Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/2657FA6EF97711EC85FD4E26C4F9AE02.roa
File: 2657FA6EF97711EC85FD4E26C4F9AE02.roa (raw, json)
Hash identifier: J9oIeVPVUXok9wD3ObdU4tgoDINe3pe+E1/xMNqtelI=
Subject key identifier: F2:57:5F:60:AF:56:C0:99:5A:DF:F4:D3:34:D9:1C:16:21:35:8C:E5
Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Certificate serial: 0236
Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/2657FA6EF97711EC85FD4E26C4F9AE02.roa
Signing time: Fri 01 Jul 2022 19:51:09 +0000
ROA not before: Fri 01 Jul 2022 19:51:09 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 43260
IP address blocks: 103.173.84.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 566 (0x236)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Validity
Not Before: Jul 1 19:51:09 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62bf502c-5379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ff:8b:4b:e3:dc:72:72:8c:89:13:7c:0f:4d:
02:00:f2:e2:33:76:ce:aa:fd:0e:f0:2c:06:1f:fd:
e4:9f:66:8f:11:90:06:f8:d9:d6:21:18:e3:30:2a:
f1:fc:ba:99:1e:dc:59:5a:94:78:c1:7f:df:99:ff:
79:3e:41:9b:a8:01:db:4d:c4:fb:94:5a:27:fb:a6:
87:9d:63:ff:b6:be:4f:6c:10:c8:65:91:a8:b8:04:
99:73:ae:6e:ae:6f:14:e4:7b:cd:38:5f:83:08:51:
af:bf:01:b5:93:0c:96:07:19:11:c6:f7:72:26:84:
ba:9c:82:3a:52:a0:7e:4e:e0:04:10:30:d7:53:19:
5d:e6:6f:16:b7:84:c4:66:7f:ef:5d:75:ec:68:fd:
ae:a0:ea:ae:db:e1:0e:e0:56:a4:88:5b:4f:bf:79:
e2:98:97:ff:2b:2a:8f:61:12:37:05:aa:b4:07:13:
d1:d5:90:05:bd:80:e9:76:28:62:75:db:bd:17:b6:
4e:82:48:df:20:09:7d:25:93:c0:e9:e7:be:94:ae:
1d:70:73:c2:15:de:e3:66:ce:4d:19:e1:66:5c:30:
91:e8:76:ff:8b:49:aa:48:71:5c:d8:ab:1d:1e:1f:
b4:39:38:76:15:43:16:7e:24:e6:c8:c4:be:c7:ca:
f7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:57:5F:60:AF:56:C0:99:5A:DF:F4:D3:34:D9:1C:16:21:35:8C:E5
X509v3 Authority Key Identifier:
keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/2657FA6EF97711EC85FD4E26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.84.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:e5:34:6f:e1:27:f7:fe:58:41:4c:28:04:89:69:02:33:83:
4a:a5:b7:8f:86:8f:19:58:34:1c:6a:44:92:cf:69:f7:10:39:
3a:86:e4:5d:fe:b4:af:96:f2:7f:0e:fb:93:13:f3:fb:3c:82:
ea:a6:80:56:ad:18:bf:91:19:fc:f6:bd:a6:27:2d:ab:29:13:
c4:35:8e:3b:e5:2f:06:3e:a4:ae:3e:40:88:a7:75:f4:d9:19:
e3:12:d3:09:ea:c9:b5:71:14:df:3d:79:56:40:3e:0f:31:25:
c2:45:27:16:ea:3d:a9:77:86:70:b7:58:e3:f1:5b:66:98:28:
cf:33:02:59:29:a0:24:8b:69:b4:15:ae:ce:ab:43:33:01:7e:
80:d0:1b:de:87:1d:5a:ca:7e:c2:9a:8c:59:6a:0f:07:a8:c3:
b6:af:19:0c:ba:46:1d:05:c4:4f:f1:ad:13:10:3c:48:e7:be:
bf:39:a3:f0:8a:8a:13:0b:b5:9d:c7:39:d4:eb:e6:55:a1:30:
4a:95:4b:b9:21:7d:3f:d4:f3:8c:ca:72:e0:68:4c:ea:c4:11:
15:e2:71:42:5e:fd:9b:49:e9:6a:a1:4b:46:12:7e:8c:5d:a3:
bb:f8:23:97:34:f2:3c:79:7e:8d:c3:68:a2:df:78:a9:2c:c8:
9c:3d:38:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1
NURCMzFDRTgwHhcNMjIwNzAxMTk1MTA5WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJmNTAyYy01Mzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxf+LS+PccnKMiRN8D00CAPLiM3bOqv0O8CwGH/3kn2aPEZAG+NnWIRjjMCrx
/LqZHtxZWpR4wX/fmf95PkGbqAHbTcT7lFon+6aHnWP/tr5PbBDIZZGouASZc65u
rm8U5HvNOF+DCFGvvwG1kwyWBxkRxvdyJoS6nII6UqB+TuAEEDDXUxld5m8Wt4TE
Zn/vXXXsaP2uoOqu2+EO4FakiFtPv3nimJf/KyqPYRI3Baq0BxPR1ZAFvYDpdihi
ddu9F7ZOgkjfIAl9JZPA6ee+lK4dcHPCFd7jZs5NGeFmXDCR6Hb/i0mqSHFc2Ksd
Hh+0OTh2FUMWfiTmyMS+x8r3FwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPJXX2Cv
VsCZWt/00zTZHBYhNYzlMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB
ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI
T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRERkEvODQ1OTg0Q0UxQTg1MTFFQ0E3NkFFQTNBQzRGOUFFMDIvMjY1N0ZBNkVG
OTc3MTFFQzg1RkQ0RTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrVQwDQYJKoZIhvcNAQELBQADggEBAGrlNG/hJ/f+WEFM
KASJaQIzg0qlt4+GjxlYNBxqRJLPafcQOTqG5F3+tK+W8n8O+5MT8/s8guqmgFat
GL+RGfz2vaYnLaspE8Q1jjvlLwY+pK4+QIindfTZGeMS0wnqybVxFN89eVZAPg8x
JcJFJxbqPal3hnC3WOPxW2aYKM8zAlkpoCSLabQVrs6rQzMBfoDQG96HHVrKfsKa
jFlqDweow7avGQy6Rh0FxE/xrRMQPEjnvr85o/CKihMLtZ3HOdTr5lWhMEqVS7kh
fT/U84zKcuBoTOrEERXicUJe/ZtJ6WqhS0YSfoxdo7v4I5c08jx5fo3DaKLfeKks
yJw9OPA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:08 2023 by rpki-client on console-ams.rpki-client.org