Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/CAA99AFE6B3D11ED899C6F4BC4F9AE02.roa
File: CAA99AFE6B3D11ED899C6F4BC4F9AE02.roa (raw, json)
Hash identifier: Efx4fZBHrfpG7R54zI8ZKJ0ycrsWk3pVkMe95xkj05U=
Subject key identifier: 6B:29:A5:57:2A:19:A4:E9:03:CB:5B:07:CA:6D:B6:3B:3E:F3:BE:3F
Certificate issuer: /CN=A91C9025/serialNumber=06DF1B524BD0DDDDA179B0450627EAF7F8D94C00
Certificate serial: 081D
Authority key identifier: 06:DF:1B:52:4B:D0:DD:DD:A1:79:B0:45:06:27:EA:F7:F8:D9:4C:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bt8bUkvQ3d2hebBFBifq9_jZTAA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/CAA99AFE6B3D11ED899C6F4BC4F9AE02.roa
Signing time: Wed 23 Nov 2022 14:47:46 +0000
ROA not before: Wed 23 Nov 2022 14:47:46 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 54600
IP address blocks: 103.82.216.0/22 maxlen: 24
123.108.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2077 (0x81d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9025/serialNumber=06DF1B524BD0DDDDA179B0450627EAF7F8D94C00
Validity
Not Before: Nov 23 14:47:46 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=637e3291-ebe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:da:06:35:5b:e1:77:96:32:ea:61:46:98:97:
b7:5a:b6:66:3e:7b:f4:3b:08:21:0a:82:33:61:8c:
c1:cf:0b:d4:45:83:77:b0:ce:ed:fc:b1:ed:06:76:
11:44:0a:cd:fd:ba:52:58:31:27:12:95:29:bf:e3:
c9:06:c7:e3:82:36:7e:db:a6:5f:bd:fc:9b:07:13:
32:ba:93:04:19:e8:2a:45:54:ae:3c:b9:b8:94:73:
3c:f8:5e:e9:75:07:39:88:2b:8d:e6:2c:eb:e6:47:
d6:5c:76:45:29:10:91:d4:be:68:17:75:c5:a6:e5:
32:9c:e9:6e:be:b8:e3:9d:eb:53:66:d5:c3:6b:cd:
e7:36:aa:ac:30:26:a0:18:0c:2a:3a:45:c3:f6:6a:
51:ef:6d:2c:2e:f6:e9:10:71:75:01:ba:db:c8:75:
e7:02:33:84:42:e6:d9:bb:c9:bf:0e:c9:03:18:4c:
cd:6c:20:9f:be:1c:ba:10:5d:78:be:09:fa:af:19:
7c:89:5d:25:c9:aa:ed:e7:9b:b6:fc:93:a9:8c:2c:
ae:21:cf:2f:62:5e:38:f1:49:0f:d6:99:68:5d:b9:
8f:9d:37:81:19:a3:2c:a4:ce:ee:4f:5e:bb:d1:82:
cd:e5:6e:c2:04:9d:d0:97:9c:6a:61:ab:dc:8d:98:
95:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:29:A5:57:2A:19:A4:E9:03:CB:5B:07:CA:6D:B6:3B:3E:F3:BE:3F
X509v3 Authority Key Identifier:
keyid:06:DF:1B:52:4B:D0:DD:DD:A1:79:B0:45:06:27:EA:F7:F8:D9:4C:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/Bt8bUkvQ3d2hebBFBifq9_jZTAA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bt8bUkvQ3d2hebBFBifq9_jZTAA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/CAA99AFE6B3D11ED899C6F4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.216.0/22
123.108.72.0/22
