Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFD7/7B409CA02FA911EBB90BBA84C4F9AE02/65DF6E1E442F11EBBD12611BC4F9AE02.roa
File: 65DF6E1E442F11EBBD12611BC4F9AE02.roa (raw, json)
Hash identifier: fE/08hZcjR5fo+lp8zaJ/dh7oeNjWKebM3s270SHOZU=
Subject key identifier: 54:F4:7F:31:53:2B:C3:A7:D3:B4:FD:7E:2D:06:98:63:08:06:F0:2E
Certificate issuer: /CN=A91CFFD7/serialNumber=EFA6B107EF194A4DD67B28D555801175CCF71445
Certificate serial: 0447
Authority key identifier: EF:A6:B1:07:EF:19:4A:4D:D6:7B:28:D5:55:80:11:75:CC:F7:14:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/76axB-8ZSk3WeyjVVYARdcz3FEU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFD7/7B409CA02FA911EBB90BBA84C4F9AE02/65DF6E1E442F11EBBD12611BC4F9AE02.roa
Signing time: Tue 24 May 2022 12:20:29 +0000
ROA not before: Tue 24 May 2022 12:20:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140324
IP address blocks: 103.149.204.0/24 maxlen: 24
103.149.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1095 (0x447)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFD7/serialNumber=EFA6B107EF194A4DD67B28D555801175CCF71445
Validity
Not Before: May 24 12:20:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=628ccd8d-5cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:f1:a3:f9:6d:d8:25:3b:1a:64:bb:43:47:
87:01:b3:33:97:e6:5d:d1:2e:39:d6:83:e2:bc:cb:
5f:c6:fa:be:2c:19:ba:b7:21:3c:fd:8d:9e:8a:60:
e3:23:7d:b7:a2:80:07:07:ee:82:60:3c:fd:9f:bf:
d6:2d:39:d7:37:b1:13:dd:a1:2c:f1:23:84:aa:43:
d2:3f:41:e5:f2:2d:95:03:13:29:ff:4b:7a:b7:4a:
f8:a3:15:b6:0e:36:92:1b:bb:1b:8b:b9:fd:07:30:
92:01:20:90:89:7d:72:9c:1b:07:f5:f3:fd:7a:83:
0d:1d:6e:5f:22:01:86:ef:ef:fa:fd:76:12:da:db:
c2:1f:06:e6:ec:d9:59:38:3e:e7:a6:16:57:b6:cb:
e3:a7:50:2d:bb:0e:2d:e9:b3:55:8b:37:e5:6b:ff:
b8:c4:97:9a:ed:42:39:62:f1:93:72:7e:e0:40:17:
fb:3c:91:4e:b3:78:1e:ba:44:68:9b:3a:8b:b7:01:
c5:46:2d:5b:52:37:62:9a:0b:0f:76:a6:54:00:b8:
df:b4:ab:5b:70:85:a5:b3:8f:f2:3f:84:29:ef:e4:
2f:9d:13:82:e2:44:5a:09:59:69:a6:d9:fd:73:6f:
e1:1e:82:f6:9b:78:7d:d3:00:6a:d2:0a:99:1e:fd:
9c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F4:7F:31:53:2B:C3:A7:D3:B4:FD:7E:2D:06:98:63:08:06:F0:2E
X509v3 Authority Key Identifier:
keyid:EF:A6:B1:07:EF:19:4A:4D:D6:7B:28:D5:55:80:11:75:CC:F7:14:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFD7/7B409CA02FA911EBB90BBA84C4F9AE02/76axB-8ZSk3WeyjVVYARdcz3FEU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/76axB-8ZSk3WeyjVVYARdcz3FEU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFD7/7B409CA02FA911EBB90BBA84C4F9AE02/65DF6E1E442F11EBBD12611BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.204.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:ee:3e:1e:57:6c:61:4e:68:48:23:0e:55:b8:49:c6:c9:ce:
