Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C654A/71FAB0D8352911EBB80F1349C4F9AE02/9FAF0E0EA1C711ED8701EE35C4F9AE02.roa
File: 9FAF0E0EA1C711ED8701EE35C4F9AE02.roa (raw, json)
Hash identifier: /gI1IVsyWrpxuy5bJSzm+bmzu6zQzMOZ8VeZso3v5Jw=
Subject key identifier: E8:0B:16:6B:4A:52:C5:83:20:8D:E6:79:D0:6D:32:DD:11:37:2B:5D
Certificate issuer: /CN=A91C654A/serialNumber=75BA913DBABFE94A34C7040DAB475C35A258A152
Certificate serial: 057B
Authority key identifier: 75:BA:91:3D:BA:BF:E9:4A:34:C7:04:0D:AB:47:5C:35:A2:58:A1:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dbqRPbq_6Uo0xwQNq0dcNaJYoVI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C654A/71FAB0D8352911EBB80F1349C4F9AE02/9FAF0E0EA1C711ED8701EE35C4F9AE02.roa
Signing time: Fri 03 Feb 2023 00:50:48 +0000
ROA not before: Fri 03 Feb 2023 00:50:48 +0000
ROA not after: Fri 02 Jun 2023 00:00:00 +0000
asID: 141432
IP address blocks: 103.159.74.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1403 (0x57b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C654A/serialNumber=75BA913DBABFE94A34C7040DAB475C35A258A152
Validity
Not Before: Feb 3 00:50:48 2023 GMT
Not After : Jun 2 00:00:00 2023 GMT
Subject: CN=63dc5a67-dbeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:30:2c:09:35:fd:92:77:83:79:f8:5e:b4:67:
d6:c6:d9:fe:91:6f:4c:35:0f:37:6f:1f:6a:f5:36:
08:70:e2:92:52:82:9e:04:ef:09:74:55:26:a5:48:
3c:a4:bd:45:91:70:81:3c:fb:8c:a6:cb:b8:e9:0c:
d9:dc:88:f1:00:bd:e9:0d:01:1d:9b:9a:03:0f:74:
d9:3b:5c:c0:b0:12:51:83:58:10:7c:66:5f:67:75:
de:84:64:27:0a:7d:81:aa:07:33:69:9b:7f:09:23:
8a:32:fd:13:19:75:7f:4d:35:eb:9e:49:1f:34:8b:
19:a0:eb:2e:6d:d8:8e:ac:f9:d7:7e:aa:ab:f1:1b:
f0:10:9b:5b:9f:be:7a:4b:0d:09:50:3a:e6:7a:4e:
0e:13:45:f0:1a:48:ff:f5:43:db:aa:8c:4d:d1:6d:
f7:bf:6d:94:e2:52:4d:7d:13:6a:cb:8e:c1:b3:04:
8b:e4:bd:04:7c:d5:13:3e:cb:94:49:6c:2f:d8:61:
93:c3:45:07:4b:cf:e9:39:b5:e2:ce:e2:64:cd:25:
72:bc:20:c3:71:90:f9:f2:76:2d:ee:1d:9f:9f:64:
67:96:f7:3c:d4:ba:09:7d:95:2f:b6:62:20:ff:70:
70:4e:c4:8e:b2:38:0e:7a:01:73:f9:64:59:96:c6:
22:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0B:16:6B:4A:52:C5:83:20:8D:E6:79:D0:6D:32:DD:11:37:2B:5D
X509v3 Authority Key Identifier:
keyid:75:BA:91:3D:BA:BF:E9:4A:34:C7:04:0D:AB:47:5C:35:A2:58:A1:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C654A/71FAB0D8352911EBB80F1349C4F9AE02/dbqRPbq_6Uo0xwQNq0dcNaJYoVI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dbqRPbq_6Uo0xwQNq0dcNaJYoVI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C654A/71FAB0D8352911EBB80F1349C4F9AE02/9FAF0E0EA1C711ED8701EE35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.74.0/23
