Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD42F/C8BA01BC2E2B11EB80EB7080C4F9AE02/B9167BFC2E2E11EBB4CB1021C4F9AE02.roa
File: B9167BFC2E2E11EBB4CB1021C4F9AE02.roa (raw, json)
Hash identifier: s6NQ02dQTPiMlkIlGQ31w9K0DIOSicaiCd7k/S7mvgw=
Subject key identifier: 2F:DC:E2:64:86:B4:42:87:DD:39:2E:FB:92:5D:43:A0:1D:73:C2:96
Certificate issuer: /CN=A91DD42F/serialNumber=87A55061B75F1DC2C5C5BB87D2898E83307D870F
Certificate serial: 0271
Authority key identifier: 87:A5:50:61:B7:5F:1D:C2:C5:C5:BB:87:D2:89:8E:83:30:7D:87:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h6VQYbdfHcLFxbuH0omOgzB9hw8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD42F/C8BA01BC2E2B11EB80EB7080C4F9AE02/B9167BFC2E2E11EBB4CB1021C4F9AE02.roa
Signing time: Wed 29 Sep 2021 01:11:12 +0000
ROA not before: Wed 29 Sep 2021 01:11:12 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 45178
IP address blocks: 103.235.177.0/24 maxlen: 24
103.235.178.0/24 maxlen: 24
103.235.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 625 (0x271)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD42F/serialNumber=87A55061B75F1DC2C5C5BB87D2898E83307D870F
Validity
Not Before: Sep 29 01:11:12 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=6153bd30-b7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:82:7b:fe:5c:ae:98:f4:30:7f:a7:18:cd:25:
52:c7:83:8b:96:11:c2:e3:8f:12:1d:4b:5b:be:74:
42:25:89:f1:dc:13:3e:3a:16:f2:79:54:a3:2c:09:
bc:98:9d:9a:9a:10:d0:9d:f1:75:07:5d:52:05:75:
a8:75:f6:6a:c5:aa:01:26:12:69:ad:00:0d:c1:dc:
17:44:12:c8:e4:47:60:a1:6a:98:68:25:74:a2:0e:
f2:40:e2:c2:49:05:9a:23:15:b8:2b:ab:10:ac:34:
07:2e:ea:a7:4e:74:09:d9:e5:ee:cb:2c:69:fd:37:
da:b7:16:b5:83:5f:be:2f:54:14:fd:01:8c:a7:ed:
b4:e7:31:ef:c7:28:0c:b9:6b:93:a7:c8:00:ff:23:
0d:f4:c9:ba:5e:85:3b:81:22:d7:e0:48:fa:7d:5b:
86:a1:c4:42:be:d8:bf:02:92:79:f4:67:6b:6d:72:
33:bf:08:c1:1c:c8:25:ea:ce:a4:67:03:da:f7:54:
ad:d2:23:e0:42:bd:d6:56:97:b1:7e:e3:f1:7d:cb:
e2:f8:6f:f1:71:1e:08:00:b0:34:50:11:69:0b:bd:
f7:17:19:5c:00:85:bc:a4:1b:84:90:7a:91:5d:0e:
dd:d7:6b:61:7b:04:89:26:c8:87:b7:94:1d:af:8a:
a5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DC:E2:64:86:B4:42:87:DD:39:2E:FB:92:5D:43:A0:1D:73:C2:96
X509v3 Authority Key Identifier:
keyid:87:A5:50:61:B7:5F:1D:C2:C5:C5:BB:87:D2:89:8E:83:30:7D:87:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD42F/C8BA01BC2E2B11EB80EB7080C4F9AE02/h6VQYbdfHcLFxbuH0omOgzB9hw8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h6VQYbdfHcLFxbuH0omOgzB9hw8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD42F/C8BA01BC2E2B11EB80EB7080C4F9AE02/B9167BFC2E2E11EBB4CB1021C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.177.0-103.235.179.255
