Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/B86E6C2CFF7611EB8AAC626AC4F9AE02.roa
File: B86E6C2CFF7611EB8AAC626AC4F9AE02.roa (raw, json)
Hash identifier: IoCuDlpRz4PQ5nPfbYa9+zgIJONCtvkjQrkdbhhOxoQ=
Subject key identifier: 7B:1D:79:B9:FE:BA:D8:41:85:D5:B1:9E:EE:01:9F:B6:0D:00:A2:E9
Certificate issuer: /CN=A91CAFC4/serialNumber=6F13F551009F248A6D987436004E85795156927B
Certificate serial: 0490
Authority key identifier: 6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/B86E6C2CFF7611EB8AAC626AC4F9AE02.roa
Signing time: Tue 30 Nov 2021 10:57:49 +0000
ROA not before: Tue 30 Nov 2021 10:57:49 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 24496
IP address blocks: 103.157.184.0/24 maxlen: 24
103.157.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1168 (0x490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CAFC4/serialNumber=6F13F551009F248A6D987436004E85795156927B
Validity
Not Before: Nov 30 10:57:49 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61a603ad-6fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:11:23:63:91:1e:60:83:55:83:e3:13:0a:
10:87:fd:d6:50:29:af:3e:c0:69:5e:f3:17:ae:cd:
a9:a2:36:34:82:9d:45:7f:4f:27:88:b3:1e:ce:1c:
76:7e:ef:a3:78:0c:5d:a4:7a:cd:dd:cd:c4:fe:ae:
71:68:6d:72:96:6f:2a:4c:39:0d:d5:f0:9d:17:94:
0e:3b:b4:e2:ec:51:fa:58:16:8b:fe:a4:00:b6:d5:
5e:88:0e:78:09:0f:dc:f9:c9:06:44:9e:ef:ba:b0:
6c:20:85:46:e3:fa:ea:39:fa:d5:d7:8f:75:5b:8a:
01:b5:c6:a1:d7:32:e9:23:6d:58:eb:2e:a8:30:06:
d4:0a:05:64:4f:20:e4:11:34:c3:14:fb:6c:7c:36:
9e:8d:2b:4f:3a:f7:ee:78:72:52:70:34:bd:f2:2a:
47:ba:4d:ce:bd:68:c2:d1:98:6d:8f:54:9f:bd:7c:
8a:04:f1:dd:f3:2e:b3:60:c0:66:a7:ce:9f:7a:09:
dd:33:a6:92:08:cf:a5:f4:97:b9:25:c8:87:50:af:
0f:d5:e7:fd:bb:ca:b1:3a:74:70:57:b1:b2:70:58:
0d:73:df:f0:40:d5:77:d1:bf:3a:71:9d:0c:5b:44:
fd:59:ab:2d:01:7c:27:7e:69:cc:1f:8b:b1:30:d6:
5b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1D:79:B9:FE:BA:D8:41:85:D5:B1:9E:EE:01:9F:B6:0D:00:A2:E9
X509v3 Authority Key Identifier:
keyid:6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/B86E6C2CFF7611EB8AAC626AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.184.0/23
Signature Algorithm: sha256WithRSAEncryption
78:89:9b:e2:64:a9:be:89:e0:2e:62:3c:08:93:c6:8a:57:96:
5a:26:f3:e8:e5:bc:4e:67:1e:fe:a9:2d:db:51:ec:57:4b:e3:
08:ad:a3:5e:69:3a:c6:c3:65:46:59:cd:df:04:d8:1a:64:a5:
7d:e7:cc:66:4c:61:13:3e:fc:9e:1d:23:b5:6f:f9:3f:40:fe:
e4:65:35:2e:87:60:2f:5d:57:66:ef:0d:ee:47:77:fb:01:c1:
50:ec:14:2a:56:7f:3f:36:06:3a:7a:da:2c:bc:fd:db:32:b0:
c9:1e:fc:53:55:fc:ca:60:10:f2:c5:c6:4f:9d:a6:4a:e2:b4:
59:61:47:b5:e5:56:90:2b:0c:ac:31:be:9c:7e:02:e7:d4:67:
37:f7:bf:4a:bd:77:18:2e:e9:45:3f:54:57:a2:45:b0:86:5c:
b3:b6:a3:60:fa:9b:e8:14:0c:e3:81:43:21:f2:54:36:74:a7:
d5:a2:2f:c3:1b:1c:29:8c:bf:86:22:29:a8:fd:86:ea:d1:7e:
e3:82:4d:90:f9:d0:9d:c2:b2:6c:f5:42:24:92:cb:64:87:5e:
b2:37:b1:e1:a2:c2:76:92:d6:eb:91:9d:e8:c0:5b:f2:47:28:
a3:0b:18:38:96:2f:bf:cb:49:e2:b1:63:a6:66:5b:f0:ef:73:
2e:23:4e:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0FGQzQxMTAvBgNVBAUTKDZGMTNGNTUxMDA5RjI0OEE2RDk4NzQzNjAwNEU4NTc5
NTE1NjkyN0IwHhcNMjExMTMwMTA1NzQ5WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWE2MDNhZC02ZmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwmkRI2ORHmCDVYPjEwoQh/3WUCmvPsBpXvMXrs2pojY0gp1Ff08niLMezhx2
fu+jeAxdpHrN3c3E/q5xaG1ylm8qTDkN1fCdF5QOO7Ti7FH6WBaL/qQAttVeiA54
CQ/c+ckGRJ7vurBsIIVG4/rqOfrV1491W4oBtcah1zLpI21Y6y6oMAbUCgVkTyDk
ETTDFPtsfDaejStPOvfueHJScDS98ipHuk3OvWjC0Zhtj1SfvXyKBPHd8y6zYMBm
p86fegndM6aSCM+l9Je5JciHUK8P1ef9u8qxOnRwV7GycFgNc9/wQNV30b86cZ0M
W0T9WastAXwnfmnMH4uxMNZbDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHsdebn+
uthBhdWxnu4Bn7YNAKLpMB8GA1UdIwQYMBaAFG8T9VEAnySKbZh0NgBOhXlRVpJ7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUZDNC9CQzYwNjJEQ0FG
OEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJcHRtSFEyQUU2RmVWRldr
bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2J4UDFVUUNmSklwdG1IUTJBRTZGZVZGV2tucy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0FGQzQvQkM2MDYyRENBRjhBMTFFQTg1NDJEODVGQzRGOUFFMDIvQjg2RTZDMkNG
Rjc2MTFFQjhBQUM2MjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnbgwDQYJKoZIhvcNAQELBQADggEBAHiJm+Jkqb6J4C5i
PAiTxopXllom8+jlvE5nHv6pLdtR7FdL4wito15pOsbDZUZZzd8E2BpkpX3nzGZM
YRM+/J4dI7Vv+T9A/uRlNS6HYC9dV2bvDe5Hd/sBwVDsFCpWfz82Bjp62iy8/dsy
sMke/FNV/MpgEPLFxk+dpkritFlhR7XlVpArDKwxvpx+AufUZzf3v0q9dxgu6UU/
VFeiRbCGXLO2o2D6m+gUDOOBQyHyVDZ0p9WiL8MbHCmMv4YiKaj9hurRfuOCTZD5
0J3Csmz1QiSSy2SHXrI3seGiwnaS1uuRnejAW/JHKKMLGDiWL7/LSeKxY6ZmW/Dv
cy4jTrM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:08 2023 by rpki-client on console-fra.rpki-client.org