Signature Algorithm: sha256WithRSAEncryption
33:23:43:61:29:11:c0:0b:d3:b0:a6:aa:e3:3f:3d:69:8f:d2:
89:d5:67:b5:af:2a:f2:df:68:02:51:f1:0b:04:76:bd:52:02:
34:16:c0:58:1d:b0:00:31:81:87:89:04:56:47:91:c5:5c:a3:
91:0a:6d:d4:84:c4:f8:47:31:c4:98:04:2f:b5:e2:42:fd:28:
4c:43:da:12:93:8a:47:c2:c3:47:7d:41:c0:65:c2:38:d5:99:
90:3d:6f:87:8f:70:91:5e:c3:e6:48:55:a6:3f:01:65:2c:d2:
8b:2f:94:5d:59:f5:4d:33:db:f5:97:6f:7a:e0:f3:0b:0c:65:
24:4e:bc:8f:2c:4e:87:ff:fd:59:b6:6e:2e:db:20:1c:2f:0c:
fa:07:00:2c:71:93:87:7f:fd:de:72:37:a8:be:52:63:28:65:
7e:70:b4:59:47:d4:b6:ee:81:e3:98:36:c2:a9:a5:04:06:87:
df:fd:ad:a1:a3:a9:b3:3a:ff:ed:28:49:2f:15:a2:2e:f3:61:
a5:47:ac:67:16:0f:66:23:fd:0f:85:49:7c:61:59:89:d8:bc:
16:2b:3d:36:dc:ce:a0:fe:32:39:f0:dc:7d:ea:8b:df:13:b1:
08:b9:58:ad:59:b9:91:80:f5:c2:4d:c2:b2:91:24:ba:00:e0:
74:09:67:6b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCB0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzkwMjUxMTAvBgNVBAUTKDA2REYxQjUyNEJEMERERERBMTc5QjA0NTA2MjdFQUY3
RjhEOTRDMDAwHhcNMjIxMTIzMTQ0NzQ2WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzdlMzI5MS1lYmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2toGNVvhd5Yy6mFGmJe3WrZmPnv0OwghCoIzYYzBzwvURYN3sM7t/LHtBnYR
RArN/bpSWDEnEpUpv+PJBsfjgjZ+26ZfvfybBxMyupMEGegqRVSuPLm4lHM8+F7p
dQc5iCuN5izr5kfWXHZFKRCR1L5oF3XFpuUynOluvrjjnetTZtXDa83nNqqsMCag
GAwqOkXD9mpR720sLvbpEHF1AbrbyHXnAjOEQubZu8m/DskDGEzNbCCfvhy6EF14
vgn6rxl8iV0lyart55u2/JOpjCyuIc8vYl448UkP1ploXbmPnTeBGaMspM7uT167
0YLN5W7CBJ3Ql5xqYavcjZiVVwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGsppVcq
GaTpA8tbB8pttjs+874/MB8GA1UdIwQYMBaAFAbfG1JL0N3doXmwRQYn6vf42UwA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTAyNS8xMEQ3NzFDMjc4
ODQxMUVBQURBNTEzMTBDNEY5QUUwMi9CdDhiVWt2UTNkMmhlYkJGQmlmcTlfalpU
QUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J0OGJVa3ZRM2QyaGViQkZCaWZxOV9qWlRBQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzkwMjUvMTBENzcxQzI3ODg0MTFFQUFEQTUxMzEwQzRGOUFFMDIvQ0FBOTlBRkU2
QjNEMTFFRDg5OUM2RjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUtgDBAJ7bEgwDQYJKoZIhvcNAQELBQADggEBADMjQ2Ep
EcAL07CmquM/PWmP0onVZ7WvKvLfaAJR8QsEdr1SAjQWwFgdsAAxgYeJBFZHkcVc
o5EKbdSExPhHMcSYBC+14kL9KExD2hKTikfCw0d9QcBlwjjVmZA9b4ePcJFew+ZI
VaY/AWUs0osvlF1Z9U0z2/WXb3rg8wsMZSROvI8sTof//Vm2bi7bIBwvDPoHACxx
k4d//d5yN6i+UmMoZX5wtFlH1LbugeOYNsKppQQGh9/9raGjqbM6/+0oSS8Voi7z
YaVHrGcWD2Yj/Q+FSXxhWYnYvBYrPTbczqD+Mjnw3H3qi98TsQi5WK1ZuZGA9cJN
wrKRJLoA4HQJZ2s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org