Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1F95/FF93EC72195F11EDB2BDF95EC4F9AE02/FA95A9C8196311ED95C8BB7AC4F9AE02.roa
File: FA95A9C8196311ED95C8BB7AC4F9AE02.roa (raw, json)
Hash identifier: eyRAld9n0mQbUQB23LIgKEP+GO08yC2FmRbjqfm2B2U=
Subject key identifier: 03:2F:2E:EE:F9:F7:94:90:09:3C:3E:14:8F:B9:06:2B:15:D5:24:CE
Certificate issuer: /CN=A91D1F95/serialNumber=D6F06724D0968707ED1DFAFDBB225802B3DAA194
Certificate serial: 78
Authority key identifier: D6:F0:67:24:D0:96:87:07:ED:1D:FA:FD:BB:22:58:02:B3:DA:A1:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1vBnJNCWhwftHfr9uyJYArPaoZQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1F95/FF93EC72195F11EDB2BDF95EC4F9AE02/FA95A9C8196311ED95C8BB7AC4F9AE02.roa
Signing time: Tue 25 Oct 2022 06:14:44 +0000
ROA not before: Tue 25 Oct 2022 06:14:44 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 147292
IP address blocks: 103.174.98.0/24 maxlen: 24
103.174.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1F95/serialNumber=D6F06724D0968707ED1DFAFDBB225802B3DAA194
Validity
Not Before: Oct 25 06:14:44 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63577ed3-e75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:42:da:0f:29:0b:c9:6c:67:21:97:63:fc:58:
d5:2d:6e:54:87:a7:cb:b7:a4:30:99:83:41:5e:45:
b7:2c:cb:bd:76:0c:d0:c9:36:cb:b0:ce:6a:70:a9:
5b:bb:d9:15:4c:d4:58:fb:9a:7b:f2:17:8c:02:23:
23:a8:a9:e6:29:77:ca:59:97:ab:2c:10:58:82:40:
f2:c8:c9:cf:8e:17:bd:53:10:e7:96:1a:d3:1c:92:
25:45:54:86:16:9c:8d:f2:e1:4e:5b:3d:04:3e:b3:
04:97:ea:a3:2c:14:8a:5b:d8:f1:bf:f3:e1:6d:ce:
61:74:e2:76:ab:1d:e2:4a:56:b7:30:c9:66:e3:12:
23:71:ff:4f:c3:bf:25:4a:de:3d:41:8e:57:7c:16:
7b:cc:64:cc:00:45:65:2d:2e:4c:d8:17:60:e9:e2:
ef:0f:20:02:5e:2c:24:78:1c:9d:aa:8d:7f:d9:ec:
62:63:51:12:50:42:78:ae:96:b9:b0:b2:77:80:a3:
ea:5b:8d:2f:69:55:85:e9:9e:78:9a:f8:8b:37:9c:
41:69:3d:e6:19:0f:de:d4:77:d8:14:b7:dc:0e:26:
37:14:8e:4f:d3:81:66:a7:15:5b:9a:61:d6:ac:32:
50:55:33:6c:c5:bf:0b:09:5e:93:e7:6a:43:ad:42:
d6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2F:2E:EE:F9:F7:94:90:09:3C:3E:14:8F:B9:06:2B:15:D5:24:CE
X509v3 Authority Key Identifier:
keyid:D6:F0:67:24:D0:96:87:07:ED:1D:FA:FD:BB:22:58:02:B3:DA:A1:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1F95/FF93EC72195F11EDB2BDF95EC4F9AE02/1vBnJNCWhwftHfr9uyJYArPaoZQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1vBnJNCWhwftHfr9uyJYArPaoZQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1F95/FF93EC72195F11EDB2BDF95EC4F9AE02/FA95A9C8196311ED95C8BB7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.98.0/23
