Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/0DD2B5167A8811EB95169F62C4F9AE02.roa
File: 0DD2B5167A8811EB95169F62C4F9AE02.roa (raw, json)
Hash identifier: MXMw7GOdOByWMr8KyJXhFP1FKa+HjVJ9XdiiYNRRCJw=
Subject key identifier: 11:6A:A5:CE:44:3D:A4:89:95:8A:1F:93:A2:11:5B:1F:09:94:B5:E0
Certificate issuer: /CN=A91EABCB/serialNumber=16B98842D861AEFE803040200C9AAA89560F2BCA
Certificate serial: 04E2
Authority key identifier: 16:B9:88:42:D8:61:AE:FE:80:30:40:20:0C:9A:AA:89:56:0F:2B:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrmIQthhrv6AMEAgDJqqiVYPK8o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/0DD2B5167A8811EB95169F62C4F9AE02.roa
Signing time: Wed 15 Mar 2023 01:31:42 +0000
ROA not before: Wed 15 Mar 2023 01:31:42 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 133441
IP address blocks: 103.86.84.0/24 maxlen: 24
103.86.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1250 (0x4e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EABCB/serialNumber=16B98842D861AEFE803040200C9AAA89560F2BCA
Validity
Not Before: Mar 15 01:31:42 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64111ffd-36ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6c:41:59:a9:7f:88:5f:c8:0a:d7:1a:25:7d:
2d:b8:49:9c:c0:0c:7b:12:08:5a:eb:46:67:e7:3b:
da:8f:7b:60:12:ce:73:87:66:72:a0:a6:3c:dc:62:
ed:d3:fa:2d:dc:27:86:63:08:19:6e:87:57:0c:65:
b9:87:5f:57:11:15:7c:fd:38:98:de:63:ba:85:38:
d7:c5:66:80:ad:e1:9f:aa:f2:92:4d:bc:83:9a:da:
88:c5:93:74:d4:19:35:51:54:45:3b:fa:44:05:62:
8b:0e:c1:cc:12:8a:55:dc:73:ca:90:51:38:27:86:
a5:77:2c:d1:bf:d3:23:07:e9:fc:bf:1f:c4:ae:28:
38:00:e2:03:79:71:b3:16:5a:e4:b7:13:f6:a5:76:
6e:96:af:16:c2:10:18:13:6e:b3:b0:ef:f6:61:17:
be:d7:15:bb:57:99:7e:86:b1:09:28:2f:5e:00:d6:
44:d8:10:d4:9a:fd:5e:1b:03:d1:b4:52:3f:6f:08:
35:74:57:cd:3f:82:e7:07:8a:fd:29:c6:31:f2:13:
d4:72:9a:65:d4:b6:a0:f0:49:97:99:be:ea:de:b1:
11:7f:41:4a:0f:79:dc:c4:58:99:01:93:cb:3c:45:
b2:89:70:77:3d:54:6c:8e:a6:43:a4:97:15:4f:67:
b5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6A:A5:CE:44:3D:A4:89:95:8A:1F:93:A2:11:5B:1F:09:94:B5:E0
X509v3 Authority Key Identifier:
keyid:16:B9:88:42:D8:61:AE:FE:80:30:40:20:0C:9A:AA:89:56:0F:2B:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/FrmIQthhrv6AMEAgDJqqiVYPK8o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrmIQthhrv6AMEAgDJqqiVYPK8o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EABCB/342FFF187A8611EB97AE5160C4F9AE02/0DD2B5167A8811EB95169F62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.84.0/24
