Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8F6D440EC2BA11EB99E5E36FC4F9AE02.roa
File: 8F6D440EC2BA11EB99E5E36FC4F9AE02.roa (raw, json)
Hash identifier: iZeY30o/ixXr76E1wXwkx7CYqdrdfxHLPOxUOg6/gb8=
Subject key identifier: F0:B2:DD:89:21:14:29:33:FC:76:20:0C:CA:5F:E4:7F:69:B6:28:AD
Certificate issuer: /CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
Certificate serial: 08FA
Authority key identifier: A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8F6D440EC2BA11EB99E5E36FC4F9AE02.roa
Signing time: Sat 30 Apr 2022 20:46:37 +0000
ROA not before: Sat 30 Apr 2022 20:46:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137554
IP address blocks: 103.137.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2298 (0x8fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C3DC8/serialNumber=A6C9611130C5167455136E85ABF236AAAA937BAD
Validity
Not Before: Apr 30 20:46:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=626da02d-50cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:73:a9:c2:c4:f8:63:5b:21:6b:b1:99:fd:0d:
92:c5:52:0b:07:f8:ce:b7:ae:1c:53:5f:aa:8b:e4:
b6:d5:88:6b:96:9e:d2:3a:9b:e8:04:28:69:8f:a9:
ba:9e:b8:d5:39:87:1f:5d:40:d5:0b:ca:b2:7b:81:
7e:f5:89:4d:15:f0:c9:c1:d2:28:76:77:d4:04:66:
8c:36:08:ba:22:5c:e8:78:40:68:d8:e6:a8:15:b9:
76:39:78:f0:df:5a:03:9f:fd:25:57:0a:b0:fe:42:
a4:dc:20:15:93:14:87:c4:47:5e:32:d7:72:76:b9:
31:b7:aa:4c:3c:b7:d7:2f:5d:3d:57:c3:33:5e:db:
53:bb:d0:70:2d:26:d6:fb:e5:cf:04:43:db:b1:d4:
de:ad:a1:d2:e5:9e:23:7c:a9:25:43:9e:5c:ac:cc:
5b:ad:8b:71:4d:dd:f7:52:01:ea:ae:6c:9b:dd:d6:
1b:2a:32:c0:99:6b:08:1d:dd:1d:96:41:45:f5:27:
77:41:33:62:81:32:d3:4e:f9:9b:47:32:2c:db:c8:
98:84:a7:28:ac:e0:86:8f:18:fa:0f:75:b5:4b:ec:
51:a7:fc:eb:0e:14:7b:6a:e3:6c:92:51:92:56:71:
c0:4d:9f:f2:78:84:15:88:bd:99:6e:d7:f1:52:ba:
24:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B2:DD:89:21:14:29:33:FC:76:20:0C:CA:5F:E4:7F:69:B6:28:AD
X509v3 Authority Key Identifier:
keyid:A6:C9:61:11:30:C5:16:74:55:13:6E:85:AB:F2:36:AA:AA:93:7B:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/pslhETDFFnRVE26Fq_I2qqqTe60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pslhETDFFnRVE26Fq_I2qqqTe60.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3DC8/E5CAF93E11D811EAB7167C4FC4F9AE02/8F6D440EC2BA11EB99E5E36FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.66.0/24
Signature Algorithm: sha256WithRSAEncryption
47:92:b1:60:a9:66:53:a7:35:c2:ca:ab:ee:3c:11:32:77:28:
cb:3d:8e:96:74:5a:c9:55:95:8f:c6:eb:fe:15:8c:f1:75:53:
27:01:e1:33:45:8f:ae:e4:11:4f:c5:d7:5d:cc:24:86:4b:46:
a4:1d:1d:75:c5:39:3e:67:a6:cc:05:86:2f:f8:12:0a:62:5d:
f7:52:95:43:4e:b9:f5:4c:d6:6a:18:eb:d6:9c:97:cf:8a:75:
79:b8:f8:0f:6f:97:98:be:eb:59:db:c0:49:16:15:fd:2e:c8:
64:30:0b:21:5d:1f:6d:e6:64:6f:5a:6b:ae:e6:86:a0:f0:24:
b8:66:67:72:c6:50:2a:a4:2d:d0:9e:ba:ee:a8:6f:98:a9:a7:
a8:28:87:41:5c:88:df:0a:2e:54:2d:08:2f:79:89:eb:ae:af:
6d:80:d9:ad:e5:07:0a:a7:e7:f4:35:0d:1f:68:7e:64:59:fa:
6d:15:57:40:25:05:8d:8e:25:a7:62:6d:e6:9d:e5:b8:21:66:
e8:a1:81:c3:f4:2d:eb:da:97:c2:10:37:0c:a3:4f:d3:83:74:
d5:00:86:bf:57:de:4f:87:e5:52:0f:27:ce:c4:9d:50:09:74:
95:f0:db:96:65:23:97:67:08:09:c3:1d:73:bb:a0:52:09:08:
27:ed:1e:41
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzNEQzgxMTAvBgNVBAUTKEE2Qzk2MTExMzBDNTE2NzQ1NTEzNkU4NUFCRjIzNkFB
QUE5MzdCQUQwHhcNMjIwNDMwMjA0NjM3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZkYTAyZC01MGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1nOpwsT4Y1sha7GZ/Q2SxVILB/jOt64cU1+qi+S21Yhrlp7SOpvoBChpj6m6
nrjVOYcfXUDVC8qye4F+9YlNFfDJwdIodnfUBGaMNgi6IlzoeEBo2OaoFbl2OXjw
31oDn/0lVwqw/kKk3CAVkxSHxEdeMtdydrkxt6pMPLfXL109V8MzXttTu9BwLSbW
++XPBEPbsdTeraHS5Z4jfKklQ55crMxbrYtxTd33UgHqrmyb3dYbKjLAmWsIHd0d
lkFF9Sd3QTNigTLTTvmbRzIs28iYhKcorOCGjxj6D3W1S+xRp/zrDhR7auNsklGS
VnHATZ/yeIQViL2ZbtfxUrok2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPCy3Ykh
FCkz/HYgDMpf5H9ptiitMB8GA1UdIwQYMBaAFKbJYREwxRZ0VRNuhavyNqqqk3ut
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0RDOC9FNUNBRjkzRTEx
RDgxMUVBQjcxNjdDNEZDNEY5QUUwMi9wc2xoRVRERkZuUlZFMjZGcV9JMnFxcVRl
NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BzbGhFVERGRm5SVkUyNkZxX0kycXFxVGU2MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzNEQzgvRTVDQUY5M0UxMUQ4MTFFQUI3MTY3QzRGQzRGOUFFMDIvOEY2RDQ0MEVD
MkJBMTFFQjk5RTVFMzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniUIwDQYJKoZIhvcNAQELBQADggEBAEeSsWCpZlOnNcLK
q+48ETJ3KMs9jpZ0WslVlY/G6/4VjPF1UycB4TNFj67kEU/F113MJIZLRqQdHXXF
OT5npswFhi/4EgpiXfdSlUNOufVM1moY69acl8+KdXm4+A9vl5i+61nbwEkWFf0u
yGQwCyFdH23mZG9aa67mhqDwJLhmZ3LGUCqkLdCeuu6ob5ipp6goh0FciN8KLlQt
CC95ieuur22A2a3lBwqn5/Q1DR9ofmRZ+m0VV0AlBY2OJadibead5bghZuihgcP0
Leval8IQNwyjT9ODdNUAhr9X3k+H5VIPJ87EnVAJdJXw25ZlI5dnCAnDHXO7oFIJ
CCftHkE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-fra.rpki-client.org