Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DDD7EB0ED46511ECA1A27035C4F9AE02.roa
File: DDD7EB0ED46511ECA1A27035C4F9AE02.roa (raw, json)
Hash identifier: ZnxvUOn7Jfetv10htXm9/ch+RArxavCFfFmfG84um/M=
Subject key identifier: 3C:0F:FC:08:6F:27:E4:09:04:CF:B2:77:17:30:22:1C:65:79:F0:F8
Certificate issuer: /CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Certificate serial: 164E
Authority key identifier: 90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DDD7EB0ED46511ECA1A27035C4F9AE02.roa
Signing time: Wed 14 Sep 2022 05:34:05 +0000
ROA not before: Wed 14 Sep 2022 05:34:05 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132325
IP address blocks: 103.71.154.0/24 maxlen: 24
103.234.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5710 (0x164e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Validity
Not Before: Sep 14 05:34:05 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=632167cd-b018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fc:0f:61:02:20:ba:45:27:06:df:46:b4:77:
82:3e:50:3d:03:47:73:42:38:39:39:bc:4c:e9:7d:
38:c7:44:2c:91:e1:13:58:bc:3b:b1:cc:61:de:4d:
03:01:12:1d:99:59:03:2b:1e:00:d3:4d:53:40:a1:
d6:2d:5d:ed:74:16:bf:47:4d:d2:1f:21:62:46:29:
c6:2c:f5:1d:67:43:a4:b8:f3:00:fc:22:d0:7a:a7:
6e:86:09:3f:45:7f:f4:91:3e:1c:dc:48:b7:63:68:
85:c1:76:b7:fa:03:11:95:d1:3d:4e:36:0c:96:a0:
58:b8:9e:b0:92:be:40:dc:93:50:82:da:99:fd:00:
1a:d3:cd:f2:fb:e1:46:d2:f0:c3:96:aa:8f:53:e6:
96:ba:4d:92:e3:df:9b:d9:ab:09:3d:54:db:36:3d:
ae:cc:b9:50:37:d5:1d:bb:bd:79:b5:12:4d:84:f5:
41:0b:51:04:21:bd:2b:1f:b4:35:f2:ac:46:00:37:
06:ce:df:9e:f7:57:2a:ce:f4:c2:ef:5c:5e:44:99:
e6:60:54:fe:51:2f:90:f6:a4:77:ac:a0:d7:36:9d:
d7:ea:79:fe:74:71:df:a4:00:ff:37:1c:00:84:22:
79:0d:ff:00:fd:60:ce:97:aa:dd:77:b2:5e:a5:8b:
13:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0F:FC:08:6F:27:E4:09:04:CF:B2:77:17:30:22:1C:65:79:F0:F8
X509v3 Authority Key Identifier:
keyid:90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/kAuHDIDA6z-EaPU-dnL6dBdSxdU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DDD7EB0ED46511ECA1A27035C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.154.0/24
103.234.74.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:ca:ec:40:8d:f0:0f:d5:29:68:bb:48:49:2f:0a:08:bc:3e:
ee:1b:c0:f0:e8:17:d2:07:f8:f3:84:b6:b5:f8:cc:26:4b:ee:
6d:26:65:f0:64:1f:7e:61:79:8f:b2:31:16:39:37:82:cb:ab:
86:49:6f:fb:40:8a:fb:56:58:e5:40:fc:b9:90:5d:9b:01:2d:
b2:bc:5b:7c:1b:37:74:f3:af:5c:e1:3e:07:94:63:6b:03:0a:
3a:cf:1b:04:95:27:c7:7e:1e:73:1b:d9:e1:6a:78:9f:18:1b:
1d:e1:a8:bc:4f:53:f5:22:06:77:f3:d8:16:67:58:9a:17:60:
8c:39:b5:36:69:f5:f2:d9:6a:c7:16:1d:75:71:8e:12:c9:38:
f8:a9:bd:36:1e:9e:bc:6d:b2:6a:d2:a6:4e:2c:0d:b7:32:83:
3f:47:6c:2c:4b:53:75:04:94:2e:68:bd:27:2a:96:df:69:50:
0f:a2:f8:10:8b:3f:62:9a:d8:84:65:32:80:b6:5d:28:9e:72:
e3:9c:67:fb:a6:69:b3:e8:4a:2f:69:e8:af:c9:1d:38:93:ee:
bc:83:c8:f9:d3:c0:f8:43:83:72:3b:77:a6:a2:bd:f6:21:cf:
79:28:84:ca:39:ca:38:77:8e:fe:79:65:c1:8a:f7:20:44:17:
fd:42:d8:5f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcxNjkxMTAvBgNVBAUTKDkwMEI4NzBDODBDMEVCM0Y4NDY4RjUzRTc2NzJGQTc0
MTc1MkM1RDUwHhcNMjIwOTE0MDUzNDA1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIxNjdjZC1iMDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1vwPYQIgukUnBt9GtHeCPlA9A0dzQjg5ObxM6X04x0QskeETWLw7scxh3k0D
ARIdmVkDKx4A001TQKHWLV3tdBa/R03SHyFiRinGLPUdZ0OkuPMA/CLQeqduhgk/
RX/0kT4c3Ei3Y2iFwXa3+gMRldE9TjYMlqBYuJ6wkr5A3JNQgtqZ/QAa083y++FG
0vDDlqqPU+aWuk2S49+b2asJPVTbNj2uzLlQN9Udu715tRJNhPVBC1EEIb0rH7Q1
8qxGADcGzt+e91cqzvTC71xeRJnmYFT+US+Q9qR3rKDXNp3X6nn+dHHfpAD/NxwA
hCJ5Df8A/WDOl6rdd7JepYsTHwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDwP/Ahv
J+QJBM+ydxcwIhxlefD4MB8GA1UdIwQYMBaAFJALhwyAwOs/hGj1PnZy+nQXUsXV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzE2OS81MDI2MDhCNEFE
OTAxMUU3OTI2N0ZGMEZDNEY5QUUwMi9rQXVIRElEQTZ6LUVhUFUtZG5MNmRCZFN4
ZFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBdUhESURBNnotRWFQVS1kbkw2ZEJkU3hkVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNjkvNTAyNjA4QjRBRDkwMTFFNzkyNjdGRjBGQzRGOUFFMDIvREREN0VCMEVE
NDY1MTFFQ0ExQTI3MDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnR5oDBABn6kowDQYJKoZIhvcNAQELBQADggEBAAzK7ECN
8A/VKWi7SEkvCgi8Pu4bwPDoF9IH+POEtrX4zCZL7m0mZfBkH35heY+yMRY5N4LL
q4ZJb/tAivtWWOVA/LmQXZsBLbK8W3wbN3Tzr1zhPgeUY2sDCjrPGwSVJ8d+HnMb
2eFqeJ8YGx3hqLxPU/UiBnfz2BZnWJoXYIw5tTZp9fLZascWHXVxjhLJOPipvTYe
nrxtsmrSpk4sDbcygz9HbCxLU3UElC5ovScqlt9pUA+i+BCLP2Ka2IRlMoC2XSie
cuOcZ/umabPoSi9p6K/JHTiT7ryDyPnTwPhDg3I7d6aivfYhz3kohMo5yjh3jv55
ZcGK9yBEF/1C2F8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org