Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4CDC7E0209DA11EEBA18A082C4F9AE02.roa
File: 4CDC7E0209DA11EEBA18A082C4F9AE02.roa (raw, json)
Hash identifier: EpZA8TGg4+6C8NJf76BchrXUNo4+WrhzfDbklFwJmDs=
Subject key identifier: 07:E7:BC:B2:8F:79:36:F2:8C:D3:8F:21:88:60:2E:7F:34:9F:EA:1A
Certificate issuer: /CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Certificate serial: 023A
Authority key identifier: 70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4CDC7E0209DA11EEBA18A082C4F9AE02.roa
Signing time: Tue 13 Jun 2023 11:06:09 +0000
ROA not before: Tue 13 Jun 2023 11:06:09 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 59371
IP address blocks: 103.84.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 570 (0x23a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Validity
Not Before: Jun 13 11:06:09 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64884da1-fd4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:76:e4:de:b1:ed:71:37:3e:1c:6a:b4:bc:8d:
14:fc:68:d0:65:1a:16:c8:e0:fe:53:97:f9:1f:d9:
9b:6d:5b:9b:e0:24:5e:61:59:a7:1e:d2:89:b2:12:
6e:bf:ac:23:f2:72:a4:7a:cd:76:20:22:fe:cc:c4:
67:46:1d:7e:59:6f:9d:7e:79:0e:74:fd:c3:c5:87:
3a:c4:fe:83:a2:18:2d:a1:68:e3:ce:19:93:35:b3:
f2:8a:37:8b:8c:9c:31:36:1a:34:b6:1e:d7:4b:e9:
b7:80:bd:9c:d3:8d:16:33:8f:10:60:ca:c4:15:da:
71:a9:61:d3:c4:8a:2b:b3:a0:b8:27:1e:28:83:a9:
8b:d8:10:9f:e1:eb:60:78:04:17:ec:c2:6a:50:f6:
87:d9:ad:9a:14:53:73:01:19:e9:44:7d:62:bb:f5:
32:b9:68:48:8c:e0:f6:8e:b7:bf:19:26:8c:8d:31:
d0:52:b8:43:d7:05:f6:c9:72:b5:78:ec:ef:ca:60:
91:3f:ef:f5:a8:fc:eb:cc:90:5f:10:fd:40:86:b6:
97:09:3c:8f:9c:68:cf:33:e5:68:15:8a:17:ce:96:
63:59:2d:d4:9f:f1:76:f7:a9:bd:99:75:43:cd:ac:
3b:9e:fe:b1:96:2c:f3:0c:32:a3:73:da:12:65:32:
b3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E7:BC:B2:8F:79:36:F2:8C:D3:8F:21:88:60:2E:7F:34:9F:EA:1A
X509v3 Authority Key Identifier:
keyid:70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/cB88FPCtfu9l000APNwZJGSM3jc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4CDC7E0209DA11EEBA18A082C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.44.0/22
Signature Algorithm: sha256WithRSAEncryption
54:69:e0:8f:a2:05:f7:f3:37:7d:f3:b3:93:c3:f6:ad:a8:42:
50:63:92:26:42:57:bf:e7:d3:6d:2a:f4:33:0d:dc:fe:5a:6d:
73:71:51:d5:7e:64:4e:54:79:05:f3:99:b6:4e:7a:80:32:92:
6f:ee:4f:0d:9a:58:5d:9b:9e:e1:52:6c:43:68:92:cb:96:8d:
ef:15:57:f9:5f:1c:b9:3d:0b:f6:08:cf:60:2b:ff:4e:03:92:
d7:b5:84:4b:a4:90:3a:37:ad:74:09:78:cd:af:e1:04:62:d1:
12:25:90:1f:03:19:41:88:89:af:71:dd:02:18:75:35:19:b7:
ff:c0:71:76:57:8d:68:10:71:68:c8:74:08:e4:a6:c6:9e:51:
ae:41:13:9b:3c:b5:05:50:d1:d2:53:0d:38:c3:fd:1d:00:2e:
29:74:cf:f3:99:40:66:9a:75:97:d3:8e:e7:75:ac:65:7a:a8:
80:94:d8:8f:bb:48:7f:14:f3:69:dd:ce:4a:ac:a6:9f:4e:32:
d6:11:ed:90:c6:ca:84:28:cc:a1:1a:40:aa:7e:87:d0:37:8a:
7a:74:06:d7:89:94:c7:91:d2:ec:9e:c7:c9:ea:f7:0b:38:12:
78:22:14:41:62:09:d7:47:3f:80:fc:86:b4:87:4e:01:57:9e:
65:6d:fc:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzYzQTYxMTAvBgNVBAUTKDcwMUYzQzE0RjBBRDdFRUY2NUQzNEQwMDNDREMxOTI0
NjQ4Q0RFMzcwHhcNMjMwNjEzMTEwNjA5WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg4NGRhMS1mZDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxnbk3rHtcTc+HGq0vI0U/GjQZRoWyOD+U5f5H9mbbVub4CReYVmnHtKJshJu
v6wj8nKkes12ICL+zMRnRh1+WW+dfnkOdP3DxYc6xP6DohgtoWjjzhmTNbPyijeL
jJwxNho0th7XS+m3gL2c040WM48QYMrEFdpxqWHTxIors6C4Jx4og6mL2BCf4etg
eAQX7MJqUPaH2a2aFFNzARnpRH1iu/UyuWhIjOD2jre/GSaMjTHQUrhD1wX2yXK1
eOzvymCRP+/1qPzrzJBfEP1AhraXCTyPnGjPM+VoFYoXzpZjWS3Un/F296m9mXVD
zaw7nv6xlizzDDKjc9oSZTKzIQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAfnvLKP
eTbyjNOPIYhgLn80n+oaMB8GA1UdIwQYMBaAFHAfPBTwrX7vZdNNADzcGSRkjN43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjNBNi8wRDM5QzRFNDlB
OUIxMUVDODJDNzBCMjBDNEY5QUUwMi9jQjg4RlBDdGZ1OWwwMDBBUE53WkpHU00z
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NCODhGUEN0ZnU5bDAwMEFQTndaSkdTTTNqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzYzQTYvMEQzOUM0RTQ5QTlCMTFFQzgyQzcwQjIwQzRGOUFFMDIvNENEQzdFMDIw
OURBMTFFRUJBMThBMDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnVCwwDQYJKoZIhvcNAQELBQADggEBAFRp4I+iBffzN33z
s5PD9q2oQlBjkiZCV7/n020q9DMN3P5abXNxUdV+ZE5UeQXzmbZOeoAykm/uTw2a
WF2bnuFSbENoksuWje8VV/lfHLk9C/YIz2Ar/04Dkte1hEukkDo3rXQJeM2v4QRi
0RIlkB8DGUGIia9x3QIYdTUZt//AcXZXjWgQcWjIdAjkpsaeUa5BE5s8tQVQ0dJT
DTjD/R0ALil0z/OZQGaadZfTjud1rGV6qICU2I+7SH8U82ndzkqspp9OMtYR7ZDG
yoQozKEaQKp+h9A3inp0BteJlMeR0uyex8nq9ws4EngiFEFiCddHP4D8hrSHTgFX
nmVt/Kc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org