Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D15BF/3DB0F9CA9F8811ECADA0C90DC4F9AE02/FD9A75429F8B11ECB8E03812C4F9AE02.roa
File: FD9A75429F8B11ECB8E03812C4F9AE02.roa (raw, json)
Hash identifier: 1J4Y9xxXxmCUdmaAxdM2TmjIpey65x6FlRFRPuMx8FY=
Subject key identifier: C4:E3:A2:53:56:91:51:81:32:77:8C:A5:AE:AB:08:18:3B:FA:04:1C
Certificate issuer: /CN=A91D15BF/serialNumber=F771814CF6BF0D19B6324908D07E1E40ABBEF76E
Certificate serial: 02
Authority key identifier: F7:71:81:4C:F6:BF:0D:19:B6:32:49:08:D0:7E:1E:40:AB:BE:F7:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/93GBTPa_DRm2MkkI0H4eQKu-924.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D15BF/3DB0F9CA9F8811ECADA0C90DC4F9AE02/FD9A75429F8B11ECB8E03812C4F9AE02.roa
Signing time: Wed 09 Mar 2022 09:33:35 +0000
ROA not before: Wed 09 Mar 2022 09:33:35 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 137976
IP address blocks: 103.119.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D15BF/serialNumber=F771814CF6BF0D19B6324908D07E1E40ABBEF76E
Validity
Not Before: Mar 9 09:33:35 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6228746e-613c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:80:f8:14:bc:37:23:90:8a:28:40:7a:21:c0:
b2:a6:b6:f1:cf:ff:39:79:ce:69:c7:97:57:92:aa:
69:c6:5f:4c:d2:a7:0c:0d:3d:1d:e0:14:f7:36:e4:
d7:82:c4:a2:32:ba:73:d9:b6:8c:77:b7:d5:e4:6e:
b6:c1:05:8f:57:67:9d:36:bc:be:d2:ff:5a:21:30:
b4:99:4d:12:4d:70:9a:14:96:a2:90:18:0d:b8:57:
75:e8:dd:13:3b:86:21:e4:ee:5d:ad:8f:ea:55:17:
85:82:81:4d:58:16:18:26:78:33:2e:40:b1:29:1d:
6d:d5:b0:4c:9e:f5:29:61:ab:34:f9:69:3c:e2:8c:
b5:4e:7d:c9:27:4a:c1:bc:54:a7:ca:1e:3e:84:4f:
7c:b1:eb:11:4f:35:4f:d9:0b:20:1f:d9:cf:0c:54:
ef:39:35:d0:37:3c:34:39:17:79:7f:95:53:de:0f:
d9:1c:82:ed:50:7f:ad:b7:81:b0:58:5b:d3:78:72:
e5:31:65:4e:68:77:8c:77:c7:03:da:8f:42:4d:e9:
df:a1:d5:f0:2c:4f:cb:ed:f9:ac:0f:dc:8c:57:a2:
37:e3:bf:8c:8c:9a:a4:7e:0c:da:c9:44:5e:b0:16:
dd:bb:c2:59:98:22:ce:90:ea:a1:55:0b:9e:c7:ea:
ed:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E3:A2:53:56:91:51:81:32:77:8C:A5:AE:AB:08:18:3B:FA:04:1C
X509v3 Authority Key Identifier:
keyid:F7:71:81:4C:F6:BF:0D:19:B6:32:49:08:D0:7E:1E:40:AB:BE:F7:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D15BF/3DB0F9CA9F8811ECADA0C90DC4F9AE02/93GBTPa_DRm2MkkI0H4eQKu-924.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/93GBTPa_DRm2MkkI0H4eQKu-924.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D15BF/3DB0F9CA9F8811ECADA0C90DC4F9AE02/FD9A75429F8B11ECB8E03812C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.20.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e7:5d:d2:d9:65:6b:20:36:ee:42:81:3e:54:2e:c3:97:32:
