8:05:47:41:80:be:ad:20:80:f3:d1:e3:5e:ca:ba:31:cf:
23:10:e4:ce:dd:6e:fd:b1:fd:e6:a3:d0:11:50:f7:35:01:8c:
5a:c1:17:dd:15:29:5b:90:f9:3d:cb:ea:b1:9f:b0:99:3d:15:
f6:7d:c6:e5:3d:78:8f:51:69:d6:14:66:63:42:a0:23:c1:a8:
31:13:48:f2:fe:e8:35:36:a7:87:41:44:b0:9c:25:59:9d:e8:
9f:8a:bf:11:7f:f4:e6:4d:de:dd:81:ef:90:50:e8:e7:96:33:
ec:5b:cf:15:3f:e5:34:c2:63:ad:a2:f8:20:df:59:9e:8a:57:
64:ce:e8:81
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MTcxMDExMC8GA1UEBRMoRUNERDI2NTc0M0U5MjExQkNFMEFBRENCQjAyMkNFNkYz
M0JFMEIwNjAeFw0yMzAyMDMwNDUzNDJaFw0yMzA2MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZGM5MzU2LTg1ZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8vQ6BG4rsXhYH5ZX/3x09yWUCLI/xTWWAkYxtnVyMX7nRIqEpMhWuhvhfF6zH
ixSQYHQNjO1yryRWUA0YD3d3j9rOYQZBGVlFQRq69ab5vzrsohVPNe7gJtRCTu1F
272tCIgR7BeWNu5LFmqrz7nulbXNlZKkjJ3tPEWl0CqEq3tkNjwhqVH0ViOCG4Ys
cGdBf5FSUSU3CQHe9b/9CNumB4RJlKSQEVXAirTaZD8TI19ryBldJMuO3jh8K8az
v0kO28wS3TZFH3/xYKqSv4Nt3iJb/7DUvWT6zlb8bHkULMQm9touCiCodrpCYkpV
KmEYYrgv2AxM4e/08JBo8burAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUymd4BuGF
fDrhZXtsawtVHgvE2P4wHwYDVR0jBBgwFoAU7N0mV0PpIRvOCq3LsCLObzO+CwYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNzEwLzE4MjI5QTg2ODI2
QjExRUNBMTFCQTUyQkM0RjlBRTAyLzdOMG1WMFBwSVJ2T0NxM0xzQ0xPYnpPLUN3
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN04wbVYwUHBJUnZPQ3EzTHNDTE9iek8tQ3dZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MTcxMC8xODIyOUE4NjgyNkIxMUVDQTExQkE1MkJDNEY5QUUwMi84RkJEODM4Q0Ex
RTkxMUVEQUQ3Q0U5MjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcUWTANBgkqhkiG9w0BAQsFAAOCAQEAqflV6gXcoskrQ3TA
3Y2QAWmSG9JqhIwGI6u2eiGkd4Oiz6DttFpLoLE/yM0Bxl7yDdxNBg7mkBzYF6qm
hEInyYc3xYKh+COpJp+pKh56N64RSg6krjXslJB/dz2lt3YCZOP2Kjs2PhR3W239
To7NpLSiJdn8OGiiWe60bOBJ/agFR0GAvq0ggPPR417KujHPIxDkzt1u/bH95qPQ
EVD3NQGMWsEX3RUpW5D5PcvqsZ+wmT0V9n3G5T14j1Fp1hRmY0KgI8GoMRNI8v7o
NTanh0FEsJwlWZ3on4q/EX/05k3e3YHvkFDo55Yz7FvPFT/lNMJjraL4IN9ZnopX
ZM7ogQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org