Signature Algorithm: sha256WithRSAEncryption
36:67:a8:34:74:eb:af:21:87:cf:3a:32:59:12:df:05:3b:3e:
e3:2e:76:d4:28:34:33:b4:5b:9c:33:02:57:ac:ca:ee:94:9a:
c6:03:c9:10:ae:c9:bc:b1:43:17:73:7e:79:56:9b:61:c7:73:
9a:ad:13:40:55:33:ad:63:32:38:9f:20:fc:30:4d:32:89:8e:
ec:a5:bb:4d:a3:e1:1f:e8:3d:ff:65:1c:72:ea:7c:72:f4:5e:
08:04:ee:2a:1b:5c:af:50:f4:b0:8a:d8:1b:f0:6a:fd:ad:3d:
3d:fc:a1:03:cb:30:d6:c5:e6:56:90:f0:1b:d9:d3:37:ca:b1:
77:51:ac:fe:b8:9e:5d:e8:95:1c:dc:dd:3e:cc:f6:a6:f5:db:
32:52:a4:fb:ce:98:a2:5a:d1:13:d8:bc:ad:b5:fe:06:60:1b:
55:11:e0:4e:cd:27:6c:b5:c0:c0:dc:5e:56:5b:e1:aa:3b:ef:
89:c1:0d:e2:ae:ac:11:64:01:26:fd:d9:8f:98:f0:ec:50:04:
7c:8d:33:a7:4f:05:59:9c:81:c1:f5:7f:84:a0:6d:33:70:27:
fb:5e:dd:86:02:22:ad:11:36:fa:90:18:31:6b:47:41:49:ff:
d7:e9:4c:f5:45:f5:8c:d6:e9:b0:ea:a4:3f:4f:02:df:74:3c:
f7:99:16:02
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQ0MkYxMTAvBgNVBAUTKDg3QTU1MDYxQjc1RjFEQzJDNUM1QkI4N0QyODk4RTgz
MzA3RDg3MEYwHhcNMjEwOTI5MDExMTEyWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTUzYmQzMC1iN2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvYJ7/lyumPQwf6cYzSVSx4OLlhHC448SHUtbvnRCJYnx3BM+OhbyeVSjLAm8
mJ2amhDQnfF1B11SBXWodfZqxaoBJhJprQANwdwXRBLI5EdgoWqYaCV0og7yQOLC
SQWaIxW4K6sQrDQHLuqnTnQJ2eXuyyxp/Tfatxa1g1++L1QU/QGMp+205zHvxygM
uWuTp8gA/yMN9Mm6XoU7gSLX4Ej6fVuGocRCvti/ApJ59GdrbXIzvwjBHMgl6s6k
ZwPa91St0iPgQr3WVpexfuPxfcvi+G/xcR4IALA0UBFpC733FxlcAIW8pBuEkHqR
XQ7d12thewSJJsiHt5Qdr4ql/wIDAQABo4ICnTCCApkwHQYDVR0OBBYEFC/c4mSG
tEKH3Tku+5JdQ6Adc8KWMB8GA1UdIwQYMBaAFIelUGG3Xx3CxcW7h9KJjoMwfYcP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDQyRi9DOEJBMDFCQzJF
MkIxMUVCODBFQjcwODBDNEY5QUUwMi9oNlZRWWJkZkhjTEZ4YnVIMG9tT2d6Qjlo
dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g2VlFZYmRmSGNMRnhidUgwb21PZ3pCOWh3OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQ0MkYvQzhCQTAxQkMyRTJCMTFFQjgwRUI3MDgwQzRGOUFFMDIvQjkxNjdCRkMy
RTJFMTFFQkI0Q0IxMDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGfrsQMEAmfrsDANBgkqhkiG9w0BAQsFAAOCAQEANmeo
NHTrryGHzzoyWRLfBTs+4y521Cg0M7RbnDMCV6zK7pSaxgPJEK7JvLFDF3N+eVab
Ycdzmq0TQFUzrWMyOJ8g/DBNMomO7KW7TaPhH+g9/2Uccup8cvReCATuKhtcr1D0
sIrYG/Bq/a09PfyhA8sw1sXmVpDwG9nTN8qxd1Gs/rieXeiVHNzdPsz2pvXbMlKk
+86YolrRE9i8rbX+BmAbVRHgTs0nbLXAwNxeVlvhqjvvicEN4q6sEWQBJv3Zj5jw
7FAEfI0zp08FWZyBwfV/hKBtM3An+17dhgIirRE2+pAYMWtHQUn/1+lM9UX1jNbp
sOqkP08C33Q895kWAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org