Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/077EE0BEFB7311EC97CD7F85C4F9AE02.roa
File: 077EE0BEFB7311EC97CD7F85C4F9AE02.roa (raw, json)
Hash identifier: kgiHI5RPqnB12HSaMgbsfet4aOXgfvryl5rXAKJXsas=
Subject key identifier: B6:5B:6B:AF:F4:85:6E:F8:F3:5A:90:B0:1D:D9:56:98:03:78:DC:63
Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Certificate serial: 0B90
Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/077EE0BEFB7311EC97CD7F85C4F9AE02.roa
Signing time: Mon 04 Jul 2022 08:26:41 +0000
ROA not before: Mon 04 Jul 2022 08:26:41 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 138147
IP address blocks: 103.5.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2960 (0xb90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Validity
Not Before: Jul 4 08:26:41 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=62c2a441-d3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c0:90:9a:33:31:f8:00:f8:07:68:80:40:d5:
73:1e:5e:db:59:1e:84:8c:b9:42:ec:96:46:a0:02:
04:54:57:24:d2:f6:95:33:33:ca:89:bd:44:3b:b6:
b9:fb:85:fd:db:29:4b:3a:7e:13:29:c8:4d:9a:57:
43:7c:bc:7f:27:16:79:22:de:d5:8d:27:a2:b2:3e:
36:8a:13:0e:43:4d:44:bc:de:fe:bf:bf:20:82:ec:
8a:e9:d6:43:17:b5:11:1a:bd:ac:56:77:f7:d2:6a:
f6:04:41:af:f9:87:16:9c:05:99:99:23:66:51:07:
3e:87:c8:e4:a1:68:00:46:43:29:ab:71:e6:c8:55:
b6:31:83:d7:87:80:40:d4:cc:32:43:33:c9:91:a4:
6f:f0:ba:82:2e:aa:ca:13:ab:22:7a:44:09:ee:4b:
46:0a:53:ac:c0:79:0c:dc:66:86:6e:08:9c:2a:fb:
9f:0c:20:56:89:33:68:82:05:5c:cf:ff:02:66:64:
a7:21:41:38:49:de:19:e7:ab:ac:5b:b1:a5:44:f4:
82:f1:b7:a4:a5:10:f5:9a:2a:a3:59:14:8a:ce:d8:
b6:90:63:6b:6f:00:b7:7e:86:2f:f0:eb:ef:01:f4:
4c:a4:64:45:98:ee:2d:b7:63:64:0c:6e:20:83:e2:
b3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5B:6B:AF:F4:85:6E:F8:F3:5A:90:B0:1D:D9:56:98:03:78:DC:63
X509v3 Authority Key Identifier:
keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/077EE0BEFB7311EC97CD7F85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.2.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:d1:78:24:d9:22:d6:b0:15:f1:4f:ff:2f:5a:c0:79:a2:f9:
4a:25:fd:98:7e:39:7f:37:21:8a:3c:af:bc:a7:cd:77:e7:99:
a7:ba:62:c1:17:dd:c1:3a:8a:c9:f4:32:7c:0d:f6:b5:22:14:
30:48:06:78:6d:24:3d:2e:de:2b:f5:14:27:77:3f:47:bb:56:
f7:38:5d:b0:da:3b:94:e0:cb:b4:f2:0d:f2:9c:4d:be:37:b8:
8d:e4:41:31:4c:22:58:33:b4:e5:11:34:58:eb:b9:ce:d9:b0:
4c:ec:0f:bd:e5:d1:37:61:1c:71:4f:d3:92:7f:92:1a:db:da:
fb:83:67:7d:88:cc:80:55:50:2c:0c:90:9b:a7:97:d7:26:90:
87:59:7b:ef:6c:80:92:54:b1:b7:2e:b3:b6:fb:a5:9e:80:89:
7f:bd:31:a3:a6:7f:41:b2:82:b2:a1:0e:e3:fd:35:98:cd:a8:
3e:bf:18:73:80:d2:1a:7d:52:a0:62:ba:ee:36:80:a0:4b:f5:
f8:2a:d3:e3:2a:1a:2a:07:23:a0:1b:91:88:23:8f:db:52:86:
59:20:39:67:d4:f9:6f:f3:f8:77:04:a3:1d:a0:ea:c8:a6:f7:
21:34:36:ed:3e:5e:7e:39:03:6f:3a:33:8b:2b:b3:3e:e6:2c:
7b:4e:b4:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx
REM0NUUyQjIwHhcNMjIwNzA0MDgyNjQxWhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMyYTQ0MS1kM2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtcCQmjMx+AD4B2iAQNVzHl7bWR6EjLlC7JZGoAIEVFck0vaVMzPKib1EO7a5
+4X92ylLOn4TKchNmldDfLx/JxZ5It7VjSeisj42ihMOQ01EvN7+v78gguyK6dZD
F7URGr2sVnf30mr2BEGv+YcWnAWZmSNmUQc+h8jkoWgARkMpq3HmyFW2MYPXh4BA
1MwyQzPJkaRv8LqCLqrKE6siekQJ7ktGClOswHkM3GaGbgicKvufDCBWiTNoggVc
z/8CZmSnIUE4Sd4Z56usW7GlRPSC8bekpRD1miqjWRSKzti2kGNrbwC3foYv8Ovv
AfRMpGRFmO4tt2NkDG4gg+KziQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLZba6/0
hW7481qQsB3ZVpgDeNxjMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5
REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvMDc3RUUwQkVG
QjczMTFFQzk3Q0Q3Rjg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnBQIwDQYJKoZIhvcNAQELBQADggEBAG/ReCTZItawFfFP
/y9awHmi+Uol/Zh+OX83IYo8r7ynzXfnmae6YsEX3cE6isn0MnwN9rUiFDBIBnht
JD0u3iv1FCd3P0e7Vvc4XbDaO5Tgy7TyDfKcTb43uI3kQTFMIlgztOURNFjruc7Z
sEzsD73l0TdhHHFP05J/khrb2vuDZ32IzIBVUCwMkJunl9cmkIdZe+9sgJJUsbcu
s7b7pZ6AiX+9MaOmf0GygrKhDuP9NZjNqD6/GHOA0hp9UqBiuu42gKBL9fgq0+Mq
GioHI6AbkYgjj9tShlkgOWfU+W/z+HcEox2g6sim9yE0Nu0+Xn45A286M4srsz7m
LHtOtBQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org