Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/10B43C5AD32411ECBC7FC546C4F9AE02.roa
File: 10B43C5AD32411ECBC7FC546C4F9AE02.roa (raw, json)
Hash identifier: tZqaVFakLGnr1F1AhSdhaeYmpsEUYrx5DuOd6mwX1Q0=
Subject key identifier: DF:27:A8:B1:31:19:55:5A:B4:3A:28:02:1E:DB:71:A3:2B:AE:4E:BB
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 3324
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/10B43C5AD32411ECBC7FC546C4F9AE02.roa
Signing time: Sat 01 Oct 2022 15:10:53 +0000
ROA not before: Sat 01 Oct 2022 15:10:53 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141390
IP address blocks: 103.230.68.0/24 maxlen: 24
182.54.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13092 (0x3324)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Oct 1 15:10:53 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6338587d-f102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:af:29:47:00:31:7c:0e:47:69:da:8c:88:10:
00:17:f0:77:7c:ec:fe:d9:13:9f:d2:81:f9:6d:c3:
e0:70:43:dd:e1:c4:64:7a:f2:1f:fe:e8:c7:23:c1:
d3:aa:76:85:36:cb:9b:24:5c:9a:bf:8b:3c:be:9f:
3a:d5:88:b3:96:87:20:b7:af:32:71:68:9c:37:08:
7b:db:02:0e:46:05:6c:d7:70:a8:b4:c1:96:6a:4e:
3e:6f:15:3f:62:ae:d7:2b:10:e7:66:57:d9:c8:77:
53:1f:0e:8a:ab:eb:7a:99:89:9a:72:7d:7d:e3:62:
eb:b9:b5:7c:da:7a:d4:67:eb:e1:51:c7:a0:e6:80:
05:56:ef:6f:b0:90:48:66:51:6e:64:19:b3:94:b7:
cf:bc:57:a9:40:a2:fc:5d:8c:e8:c6:a0:00:a2:22:
c8:28:59:dd:8a:56:9d:b6:1a:99:53:22:2c:a0:ec:
92:4e:10:da:e4:36:e7:cd:8a:b1:ed:c2:43:86:92:
5a:01:c5:0c:39:a5:05:5b:05:ec:bc:73:01:de:e5:
f0:0f:7a:69:89:ea:7a:65:f3:93:ca:fa:89:0f:19:
c7:16:37:c0:43:ff:9b:14:25:bb:52:bb:a9:64:4b:
26:00:32:75:c7:ce:17:22:74:6e:55:ec:26:26:ea:
49:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:27:A8:B1:31:19:55:5A:B4:3A:28:02:1E:DB:71:A3:2B:AE:4E:BB
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/10B43C5AD32411ECBC7FC546C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.230.68.0/24
182.54.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:fd:69:6c:82:90:28:a0:43:fc:81:43:25:03:32:9f:4e:ce:
e1:d0:a0:8f:ed:2e:52:1d:8d:89:38:88:26:71:5c:4a:20:f1:
27:56:ea:cc:e7:6b:e8:06:9a:88:b5:fc:ad:ca:c4:4a:43:38:
10:15:c9:67:95:16:a2:1f:88:df:f9:ba:fd:b1:bd:41:52:69:
f2:af:fd:c1:f4:ff:f7:7f:5f:e1:bb:dd:66:ac:df:f3:1c:ee:
be:2a:56:d4:06:90:0b:20:93:fc:4b:30:40:85:9a:30:3e:ff:
98:35:5b:bc:ec:a6:64:d5:a2:7f:3a:fa:d7:3b:f4:d9:cd:b7:
d9:52:74:bc:f4:01:af:f3:b2:a9:4e:87:3f:c7:fd:39:59:0e:
23:88:00:6b:42:cf:bd:f3:80:af:41:96:01:92:56:af:7c:a8:
bd:0a:8e:aa:62:86:9d:70:ff:9f:3f:60:2b:68:4b:38:6d:eb:
fe:93:8e:42:a6:b9:d7:d9:a5:02:17:1d:8f:d3:9d:a4:36:68:
00:31:0c:e4:e9:a5:ab:8f:da:d8:49:9a:5c:03:8d:df:a9:a5:
b5:06:f3:cb:48:45:07:75:74:8f:a2:5e:5e:ae:0c:92:aa:79:
8f:f4:55:28:2a:04:dd:c3:e5:6f:4f:47:93:3a:83:3e:7a:0c:
69:75:34:cc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICMyQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjIxMDAxMTUxMDUzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM4NTg3ZC1mMTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzK8pRwAxfA5HadqMiBAAF/B3fOz+2ROf0oH5bcPgcEPd4cRkevIf/ujHI8HT
qnaFNsubJFyav4s8vp861Yizlocgt68ycWicNwh72wIORgVs13CotMGWak4+bxU/
Yq7XKxDnZlfZyHdTHw6Kq+t6mYmacn1942LrubV82nrUZ+vhUceg5oAFVu9vsJBI
ZlFuZBmzlLfPvFepQKL8XYzoxqAAoiLIKFndiladthqZUyIsoOySThDa5DbnzYqx
7cJDhpJaAcUMOaUFWwXsvHMB3uXwD3ppiep6ZfOTyvqJDxnHFjfAQ/+bFCW7Urup
ZEsmADJ1x84XInRuVewmJupJ/QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN8nqLEx
GVVatDooAh7bcaMrrk67MB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvMTBCNDNDNUFE
MzI0MTFFQ0JDN0ZDNTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn5kQDBAC2Nu4wDQYJKoZIhvcNAQELBQADggEBAKb9aWyC
kCigQ/yBQyUDMp9OzuHQoI/tLlIdjYk4iCZxXEog8SdW6szna+gGmoi1/K3KxEpD
OBAVyWeVFqIfiN/5uv2xvUFSafKv/cH0//d/X+G73Was3/Mc7r4qVtQGkAsgk/xL
MECFmjA+/5g1W7zspmTVon86+tc79NnNt9lSdLz0Aa/zsqlOhz/H/TlZDiOIAGtC
z73zgK9BlgGSVq98qL0Kjqpihp1w/58/YCtoSzht6/6TjkKmudfZpQIXHY/TnaQ2
aAAxDOTppauP2thJmlwDjd+ppbUG88tIRQd1dI+iXl6uDJKqeY/0VSgqBN3D5W9P
R5M6gz56DGl1NMw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org