Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4D77E11C09DA11EEBA18A082C4F9AE02.roa
File: 4D77E11C09DA11EEBA18A082C4F9AE02.roa (raw, json)
Hash identifier: BMFcrD1lJGOUnUa5p7pf7kH0O2OpCbkrf7xsPiCyEso=
Subject key identifier: 04:49:5F:F2:A9:BB:30:8A:B7:BB:8B:85:E9:D2:B0:A6:4A:0D:5E:1A
Certificate issuer: /CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Certificate serial: 023B
Authority key identifier: 70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4D77E11C09DA11EEBA18A082C4F9AE02.roa
Signing time: Tue 13 Jun 2023 11:06:10 +0000
ROA not before: Tue 13 Jun 2023 11:06:10 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 60021
IP address blocks: 103.84.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 571 (0x23b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Validity
Not Before: Jun 13 11:06:10 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64884da2-d0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8d:cd:fe:a1:61:86:20:00:10:63:e6:33:b1:
c9:77:44:2f:1e:af:98:b9:67:3d:9d:b4:ff:45:1e:
36:77:58:04:fd:5b:43:d0:a3:01:28:44:79:31:fa:
73:c3:55:23:07:c0:66:88:bf:e5:fc:48:3a:43:9c:
08:92:31:56:e2:4c:08:1a:09:66:7d:d8:45:11:13:
d0:5c:5d:3b:02:5b:b5:c2:3d:31:c3:3a:ce:32:2e:
77:bc:23:89:26:c7:d4:b8:65:f8:16:63:7a:33:d8:
28:da:6a:df:8f:77:b7:6f:21:55:84:9e:53:bc:f7:
d7:57:8d:e9:6e:22:d0:e1:ee:8c:bb:40:ea:32:f6:
68:fe:99:50:23:6b:b9:c9:9c:0f:5b:5e:bd:68:50:
95:e8:5d:bf:91:5b:29:be:93:49:15:91:79:6c:80:
18:4a:f1:9d:98:0d:e1:ce:29:b8:db:e8:e3:13:55:
82:ab:24:55:d1:dc:4b:a4:ce:89:3e:52:d6:21:fb:
8a:26:81:52:ec:d4:6e:05:8a:d3:85:c9:c1:ad:c8:
a3:21:79:69:01:06:45:02:97:69:34:21:0c:48:01:
46:9e:eb:45:b0:0b:70:d2:93:ff:da:e1:a7:1b:55:
c0:f3:09:bd:e4:55:bc:01:38:db:95:4c:e5:0f:1e:
64:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:49:5F:F2:A9:BB:30:8A:B7:BB:8B:85:E9:D2:B0:A6:4A:0D:5E:1A
X509v3 Authority Key Identifier:
keyid:70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/cB88FPCtfu9l000APNwZJGSM3jc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4D77E11C09DA11EEBA18A082C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.44.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:4f:1d:7d:2f:d7:5f:75:00:a8:33:ec:c2:bd:99:2d:fd:6c:
9f:c3:1a:b2:45:bd:86:8a:32:ef:1a:cd:17:20:28:6d:62:ac:
83:37:4e:93:9d:84:38:27:06:94:c1:fa:9e:ab:31:34:3b:e0:
69:7b:cb:b7:d7:c6:a5:a2:74:a3:c4:09:05:10:8d:1a:42:47:
54:a5:b6:d3:1e:13:3b:cc:eb:e0:0b:64:47:b7:cb:44:02:8d:
3c:a0:a9:fa:6c:53:ae:c8:fd:d6:9b:0f:25:a2:2b:19:df:f2:
90:7d:7f:b2:24:df:34:2e:d5:93:8c:10:9d:e7:f5:64:27:f9:
4f:21:3a:8f:4a:f7:9d:06:05:20:5e:7a:26:69:b6:9d:d0:fb:
88:f9:c4:37:ac:f8:55:2d:c4:fd:a6:f7:18:03:c5:7c:b0:a1:
2c:a4:c5:d9:8a:99:28:ba:bb:8a:cd:8f:90:8c:2d:66:e3:2c:
4f:6e:e0:b7:6e:31:9c:48:b4:5e:f0:d3:9a:c3:f5:b6:87:bb:
4f:1d:c2:23:82:23:0a:7d:ec:62:42:5f:e6:23:19:52:0d:77:
50:60:7f:63:a3:12:a2:3c:1d:0f:48:13:d9:05:ad:37:3e:0a:
ba:34:34:61:b2:08:b8:36:f6:25:f5:cf:ac:7b:99:f0:62:55:
0a:7e:a5:45
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzYzQTYxMTAvBgNVBAUTKDcwMUYzQzE0RjBBRDdFRUY2NUQzNEQwMDNDREMxOTI0
NjQ4Q0RFMzcwHhcNMjMwNjEzMTEwNjEwWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg4NGRhMi1kMGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwY3N/qFhhiAAEGPmM7HJd0QvHq+YuWc9nbT/RR42d1gE/VtD0KMBKER5Mfpz
w1UjB8BmiL/l/Eg6Q5wIkjFW4kwIGglmfdhFERPQXF07Alu1wj0xwzrOMi53vCOJ
JsfUuGX4FmN6M9go2mrfj3e3byFVhJ5TvPfXV43pbiLQ4e6Mu0DqMvZo/plQI2u5
yZwPW169aFCV6F2/kVspvpNJFZF5bIAYSvGdmA3hzim42+jjE1WCqyRV0dxLpM6J
PlLWIfuKJoFS7NRuBYrThcnBrcijIXlpAQZFApdpNCEMSAFGnutFsAtw0pP/2uGn
G1XA8wm95FW8ATjblUzlDx5kvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFARJX/Kp
uzCKt7uLhenSsKZKDV4aMB8GA1UdIwQYMBaAFHAfPBTwrX7vZdNNADzcGSRkjN43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjNBNi8wRDM5QzRFNDlB
OUIxMUVDODJDNzBCMjBDNEY5QUUwMi9jQjg4RlBDdGZ1OWwwMDBBUE53WkpHU00z
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NCODhGUEN0ZnU5bDAwMEFQTndaSkdTTTNqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzYzQTYvMEQzOUM0RTQ5QTlCMTFFQzgyQzcwQjIwQzRGOUFFMDIvNEQ3N0UxMUMw
OURBMTFFRUJBMThBMDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnVCwwDQYJKoZIhvcNAQELBQADggEBAKRPHX0v1191AKgz
7MK9mS39bJ/DGrJFvYaKMu8azRcgKG1irIM3TpOdhDgnBpTB+p6rMTQ74Gl7y7fX
xqWidKPECQUQjRpCR1SlttMeEzvM6+ALZEe3y0QCjTygqfpsU67I/dabDyWiKxnf
8pB9f7Ik3zQu1ZOMEJ3n9WQn+U8hOo9K950GBSBeeiZptp3Q+4j5xDes+FUtxP2m
9xgDxXywoSykxdmKmSi6u4rNj5CMLWbjLE9u4LduMZxItF7w05rD9baHu08dwiOC
Iwp97GJCX+YjGVINd1Bgf2OjEqI8HQ9IE9kFrTc+Cro0NGGyCLg29iX1z6x7mfBi
VQp+pUU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org