Signature Algorithm: sha256WithRSAEncryption
eb:ab:ba:31:d9:cc:da:29:3b:4d:b9:56:b2:5d:1d:0f:09:0a:
6d:fc:71:90:cc:18:4e:e6:e7:26:07:d8:6c:3a:d1:22:62:f9:
cd:e6:21:d9:c6:29:f4:c6:16:75:ca:00:cd:d8:02:fd:ef:eb:
fe:86:92:25:43:1a:04:90:03:9f:36:6f:52:e6:25:26:62:db:
7a:82:34:7a:eb:e1:3e:32:43:4d:f5:58:cd:dc:44:49:54:63:
69:c6:c6:e2:bd:6a:80:b4:3c:1d:03:e2:7a:74:79:cd:32:14:
dc:c9:fe:67:cf:db:47:90:69:58:25:68:6e:d1:24:cf:5f:38:
27:6c:ee:75:33:20:c1:13:80:d3:92:da:89:52:29:0b:e0:7b:
f7:9e:b0:bc:6e:78:41:4f:f9:ad:3c:20:2d:f6:42:5c:66:92:
13:9b:46:8c:03:89:c2:7f:b7:97:f9:aa:6a:85:e6:bf:2a:0b:
e8:38:73:52:26:cb:09:23:50:99:6f:fe:3f:b4:42:97:5a:fb:
78:c1:e0:45:7c:b1:f7:de:cc:db:90:96:b1:02:bf:13:56:e9:
02:d5:dc:5c:d8:f8:78:07:23:e2:99:82:2e:99:1f:36:0f:e5:
6a:5f:a1:1f:ef:5a:e4:49:c5:b2:26:8c:f7:65:5e:f7:70:52:
71:32:f9:c0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MUY5NTExMC8GA1UEBRMoRDZGMDY3MjREMDk2ODcwN0VEMURGQUZEQkIyMjU4MDJC
M0RBQTE5NDAeFw0yMjEwMjUwNjE0NDRaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNTc3ZWQzLWU3NWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWQtoPKQvJbGchl2P8WNUtblSHp8u3pDCZg0FeRbcsy712DNDJNsuwzmpwqVu7
2RVM1Fj7mnvyF4wCIyOoqeYpd8pZl6ssEFiCQPLIyc+OF71TEOeWGtMckiVFVIYW
nI3y4U5bPQQ+swSX6qMsFIpb2PG/8+FtzmF04narHeJKVrcwyWbjEiNx/0/DvyVK
3j1Bjld8FnvMZMwARWUtLkzYF2Dp4u8PIAJeLCR4HJ2qjX/Z7GJjURJQQniulrmw
sneAo+pbjS9pVYXpnnia+Is3nEFpPeYZD97Ud9gUt9wOJjcUjk/TgWanFVuaYdas
MlBVM2zFvwsJXpPnakOtQta1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUAy8u7vn3
lJAJPD4Uj7kGKxXVJM4wHwYDVR0jBBgwFoAU1vBnJNCWhwftHfr9uyJYArPaoZQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxRjk1L0ZGOTNFQzcyMTk1
RjExRURCMkJERjk1RUM0RjlBRTAyLzF2Qm5KTkNXaHdmdEhmcjl1eUpZQXJQYW9a
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMXZCbkpOQ1dod2Z0SGZyOXV5SllBclBhb1pRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MUY5NS9GRjkzRUM3MjE5NUYxMUVEQjJCREY5NUVDNEY5QUUwMi9GQTk1QTlDODE5
NjMxMUVEOTVDOEJCN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeuYjANBgkqhkiG9w0BAQsFAAOCAQEA66u6MdnM2ik7TblW
sl0dDwkKbfxxkMwYTubnJgfYbDrRImL5zeYh2cYp9MYWdcoAzdgC/e/r/oaSJUMa
BJADnzZvUuYlJmLbeoI0euvhPjJDTfVYzdxESVRjacbG4r1qgLQ8HQPienR5zTIU
3Mn+Z8/bR5BpWCVobtEkz184J2zudTMgwROA05LaiVIpC+B7956wvG54QU/5rTwg
LfZCXGaSE5tGjAOJwn+3l/mqaoXmvyoL6DhzUibLCSNQmW/+P7RCl1r7eMHgRXyx
997M25CWsQK/E1bpAtXcXNj4eAcj4pmCLpkfNg/lal+hH+9a5EnFsiaM92Ve93BS
cTL5wA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org