Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/A6B17712CFCF11EB8FAC9E6FC4F9AE02.roa
File: A6B17712CFCF11EB8FAC9E6FC4F9AE02.roa (raw, json)
Hash identifier: dZcTLsm1jKaxJ79h5RtuW5sASGJlxfsmu/Iq0kZcio4=
Subject key identifier: 26:26:1A:BD:A0:47:40:D7:73:96:0B:7D:AE:44:B1:15:81:75:60:D3
Certificate issuer: /CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Certificate serial: 050E
Authority key identifier: 34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/A6B17712CFCF11EB8FAC9E6FC4F9AE02.roa
Signing time: Thu 08 Dec 2022 13:10:33 +0000
ROA not before: Thu 08 Dec 2022 13:10:33 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 134428
IP address blocks: 103.158.160.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1294 (0x50e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Validity
Not Before: Dec 8 13:10:33 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6391e249-9bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fb:c9:bc:b7:b0:60:41:0a:00:ac:31:a0:9d:
0e:3f:bb:1c:69:ff:53:e5:b3:96:5c:ae:04:01:cf:
4a:9d:91:fd:69:6e:be:24:74:39:ef:f8:06:ef:2e:
5c:6b:0c:ee:9a:8e:e2:9c:c8:fa:26:6b:64:a1:e4:
4b:3f:32:66:a7:7f:ee:ee:1e:76:f0:60:bc:5a:14:
71:3d:37:fe:24:d6:4a:b3:b2:c9:25:d3:4e:75:68:
2e:8f:08:5e:a8:38:99:21:af:87:94:cd:e7:1d:01:
db:56:4d:4a:04:00:2b:fa:58:af:f5:76:a2:2b:ab:
c4:fb:86:ad:80:fa:71:49:b0:60:6a:19:a8:0a:74:
1e:5a:40:f6:85:98:ec:f8:95:d7:9c:fb:9f:2f:32:
c0:e8:25:fc:c0:9f:7e:f6:cb:ec:35:73:13:a7:3b:
2c:80:15:54:01:fc:02:cc:5b:ed:07:c0:eb:25:ec:
3f:5a:43:7e:24:5e:60:36:03:72:a4:ed:8c:b2:60:
1f:6e:00:a3:9a:60:6f:81:c8:38:ae:57:7f:4d:d9:
5a:4d:35:76:09:fe:e6:1f:34:bc:86:77:6a:1b:ac:
99:9f:df:bd:1c:93:4f:bf:db:fe:13:e9:f3:3f:e3:
42:eb:a3:9e:0d:80:53:72:84:1e:ad:81:81:31:3e:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:26:1A:BD:A0:47:40:D7:73:96:0B:7D:AE:44:B1:15:81:75:60:D3
X509v3 Authority Key Identifier:
keyid:34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/A6B17712CFCF11EB8FAC9E6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.160.0/23
Signature Algorithm: sha256WithRSAEncryption
51:79:e3:68:95:ea:fd:9c:54:4a:ef:90:a1:06:dc:33:a5:4b:
87:e7:aa:28:8b:69:d6:db:2d:a6:8d:e8:cb:00:3a:14:4b:f8:
8d:90:a2:5e:60:1e:e8:2a:e8:42:76:a1:e8:72:0a:2d:af:44:
fa:f8:84:6b:1f:d7:bc:d6:ee:9f:3b:c7:b0:5a:2c:df:3e:ac:
d3:95:c9:2e:bc:fd:85:22:87:64:75:39:4a:34:42:35:90:99:
25:c1:6f:51:f7:3b:eb:55:ca:11:f2:5c:f9:ce:5d:8a:50:52:
65:5f:d1:9d:fb:a8:37:60:78:13:60:0f:94:b5:75:14:ff:9c:
f6:78:a2:e7:77:3c:ad:ef:38:55:67:26:37:04:99:ce:7b:db:
97:0b:42:52:4f:08:b7:46:4b:d3:70:d2:f8:ec:6d:a9:20:76:
25:1a:46:e7:1f:ce:5c:0d:eb:63:a6:b6:38:43:87:e3:45:c0:
80:03:ba:d2:18:e6:ae:e7:5a:34:55:80:39:b3:42:1c:2c:72:
e4:14:4e:f3:1e:cf:22:67:7b:88:f9:c5:25:40:72:20:bc:8b:
1f:94:07:a6:27:e6:c8:cc:6b:82:5d:97:21:be:dd:02:98:05:
d2:a6:39:62:16:a1:65:29:e3:af:dc:ac:0b:b1:83:e8:0a:63:
07:a0:c0:16
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzk5QjQxMTAvBgNVBAUTKDM0OEJFNjY5NEVENzA0MUFBRjI4RDBFQzhDNkM2NTY1
NTkxRjJEREEwHhcNMjIxMjA4MTMxMDMzWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkxZTI0OS05YmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxvvJvLewYEEKAKwxoJ0OP7scaf9T5bOWXK4EAc9KnZH9aW6+JHQ57/gG7y5c
awzumo7inMj6JmtkoeRLPzJmp3/u7h528GC8WhRxPTf+JNZKs7LJJdNOdWgujwhe
qDiZIa+HlM3nHQHbVk1KBAAr+liv9XaiK6vE+4atgPpxSbBgahmoCnQeWkD2hZjs
+JXXnPufLzLA6CX8wJ9+9svsNXMTpzssgBVUAfwCzFvtB8DrJew/WkN+JF5gNgNy
pO2MsmAfbgCjmmBvgcg4rld/TdlaTTV2Cf7mHzS8hndqG6yZn9+9HJNPv9v+E+nz
P+NC66OeDYBTcoQerYGBMT6gVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCYmGr2g
R0DXc5YLfa5EsRWBdWDTMB8GA1UdIwQYMBaAFDSL5mlO1wQaryjQ7IxsZWVZHy3a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTlCNC81REU1OTY5NjU5
NDkxMUVCQTQ4Qzc4NzFDNEY5QUUwMi9OSXZtYVU3WEJCcXZLTkRzakd4bFpWa2ZM
ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Jdm1hVTdYQkJxdktORHNqR3hsWlZrZkxkby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzk5QjQvNURFNTk2OTY1OTQ5MTFFQkE0OEM3ODcxQzRGOUFFMDIvQTZCMTc3MTJD
RkNGMTFFQjhGQUM5RTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnqAwDQYJKoZIhvcNAQELBQADggEBAFF542iV6v2cVErv
kKEG3DOlS4fnqiiLadbbLaaN6MsAOhRL+I2Qol5gHugq6EJ2oehyCi2vRPr4hGsf
17zW7p87x7BaLN8+rNOVyS68/YUih2R1OUo0QjWQmSXBb1H3O+tVyhHyXPnOXYpQ
UmVf0Z37qDdgeBNgD5S1dRT/nPZ4oud3PK3vOFVnJjcEmc5725cLQlJPCLdGS9Nw
0vjsbakgdiUaRucfzlwN62OmtjhDh+NFwIADutIY5q7nWjRVgDmzQhwscuQUTvMe
zyJne4j5xSVAciC8ix+UB6Yn5sjMa4JdlyG+3QKYBdKmOWIWoWUp46/crAuxg+gK
YwegwBY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org