1a:96:c7:ea:47:c9:14:97:de:1a:7f:c1:cb:c6:3a:6b:52:29:
c1:e6:9b:6f:6c:64:8f:62:73:bc:f0:54:9b:91:ed:ee:be:8c:
d9:72:5b:a1:b3:b1:4d:06:8e:38:fe:1c:cd:3a:bd:b8:f7:b3:
f8:e5:d2:6a:64:35:d5:da:35:29:ff:8e:5c:d1:e6:ba:a3:97:
56:a2:4d:d6:c8:bf:5d:e9:0f:e7:b4:57:fc:30:fd:f4:4b:90:
81:e4:9f:f9:6d:6a:d0:64:67:4a:07:65:8a:34:5d:99:e1:af:
fa:e0:33:9b:cc:7f:99:4e:66:df:33:bf:6e:2a:c8:b1:fc:47:
e0:3a:fa:ce:51:5e:26:04:8b:93:f1:9c:1a:0a:cf:1c:38:df:
27:12:fe:f3:16:40:df:87:5d:64:7d:36:56:92:1a:34:d8:23:
4f:2c:03:b9:75:97:32:55:14:9d:06:f7:37:62:08:ea:60:45:
fe:ba:ef:d4:cd:fa:6e:37:d8:13:32:73:7c:94:a1:69:6b:49:
59:02:3e:17:03:c1:a2:31:69:a3:92:68:3b:6f:97:77:50:e1:
a2:89:f3:29:82:f3:0d:0d:35:90:5e:4a:ba:0f:a1:6a:1d:b6:
51:b5:62:de
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGRDcxMTAvBgNVBAUTKEVGQTZCMTA3RUYxOTRBNERENjdCMjhENTU1ODAxMTc1
Q0NGNzE0NDUwHhcNMjIwNTI0MTIyMDI5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhjY2Q4ZC01Y2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArRPxo/lt2CU7GmS7Q0eHAbMzl+Zd0S451oPivMtfxvq+LBm6tyE8/Y2eimDj
I323ooAHB+6CYDz9n7/WLTnXN7ET3aEs8SOEqkPSP0Hl8i2VAxMp/0t6t0r4oxW2
DjaSG7sbi7n9BzCSASCQiX1ynBsH9fP9eoMNHW5fIgGG7+/6/XYS2tvCHwbm7NlZ
OD7nphZXtsvjp1Atuw4t6bNVizfla/+4xJea7UI5YvGTcn7gQBf7PJFOs3geukRo
mzqLtwHFRi1bUjdimgsPdqZUALjftKtbcIWls4/yP4Qp7+QvnROC4kRaCVlpptn9
c2/hHoL2m3h90wBq0gqZHv2cmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFT0fzFT
K8On07T9fi0GmGMIBvAuMB8GA1UdIwQYMBaAFO+msQfvGUpN1nso1VWAEXXM9xRF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZENy83QjQwOUNBMDJG
QTkxMUVCQjkwQkJBODRDNEY5QUUwMi83NmF4Qi04WlNrM1dleWpWVllBUmRjejNG
RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc2YXhCLThaU2szV2V5alZWWUFSZGN6M0ZFVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGRDcvN0I0MDlDQTAyRkE5MTFFQkI5MEJCQTg0QzRGOUFFMDIvNjVERjZFMUU0
NDJGMTFFQkJEMTI2MTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlcwwDQYJKoZIhvcNAQELBQADggEBALfuPh5XbGFOaEgj
DlW4ScbJzhqWx+pHyRSX3hp/wcvGOmtSKcHmm29sZI9ic7zwVJuR7e6+jNlyW6Gz
sU0Gjjj+HM06vbj3s/jl0mpkNdXaNSn/jlzR5rqjl1aiTdbIv13pD+e0V/ww/fRL
kIHkn/ltatBkZ0oHZYo0XZnhr/rgM5vMf5lOZt8zv24qyLH8R+A6+s5RXiYEi5Px
nBoKzxw43ycS/vMWQN+HXWR9NlaSGjTYI08sA7l1lzJVFJ0G9zdiCOpgRf6679TN
+m432BMyc3yUoWlrSVkCPhcDwaIxaaOSaDtvl3dQ4aKJ8ymC8w0NNZBeSroPoWod
tlG1Yt4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org