103.86.86.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:fe:d6:0a:0e:e0:c1:e3:ee:87:a5:c5:eb:48:b4:7b:c4:9d:
5d:7e:db:72:e4:d1:1e:e4:c6:8c:b9:16:81:d9:7e:bd:a9:c8:
bc:88:6d:cf:5a:0f:46:fc:24:e1:e8:3e:bb:63:6c:d8:dd:f7:
3f:b2:01:af:5d:8e:c2:a0:d2:fe:03:4c:d7:a1:e8:a3:be:f8:
54:86:49:12:51:64:86:eb:34:57:b9:d9:fc:4f:22:07:18:7d:
44:2a:e2:df:3a:e9:6c:d1:cc:42:93:fd:b1:4a:9b:ac:de:b1:
fc:16:02:f3:51:42:ae:6b:92:b5:f8:42:2e:10:a4:9f:60:e6:
1d:07:89:41:b7:b1:7c:a1:d5:33:50:2e:3f:d7:90:b6:6b:8d:
03:4c:67:c8:82:37:63:ed:a7:44:7d:8e:34:5e:67:58:26:a3:
03:94:b1:83:86:5c:82:80:02:a1:21:84:37:4f:13:1a:81:a8:
00:79:49:77:97:43:87:cf:b6:59:02:62:6f:6c:1d:36:05:ec:
f1:63:c7:9d:29:1f:27:e6:58:6e:c2:73:2a:7b:7a:9e:d3:58:
2e:f2:3e:e7:20:74:b2:1b:13:42:b1:43:88:40:c4:4b:c1:ca:
d8:d7:e6:cb:9d:45:1d:64:0c:ea:13:65:0c:40:ff:92:7d:a3:
97:93:52:58
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFCQ0IxMTAvBgNVBAUTKDE2Qjk4ODQyRDg2MUFFRkU4MDMwNDAyMDBDOUFBQTg5
NTYwRjJCQ0EwHhcNMjMwMzE1MDEzMTQyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDExMWZmZC0zNmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq2xBWal/iF/ICtcaJX0tuEmcwAx7Egha60Zn5zvaj3tgEs5zh2ZyoKY83GLt
0/ot3CeGYwgZbodXDGW5h19XERV8/TiY3mO6hTjXxWaAreGfqvKSTbyDmtqIxZN0
1Bk1UVRFO/pEBWKLDsHMEopV3HPKkFE4J4aldyzRv9MjB+n8vx/Erig4AOIDeXGz
FlrktxP2pXZulq8WwhAYE26zsO/2YRe+1xW7V5l+hrEJKC9eANZE2BDUmv1eGwPR
tFI/bwg1dFfNP4LnB4r9KcYx8hPUcppl1Lag8EmXmb7q3rERf0FKD3ncxFiZAZPL
PEWyiXB3PVRsjqZDpJcVT2e1xQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBFqpc5E
PaSJlYofk6IRWx8JlLXgMB8GA1UdIwQYMBaAFBa5iELYYa7+gDBAIAyaqolWDyvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUJDQi8zNDJGRkYxODdB
ODYxMUVCOTdBRTUxNjBDNEY5QUUwMi9Gcm1JUXRoaHJ2NkFNRUFnREpxcWlWWVBL
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZybUlRdGhocnY2QU1FQWdESnFxaVZZUEs4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFCQ0IvMzQyRkZGMTg3QTg2MTFFQjk3QUU1MTYwQzRGOUFFMDIvMEREMkI1MTY3
QTg4MTFFQjk1MTY5RjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnVlQDBABnVlYwDQYJKoZIhvcNAQELBQADggEBAML+1goO
4MHj7oelxetItHvEnV1+23Lk0R7kxoy5FoHZfr2pyLyIbc9aD0b8JOHoPrtjbNjd
9z+yAa9djsKg0v4DTNeh6KO++FSGSRJRZIbrNFe52fxPIgcYfUQq4t866WzRzEKT
/bFKm6zesfwWAvNRQq5rkrX4Qi4QpJ9g5h0HiUG3sXyh1TNQLj/XkLZrjQNMZ8iC
N2Ptp0R9jjReZ1gmowOUsYOGXIKAAqEhhDdPExqBqAB5SXeXQ4fPtlkCYm9sHTYF
7PFjx50pHyfmWG7Ccyp7ep7TWC7yPucgdLIbE0KxQ4hAxEvBytjX5sudRR1kDOoT
ZQxA/5J9o5eTUlg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org