2a:e1:37:05:6a:c1:5a:52:8b:cd:1b:1a:d8:be:ff:8a:8a:b7:
9f:d4:fa:67:e8:ff:44:91:f6:08:a4:17:69:cb:25:02:33:51:
3a:ce:8d:74:de:3c:5e:67:5f:65:ce:53:9f:9e:54:cc:67:94:
d3:f0:3d:23:af:fa:a3:34:92:78:3e:1a:42:22:a5:60:b8:28:
a8:5a:bf:d4:8a:7c:ff:f9:0f:58:ef:47:2b:92:f7:d6:c8:f8:
91:c6:ad:3a:1d:7a:bb:c4:a5:02:13:b1:27:cd:3b:78:38:d1:
2e:4f:f1:50:e8:07:0e:41:96:6c:99:65:6e:22:7b:22:2f:ec:
11:da:a0:fc:8a:89:76:d9:39:bf:1f:6c:fc:c5:a3:85:76:ee:
f2:6e:2b:27:9f:21:b7:77:97:23:97:6c:e2:22:7e:f8:87:ca:
f3:3e:db:5c:34:fe:58:9c:40:cb:04:bb:67:48:86:f9:a3:05:
84:92:72:84:ed:3c:66:03:de:fb:69:2c:7b:5a:c7:ea:0d:d6:
f8:cb:ea:dd:54:23:5d:41:62:da:72:cc:41:b1:24:b2:c5:7c:
d7:ba:41:3b:1b:6e:23:f4:f6:3d:cb:d6:ff:fa:12:a1:4b:59:
90:8b:70:9f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MTVCRjExMC8GA1UEBRMoRjc3MTgxNENGNkJGMEQxOUI2MzI0OTA4RDA3RTFFNDBB
QkJFRjc2RTAeFw0yMjAzMDkwOTMzMzVaFw0yMjEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMjg3NDZlLTYxM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGgPgUvDcjkIooQHohwLKmtvHP/zl5zmnHl1eSqmnGX0zSpwwNPR3gFPc25NeC
xKIyunPZtox3t9XkbrbBBY9XZ502vL7S/1ohMLSZTRJNcJoUlqKQGA24V3Xo3RM7
hiHk7l2tj+pVF4WCgU1YFhgmeDMuQLEpHW3VsEye9SlhqzT5aTzijLVOfcknSsG8
VKfKHj6ET3yx6xFPNU/ZCyAf2c8MVO85NdA3PDQ5F3l/lVPeD9kcgu1Qf623gbBY
W9N4cuUxZU5od4x3xwPaj0JN6d+h1fAsT8vt+awP3IxXojfjv4yMmqR+DNrJRF6w
Ft27wlmYIs6Q6qFVC57H6u2BAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUxOOiU1aR
UYEyd4ylrqsIGDv6BBwwHwYDVR0jBBgwFoAU93GBTPa/DRm2MkkI0H4eQKu+924w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxNUJGLzNEQjBGOUNBOUY4
ODExRUNBREEwQzkwREM0RjlBRTAyLzkzR0JUUGFfRFJtMk1ra0kwSDRlUUt1LTky
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOTNHQlRQYV9EUm0yTWtrSTBINGVRS3UtOTI0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTVCRi8zREIwRjlDQTlGODgxMUVDQURBMEM5MERDNEY5QUUwMi9GRDlBNzU0MjlG
OEIxMUVDQjhFMDM4MTJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmd3FDANBgkqhkiG9w0BAQsFAAOCAQEAkedd0tllayA27kKB
PlQuw5cyKuE3BWrBWlKLzRsa2L7/ioq3n9T6Z+j/RJH2CKQXacslAjNROs6NdN48
XmdfZc5Tn55UzGeU0/A9I6/6ozSSeD4aQiKlYLgoqFq/1Ip8//kPWO9HK5L31sj4
kcatOh16u8SlAhOxJ807eDjRLk/xUOgHDkGWbJllbiJ7Ii/sEdqg/IqJdtk5vx9s
/MWjhXbu8m4rJ58ht3eXI5ds4iJ++IfK8z7bXDT+WJxAywS7Z0iG+aMFhJJyhO08
ZgPe+2kse1rH6g3W+Mvq3VQjXUFi2nLMQbEkssV817pBOxtuI/T2PcvW//oSoUtZ
kItwnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:28 2024 by rpki-client on console-ams.rpki-client.org