Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/67F52A4A8EE111EEBDE23386C4F9AE02.roa
File: 67F52A4A8EE111EEBDE23386C4F9AE02.roa (raw, json)
Hash identifier: X2aS+QuRYrnUXsv1YOQphNLVEZMZZOdobGnYXw1W0/g=
Subject key identifier: 6F:3F:82:E6:A1:87:B8:5C:93:E5:92:23:86:A5:CB:35:3F:DB:94:F5
Certificate issuer: /CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Certificate serial: D0
Authority key identifier: 25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/67F52A4A8EE111EEBDE23386C4F9AE02.roa
Signing time: Wed 29 Nov 2023 18:02:06 +0000
ROA not before: Wed 29 Nov 2023 18:02:06 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 60117
IP address blocks: 103.85.200.0/22 maxlen: 22
110.44.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208 (0xd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E015D/serialNumber=257A9E6914D58A745B0EE6ABE548CDBE020488D4
Validity
Not Before: Nov 29 18:02:06 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=65677c9e-42ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:59:f4:69:32:39:f7:30:37:5e:a7:3d:b6:fe:
38:5c:8b:2f:73:be:9b:e9:43:4f:e6:ec:8d:0f:b9:
48:97:7b:0d:7b:90:f6:c7:b5:18:4e:dd:92:12:8a:
e0:84:06:66:4e:c2:0c:8e:41:02:ed:39:eb:2b:05:
19:64:55:76:3f:88:74:05:d9:f5:f0:22:0e:1a:02:
59:9f:1c:68:2d:12:da:68:ae:c6:8c:01:94:fa:7e:
6b:3d:23:3b:0a:e2:e5:f9:fd:78:3c:b4:3f:2b:fd:
07:8d:3b:bc:59:69:71:a6:02:2f:5f:e9:11:e6:c1:
56:98:0e:f7:6c:fe:28:71:17:55:df:0d:8a:63:aa:
cd:8f:d8:d9:37:ae:3a:52:a8:cb:45:75:6e:a3:96:
52:e4:9e:9f:25:f5:1f:f3:f0:c9:ad:df:2a:13:23:
78:30:56:af:fb:69:00:8e:3c:62:8d:db:ef:46:25:
27:7c:e3:19:be:57:36:b5:5c:73:99:45:02:96:b1:
f6:b6:e2:14:fa:9f:55:3c:7f:35:6f:2f:5d:c2:d8:
3a:68:06:62:65:12:03:fd:e8:ac:af:df:84:c2:da:
03:cd:73:4c:b9:88:97:d2:99:05:b1:92:5a:e9:37:
44:69:f6:df:65:26:62:57:41:5b:d3:08:e5:6b:a1:
69:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3F:82:E6:A1:87:B8:5C:93:E5:92:23:86:A5:CB:35:3F:DB:94:F5
X509v3 Authority Key Identifier:
keyid:25:7A:9E:69:14:D5:8A:74:5B:0E:E6:AB:E5:48:CD:BE:02:04:88:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/JXqeaRTVinRbDuar5UjNvgIEiNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JXqeaRTVinRbDuar5UjNvgIEiNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E015D/6C474920731211EDB70BCE33C4F9AE02/67F52A4A8EE111EEBDE23386C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.200.0/22
110.44.108.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:51:56:ff:d3:b5:6a:8a:91:8a:1a:2b:02:48:78:21:d6:ef:
0d:33:e3:17:5c:8f:ad:79:b0:5d:a5:7b:d4:9b:dc:d3:84:37:
57:a2:03:60:dc:8f:56:ac:45:55:02:77:dc:db:f2:c7:da:aa:
d7:dc:76:1a:95:d0:25:f0:8a:bd:f6:15:75:3d:47:3d:64:29:
0e:18:7a:9a:92:37:87:80:1d:43:63:8a:3e:bd:d0:ec:1a:c3:
29:99:45:ad:d9:a5:31:9c:b6:d4:a7:f0:b6:f7:99:4f:fe:4e:
30:60:94:2a:fa:3c:24:e2:9a:e0:a2:4f:c0:bf:82:7a:53:a3:
9f:a2:0b:e6:97:45:d9:6c:b7:b3:89:64:da:42:46:ed:f6:7f:
21:8c:5b:30:b9:d6:61:b7:a5:1c:2c:c5:27:65:f4:a3:68:99:
e0:00:28:3b:a0:1d:1f:95:e3:06:6a:46:b0:ab:ef:2d:31:e7:
51:8f:dc:67:eb:04:0e:52:e4:a3:03:ba:ad:1f:0e:d2:7d:01:
71:d3:eb:2e:3c:1d:65:00:56:03:1c:8a:a2:d4:11:3f:47:64:
b4:f2:60:04:12:61:15:ce:6e:94:d9:0d:35:63:8f:90:30:05:
d1:e8:f3:61:fb:00:78:9f:cc:98:d7:49:13:55:85:ec:53:c3:
92:0a:02:ed
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICANAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxNUQxMTAvBgNVBAUTKDI1N0E5RTY5MTRENThBNzQ1QjBFRTZBQkU1NDhDREJF
MDIwNDg4RDQwHhcNMjMxMTI5MTgwMjA2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY3N2M5ZS00MmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy1n0aTI59zA3Xqc9tv44XIsvc76b6UNP5uyND7lIl3sNe5D2x7UYTt2SEorg
hAZmTsIMjkEC7TnrKwUZZFV2P4h0Bdn18CIOGgJZnxxoLRLaaK7GjAGU+n5rPSM7
CuLl+f14PLQ/K/0HjTu8WWlxpgIvX+kR5sFWmA73bP4ocRdV3w2KY6rNj9jZN646
UqjLRXVuo5ZS5J6fJfUf8/DJrd8qEyN4MFav+2kAjjxijdvvRiUnfOMZvlc2tVxz
mUUClrH2tuIU+p9VPH81by9dwtg6aAZiZRID/eisr9+EwtoDzXNMuYiX0pkFsZJa
6TdEafbfZSZiV0Fb0wjla6FpaQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG8/guah
h7hck+WSI4alyzU/25T1MB8GA1UdIwQYMBaAFCV6nmkU1Yp0Ww7mq+VIzb4CBIjU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDE1RC82QzQ3NDkyMDcz
MTIxMUVEQjcwQkNFMzNDNEY5QUUwMi9KWHFlYVJUVmluUmJEdWFyNVVqTnZnSUVp
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pYcWVhUlRWaW5SYkR1YXI1VWpOdmdJRWlOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxNUQvNkM0NzQ5MjA3MzEyMTFFREI3MEJDRTMzQzRGOUFFMDIvNjdGNTJBNEE4
RUUxMTFFRUJERTIzMzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnVcgDBAJuLGwwDQYJKoZIhvcNAQELBQADggEBAB9RVv/T
tWqKkYoaKwJIeCHW7w0z4xdcj615sF2le9Sb3NOEN1eiA2Dcj1asRVUCd9zb8sfa
qtfcdhqV0CXwir32FXU9Rz1kKQ4YepqSN4eAHUNjij690OwawymZRa3ZpTGcttSn
8Lb3mU/+TjBglCr6PCTimuCiT8C/gnpTo5+iC+aXRdlst7OJZNpCRu32fyGMWzC5
1mG3pRwsxSdl9KNomeAAKDugHR+V4wZqRrCr7y0x51GP3GfrBA5S5KMDuq0fDtJ9
AXHT6y48HWUAVgMciqLUET9HZLTyYAQSYRXObpTZDTVjj5AwBdHo82H7AHifzJjX
SRNVhexTw5IKAu0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org