Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/D6C910221A8911EC8CA55943C4F9AE02.roa
File: D6C910221A8911EC8CA55943C4F9AE02.roa (raw, json)
Hash identifier: 3YC5mZ5a1YnhcJBAvWMb/ZolfS1HP6RqDY2DPk/oUgY=
Subject key identifier: 30:EA:70:DA:4B:7A:EE:96:93:74:05:6A:1A:67:3B:A2:B9:BD:91:EE
Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Certificate serial: 02
Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/D6C910221A8911EC8CA55943C4F9AE02.roa
Signing time: Tue 21 Sep 2021 03:13:06 +0000
ROA not before: Tue 21 Sep 2021 03:13:06 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 1239
IP address blocks: 103.173.84.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Validity
Not Before: Sep 21 03:13:06 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=61494dc2-2113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d4:a2:59:85:7d:33:25:69:61:22:ba:8e:ad:
fb:2a:03:71:a0:a5:43:e1:05:7d:83:45:10:8a:04:
92:fb:c0:c1:0f:a0:27:dc:0b:fe:26:8b:71:07:53:
ea:7a:45:7c:ac:3f:41:19:22:51:d8:66:d4:94:c5:
fb:4b:47:f6:b6:95:07:21:0d:38:2e:34:c8:f3:5a:
23:b2:8f:10:cf:e9:3a:bb:26:f2:3e:6a:1f:ab:98:
be:37:31:30:2b:c6:a7:a4:53:64:42:8a:c0:31:b3:
16:7d:cb:55:fc:69:6f:3e:e0:9b:85:fe:62:75:29:
25:0b:7c:27:26:14:5e:5d:20:0f:2d:13:61:07:ed:
91:c6:5d:4f:46:4a:67:69:e4:c0:16:ad:bb:7d:22:
c6:fa:d7:b8:37:a1:32:c0:95:84:70:86:af:8e:cd:
62:13:4a:ef:7d:73:b9:98:b0:0b:89:bc:78:f4:eb:
af:c7:00:da:bd:3e:68:6a:f9:8b:85:98:08:59:25:
d9:2e:8e:c3:a6:10:8d:02:20:ab:0c:ac:0a:c2:1f:
1c:07:50:9a:d1:68:a9:f4:0f:b4:9b:d9:69:0b:c0:
91:c6:fc:ad:11:77:b9:b5:4b:77:8b:94:e4:00:ed:
fe:3c:7b:e0:99:8d:ef:d6:b4:97:0c:6e:56:eb:17:
ad:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EA:70:DA:4B:7A:EE:96:93:74:05:6A:1A:67:3B:A2:B9:BD:91:EE
X509v3 Authority Key Identifier:
keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/D6C910221A8911EC8CA55943C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.84.0/23
Signature Algorithm: sha256WithRSAEncryption
16:84:2f:f6:a4:c3:19:e6:9e:e9:4b:83:1b:f1:ed:f9:55:56:
85:71:ac:17:45:dd:a6:55:c3:04:ba:b7:8a:ed:c3:e4:6e:11:
3d:d2:ae:b0:2b:2b:91:bf:c2:c4:1c:d6:56:80:41:1f:5b:c5:
31:a3:e3:23:79:53:c2:0f:6c:95:31:e9:d1:a6:6f:df:9d:b6:
4b:e0:61:4d:1f:27:3e:bc:6a:2d:7d:26:4d:9e:55:5c:4a:ba:
72:c1:6c:60:15:0e:b0:86:96:67:b7:54:02:42:ee:66:d2:75:
ed:1c:2e:4f:ed:cc:80:06:ed:27:99:e0:6d:3f:61:65:c4:8d:
f4:38:af:a3:53:7e:97:b8:e6:97:8f:8a:cc:c0:d3:79:fd:bc:
f8:e4:d9:ae:bb:1d:e2:8b:88:04:ca:c7:75:ac:45:03:2e:10:
c1:67:cf:8f:e5:dd:b4:80:e6:68:3d:30:fd:7c:51:3a:f2:75:
96:81:96:15:80:a1:72:2d:82:c4:bb:14:aa:35:ed:f3:d1:72:
d9:f1:c7:df:a4:2b:fd:2a:9a:dc:69:48:ba:0e:62:ff:9d:43:
64:32:3d:ba:02:fc:d3:13:96:04:86:72:60:07:40:c3:20:82:
00:97:1f:74:5c:26:05:53:03:6a:37:ec:da:a3:be:48:b6:9c:
aa:68:65:05
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NERGQTExMC8GA1UEBRMoMjA3OEFENUJCREYxRDRDNUI5NzBCQkUyOTM0RDlBMzU1
REIzMUNFODAeFw0yMTA5MjEwMzEzMDZaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxNDk0ZGMyLTIxMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDb1KJZhX0zJWlhIrqOrfsqA3GgpUPhBX2DRRCKBJL7wMEPoCfcC/4mi3EHU+p6
RXysP0EZIlHYZtSUxftLR/a2lQchDTguNMjzWiOyjxDP6Tq7JvI+ah+rmL43MTAr
xqekU2RCisAxsxZ9y1X8aW8+4JuF/mJ1KSULfCcmFF5dIA8tE2EH7ZHGXU9GSmdp
5MAWrbt9Isb617g3oTLAlYRwhq+OzWITSu99c7mYsAuJvHj066/HANq9Pmhq+YuF
mAhZJdkujsOmEI0CIKsMrArCHxwHUJrRaKn0D7Sb2WkLwJHG/K0Rd7m1S3eLlOQA
7f48e+CZje/WtJcMblbrF63jAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUMOpw2kt6
7paTdAVqGmc7orm9ke4wHwYDVR0jBBgwFoAUIHitW73x1MW5cLvik02aNV2zHOgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0REZBLzg0NTk4NENFMUE4
NTExRUNBNzZBRUEzQUM0RjlBRTAyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhP
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSUhpdFc3M3gxTVc1Y0x2aWswMmFOVjJ6SE9nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9ENkM5MTAyMjFB
ODkxMUVDOENBNTU5NDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWetVDANBgkqhkiG9w0BAQsFAAOCAQEAFoQv9qTDGeae6UuD
G/Ht+VVWhXGsF0XdplXDBLq3iu3D5G4RPdKusCsrkb/CxBzWVoBBH1vFMaPjI3lT
wg9slTHp0aZv3522S+BhTR8nPrxqLX0mTZ5VXEq6csFsYBUOsIaWZ7dUAkLuZtJ1
7RwuT+3MgAbtJ5ngbT9hZcSN9Divo1N+l7jml4+KzMDTef28+OTZrrsd4ouIBMrH
daxFAy4QwWfPj+XdtIDmaD0w/XxROvJ1loGWFYChci2CxLsUqjXt89Fy2fHH36Qr
/Sqa3GlIug5i/51DZDI9ugL80xOWBIZyYAdAwyCCAJcfdFwmBVMDajfs2qO+SLac
qmhlBQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-fra.rpki-client.org