Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/DAA7D7A4EFC811EC8E967B46C4F9AE02.roa
File: DAA7D7A4EFC811EC8E967B46C4F9AE02.roa (raw, json)
Hash identifier: X0N75omcMhvsddVsFoB/5Rzr7f7iFjon9N833A1ND7Y=
Subject key identifier: F4:F2:5B:EC:1C:D0:D9:04:92:A8:2F:9D:21:D9:FE:92:FF:23:B1:CB
Certificate issuer: /CN=A91CBE2E/serialNumber=858A27CB5C04CADFAEFDB893BF06E1A7B7D9F1C1
Certificate serial: 57
Authority key identifier: 85:8A:27:CB:5C:04:CA:DF:AE:FD:B8:93:BF:06:E1:A7:B7:D9:F1:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYony1wEyt-u_biTvwbhp7fZ8cE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/DAA7D7A4EFC811EC8E967B46C4F9AE02.roa
Signing time: Sun 19 Jun 2022 12:10:49 +0000
ROA not before: Sun 19 Jun 2022 12:10:49 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 141037
IP address blocks: 103.186.218.0/24 maxlen: 24
103.186.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87 (0x57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CBE2E/serialNumber=858A27CB5C04CADFAEFDB893BF06E1A7B7D9F1C1
Validity
Not Before: Jun 19 12:10:49 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62af1248-63aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:4c:69:0c:da:54:06:60:31:48:f1:58:30:
1f:78:12:f9:a2:9f:47:d0:7c:16:8d:fc:e6:47:43:
98:c4:df:95:6e:e0:b9:40:68:c1:0c:ed:e7:fa:05:
07:c4:d9:18:5a:57:8a:99:d1:b3:87:d2:65:03:07:
28:45:e5:89:95:85:71:a3:87:55:33:8e:51:11:00:
a3:9e:df:62:bf:67:a3:59:24:51:58:79:b6:69:43:
fd:12:87:dd:d4:2f:2b:c6:69:34:9b:28:45:13:6a:
63:68:24:e8:6b:19:e1:25:16:0c:74:c1:13:01:cb:
9d:26:67:17:2c:4f:17:6d:0d:0b:a7:8b:6e:41:c1:
9d:dd:5a:59:f4:e6:a3:a5:f1:18:50:8b:3b:d5:9a:
8e:ec:35:64:de:69:c6:76:09:91:13:35:b1:5d:31:
91:16:af:75:2f:c0:a2:90:1a:d8:44:88:f0:c5:56:
80:b9:38:62:a3:bf:c2:1a:09:15:71:0e:d0:9d:58:
e2:d9:ec:25:c6:19:6a:85:91:10:5d:c2:57:04:a6:
2c:3f:5e:95:b2:d4:65:90:22:bf:f0:eb:b3:2f:1d:
c9:0f:3f:07:d5:bd:6a:c4:d1:66:92:66:6c:1b:fa:
a9:1f:ca:5e:0f:03:d7:4a:f6:7d:c1:db:74:81:d3:
79:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F2:5B:EC:1C:D0:D9:04:92:A8:2F:9D:21:D9:FE:92:FF:23:B1:CB
X509v3 Authority Key Identifier:
keyid:85:8A:27:CB:5C:04:CA:DF:AE:FD:B8:93:BF:06:E1:A7:B7:D9:F1:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/hYony1wEyt-u_biTvwbhp7fZ8cE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hYony1wEyt-u_biTvwbhp7fZ8cE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBE2E/D8ABAFE8D0FB11ECA27AF22FC4F9AE02/DAA7D7A4EFC811EC8E967B46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.218.0/23
