Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8E1834C4C2BA11EB99E5E36FC4F9AE02.roa
File: 8E1834C4C2BA11EB99E5E36FC4F9AE02.roa (raw, json)
Hash identifier: y0Ib0D6wh1esswri3yr9WyT0mQCY/IUk7yF22Cslt2Y=
Subject key identifier: A3:BC:D3:97:C1:5E:90:C0:43:4A:3E:66:2D:91:CC:AC:1A:69:A0:F8
Certificate issuer: /CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
Certificate serial: 0A7E
Authority key identifier: A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8E1834C4C2BA11EB99E5E36FC4F9AE02.roa
Signing time: Wed 01 Mar 2023 13:28:37 +0000
ROA not before: Wed 01 Mar 2023 13:28:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136141
IP address blocks: 103.137.66.0/24 maxlen: 24
103.137.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2686 (0xa7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
Validity
Not Before: Mar 1 13:28:37 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63ff5305-e039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a6:53:0d:c1:9e:8c:3b:1f:52:ad:3a:3a:c0:
cc:27:9c:b4:52:96:1b:a0:81:31:d7:ac:a6:0b:d0:
f7:7b:c4:94:42:5d:df:ae:81:d5:77:ba:e2:15:5e:
bd:05:95:1c:a0:62:e0:a1:32:34:55:80:6c:98:0d:
62:0b:c8:33:aa:bf:e6:fe:a4:23:83:95:8d:03:a0:
70:44:50:6f:6d:df:88:29:4d:32:6c:9a:9f:ba:14:
f3:62:1b:e5:77:27:7a:64:f0:2a:75:83:25:43:b4:
d4:ec:e4:f8:0f:ea:0d:d0:f0:64:bd:fc:9f:2b:78:
4a:c0:df:68:b2:4a:c3:a2:a0:f4:35:55:28:33:6a:
88:45:9c:4d:cb:9d:4a:d9:94:4e:78:83:06:ab:08:
88:88:52:cd:19:bd:c2:17:a3:99:d2:26:17:1e:ee:
c8:f8:bf:96:44:c2:6f:17:e4:4e:52:1c:90:0b:ba:
99:af:85:5f:b7:2e:d9:14:b0:42:66:11:70:29:6d:
02:1f:67:78:44:0e:c0:4b:18:16:c9:d2:a1:75:6c:
a9:24:9b:e2:d1:ab:4c:a4:8e:fe:fd:48:52:17:f3:
d7:d0:c0:93:5f:f0:e8:11:f1:15:33:5b:82:42:01:
b4:c3:b8:ed:0e:47:a6:0f:91:76:3a:66:3c:66:a1:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:BC:D3:97:C1:5E:90:C0:43:4A:3E:66:2D:91:CC:AC:1A:69:A0:F8
X509v3 Authority Key Identifier:
keyid:A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/pslhETDFFnRVE26Fq_I2qqqTe60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8E1834C4C2BA11EB99E5E36FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.66.0/23
Signature Algorithm: sha256WithRSAEncryption
81:bb:62:32:6d:00:ab:64:39:43:65:e3:11:a2:e5:da:f4:0a:
bd:58:79:b5:50:9b:90:5f:d0:e4:93:e6:8b:68:93:52:4e:22:
62:ba:c0:28:3e:65:67:dd:37:b7:b7:87:71:93:c7:c4:22:a6:
6b:66:ee:3f:2c:93:16:b9:fc:e6:41:ee:b3:f0:78:f4:d1:ec:
e2:66:2b:1d:29:62:2c:a9:a0:e6:fe:e1:89:e6:4a:d5:39:16:
59:b5:93:3c:e9:1d:f4:0f:95:6b:50:1e:3f:0b:50:91:a2:66:
84:f2:bf:7b:d8:d6:ff:33:8a:86:59:10:75:c3:e7:02:e9:96:
46:81:fc:91:2e:4f:41:0c:41:07:9d:04:ea:55:2b:28:25:e8:
f9:cc:3d:cf:0c:c6:c2:1a:60:7f:16:c5:93:d4:57:e4:55:9b:
7e:f0:fd:63:78:ae:ac:4a:a0:a2:90:76:91:ee:4d:2e:c8:8c:
cc:74:4f:12:8c:b7:df:db:ab:88:ca:f1:76:1b:80:84:52:33:
4c:de:60:54:22:ea:b0:50:a2:68:99:65:9f:fc:0e:7b:7e:07:
80:e9:cf:9d:32:e1:48:2f:21:ce:b4:1b:55:a1:04:83:4d:30:
d9:c4:17:a1:d5:5d:01:c4:99:0b:94:80:9e:5d:50:1b:79:3b:
33:41:f7:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzNEQzgxMTAvBgNVBAUTKEE2Qzk2MTExMzBDNTE2NzQ1NTEzNkU4NUFCRjIzNkFB
QUE5MzdCQUQwHhcNMjMwMzAxMTMyODM3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZmNTMwNS1lMDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvqZTDcGejDsfUq06OsDMJ5y0UpYboIEx16ymC9D3e8SUQl3froHVd7riFV69
BZUcoGLgoTI0VYBsmA1iC8gzqr/m/qQjg5WNA6BwRFBvbd+IKU0ybJqfuhTzYhvl
dyd6ZPAqdYMlQ7TU7OT4D+oN0PBkvfyfK3hKwN9oskrDoqD0NVUoM2qIRZxNy51K
2ZROeIMGqwiIiFLNGb3CF6OZ0iYXHu7I+L+WRMJvF+ROUhyQC7qZr4Vfty7ZFLBC
ZhFwKW0CH2d4RA7ASxgWydKhdWypJJvi0atMpI7+/UhSF/PX0MCTX/DoEfEVM1uC
QgG0w7jtDkemD5F2OmY8ZqH+MwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKO805fB
XpDAQ0o+Zi2RzKwaaaD4MB8GA1UdIwQYMBaAFKbJYREwxRZ0VRNuhavyNqqqk3ut
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0RDOC9FNUNBRjkzRTEx
RDgxMUVBQjcxNjdDNEZDNEY5QUUwMi9wc2xoRVRERkZuUlZFMjZGcV9JMnFxcVRl
NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BzbGhFVERGRm5SVkUyNkZxX0kycXFxVGU2MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzNEQzgvRTVDQUY5M0UxMUQ4MTFFQUI3MTY3QzRGQzRGOUFFMDIvOEUxODM0QzRD
MkJBMTFFQjk5RTVFMzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFniUIwDQYJKoZIhvcNAQELBQADggEBAIG7YjJtAKtkOUNl
4xGi5dr0Cr1YebVQm5Bf0OST5otok1JOImK6wCg+ZWfdN7e3h3GTx8Qipmtm7j8s
kxa5/OZB7rPwePTR7OJmKx0pYiypoOb+4YnmStU5Flm1kzzpHfQPlWtQHj8LUJGi
ZoTyv3vY1v8zioZZEHXD5wLplkaB/JEuT0EMQQedBOpVKygl6PnMPc8MxsIaYH8W
xZPUV+RVm37w/WN4rqxKoKKQdpHuTS7IjMx0TxKMt9/bq4jK8XYbgIRSM0zeYFQi
6rBQomiZZZ/8Dnt+B4Dpz50y4UgvIc60G1WhBINNMNnEF6HVXQHEmQuUgJ5dUBt5
OzNB9/Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:04 2023 by rpki-client on console-ams.rpki-client.org