Signature Algorithm: sha256WithRSAEncryption
47:06:78:ea:8b:1e:e8:72:c0:fe:24:48:97:03:b9:45:8f:2e:
14:fa:53:8d:b9:f4:b6:9d:39:65:31:0a:73:83:e9:31:03:00:
fa:ef:d4:63:62:4c:c2:af:97:1b:88:74:e6:2b:5f:a6:f9:66:
7f:c0:84:96:0b:95:63:45:b4:f6:03:3f:a3:c6:dc:15:b9:86:
40:f8:7f:d4:76:7f:78:1d:8b:3a:01:f0:cd:1c:5d:bc:45:83:
84:8e:df:76:8d:05:61:6f:db:cd:12:98:60:ca:61:41:9b:d7:
16:cd:0c:78:53:3f:11:42:26:3a:8e:f6:30:43:fc:92:51:45:
ae:29:11:8a:c4:b1:63:24:43:b9:e3:d6:b5:b8:f7:7e:1b:84:
22:78:ba:81:89:de:7f:66:f1:1a:22:46:c3:8d:87:31:5b:d3:
6c:1e:4f:6f:13:5c:13:35:1f:20:41:23:f6:d8:92:59:aa:c2:
96:a6:dc:c2:3c:0e:5c:51:63:78:f2:b6:88:95:a9:8b:33:1b:
94:37:da:68:cd:cd:d9:cd:94:a4:da:ae:69:56:80:bb:31:ef:
48:8f:10:32:aa:51:46:36:df:6d:7d:f9:72:7f:27:16:59:eb:
65:a2:5e:64:41:a9:06:d8:b5:c4:18:9b:04:a1:70:08:19:24:
c0:96:f0:7d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBXswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NEExMTAvBgNVBAUTKDc1QkE5MTNEQkFCRkU5NEEzNEM3MDQwREFCNDc1QzM1
QTI1OEExNTIwHhcNMjMwMjAzMDA1MDQ4WhcNMjMwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RjNWE2Ny1kYmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszAsCTX9kneDefhetGfWxtn+kW9MNQ83bx9q9TYIcOKSUoKeBO8JdFUmpUg8
pL1FkXCBPPuMpsu46QzZ3IjxAL3pDQEdm5oDD3TZO1zAsBJRg1gQfGZfZ3XehGQn
Cn2BqgczaZt/CSOKMv0TGXV/TTXrnkkfNIsZoOsubdiOrPnXfqqr8RvwEJtbn756
Sw0JUDrmek4OE0XwGkj/9UPbqoxN0W33v22U4lJNfRNqy47BswSL5L0EfNUTPsuU
SWwv2GGTw0UHS8/pObXizuJkzSVyvCDDcZD58nYt7h2fn2Rnlvc81LoJfZUvtmIg
/3BwTsSOsjgOegFz+WRZlsYiqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOgLFmtK
UsWDII3medBtMt0RNytdMB8GA1UdIwQYMBaAFHW6kT26v+lKNMcEDatHXDWiWKFS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU0QS83MUZBQjBEODM1
MjkxMUVCQjgwRjEzNDlDNEY5QUUwMi9kYnFSUGJxXzZVbzB4d1FOcTBkY05hSllv
VkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RicVJQYnFfNlVvMHh3UU5xMGRjTmFKWW9WSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NEEvNzFGQUIwRDgzNTI5MTFFQkI4MEYxMzQ5QzRGOUFFMDIvOUZBRjBFMEVB
MUM3MTFFRDg3MDFFRTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnn0owDQYJKoZIhvcNAQELBQADggEBAEcGeOqLHuhywP4k
SJcDuUWPLhT6U4259LadOWUxCnOD6TEDAPrv1GNiTMKvlxuIdOYrX6b5Zn/AhJYL
lWNFtPYDP6PG3BW5hkD4f9R2f3gdizoB8M0cXbxFg4SO33aNBWFv280SmGDKYUGb
1xbNDHhTPxFCJjqO9jBD/JJRRa4pEYrEsWMkQ7nj1rW4934bhCJ4uoGJ3n9m8Roi
RsONhzFb02weT28TXBM1HyBBI/bYklmqwpam3MI8DlxRY3jytoiVqYszG5Q32mjN
zdnNlKTarmlWgLsx70iPEDKqUUY23219+XJ/JxZZ62WiXmRBqQbYtcQYmwShcAgZ
JMCW8H0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org