Signature Algorithm: sha256WithRSAEncryption
00:b2:8c:29:68:18:7b:92:13:3b:4a:8e:ce:35:90:c7:69:e5:
9f:00:38:70:52:94:af:bf:29:46:20:a3:f5:04:d4:46:38:79:
6c:f3:b5:fa:ca:02:5f:33:d9:c8:88:5e:bd:f7:25:c8:6e:46:
45:e9:eb:d9:7c:db:ce:ed:e8:eb:20:82:a4:8b:0a:c9:eb:a0:
af:41:26:1c:ff:0e:d9:7e:28:e5:ad:5d:65:b1:e5:c3:e5:3c:
ee:a1:df:95:40:2a:ab:62:29:58:39:29:60:25:ed:2f:d5:a6:
e3:c7:d9:f4:f3:21:50:99:d5:c3:2a:40:9a:82:a9:07:0a:77:
dc:3f:08:e8:1c:4e:27:a8:ee:b8:12:db:66:25:01:a3:15:9e:
f6:a1:fc:27:43:7c:b3:71:b7:51:bc:71:c5:b8:fa:58:b2:7d:
9d:fa:d4:be:ca:1f:17:5f:6a:eb:c5:b2:84:91:9a:ae:9e:22:
ed:db:7b:d4:37:aa:b2:b5:4a:3c:ce:3a:e7:8c:df:6a:42:a7:
c4:67:78:24:27:1f:b5:0e:7f:7e:2f:34:98:a2:45:32:fc:49:
77:73:b2:f9:8b:b7:2e:79:06:5a:f7:5d:39:fd:ee:5c:e8:ac:
48:ce:47:dd:ea:47:df:f7:2e:2d:3c:e7:eb:93:43:dd:04:1f:
78:81:9c:d7
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
QkUyRTExMC8GA1UEBRMoODU4QTI3Q0I1QzA0Q0FERkFFRkRCODkzQkYwNkUxQTdC
N0Q5RjFDMTAeFw0yMjA2MTkxMjEwNDlaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyYWYxMjQ4LTYzYWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7DUxpDNpUBmAxSPFYMB94Evmin0fQfBaN/OZHQ5jE35Vu4LlAaMEM7ef6BQfE
2RhaV4qZ0bOH0mUDByhF5YmVhXGjh1UzjlERAKOe32K/Z6NZJFFYebZpQ/0Sh93U
LyvGaTSbKEUTamNoJOhrGeElFgx0wRMBy50mZxcsTxdtDQuni25BwZ3dWln05qOl
8RhQizvVmo7sNWTeacZ2CZETNbFdMZEWr3UvwKKQGthEiPDFVoC5OGKjv8IaCRVx
DtCdWOLZ7CXGGWqFkRBdwlcEpiw/XpWy1GWQIr/w67MvHckPPwfVvWrE0WaSZmwb
+qkfyl4PA9dK9n3B23SB03kTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU9PJb7BzQ
2QSSqC+dIdn+kv8jscswHwYDVR0jBBgwFoAUhYony1wEyt+u/biTvwbhp7fZ8cEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCRTJFL0Q4QUJBRkU4RDBG
QjExRUNBMjdBRjIyRkM0RjlBRTAyL2hZb255MXdFeXQtdV9iaVR2d2JocDdmWjhj
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaFlvbnkxd0V5dC11X2JpVHZ3YmhwN2ZaOGNFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QkUyRS9EOEFCQUZFOEQwRkIxMUVDQTI3QUYyMkZDNEY5QUUwMi9EQUE3RDdBNEVG
QzgxMUVDOEU5NjdCNDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe62jANBgkqhkiG9w0BAQsFAAOCAQEAALKMKWgYe5ITO0qO
zjWQx2nlnwA4cFKUr78pRiCj9QTURjh5bPO1+soCXzPZyIhevfclyG5GRenr2Xzb
zu3o6yCCpIsKyeugr0EmHP8O2X4o5a1dZbHlw+U87qHflUAqq2IpWDkpYCXtL9Wm
48fZ9PMhUJnVwypAmoKpBwp33D8I6BxOJ6juuBLbZiUBoxWe9qH8J0N8s3G3Ubxx
xbj6WLJ9nfrUvsofF19q68WyhJGarp4i7dt71DeqsrVKPM4654zfakKnxGd4JCcf
tQ5/fi80mKJFMvxJd3Oy+Yu3LnkGWvddOf3uXOisSM5H3epH3/cuLTzn65ND3QQf
eIGc1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org