Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/4F0AE028A25C11ED8054E085C4F9AE02.roa
File: 4F0AE028A25C11ED8054E085C4F9AE02.roa (raw, json)
Hash identifier: BktHzObJK7kHYgJOZ79bOOFgN3mNjjFEH8akUc/HHEM=
Subject key identifier: 96:AD:69:C3:BD:E4:7A:00:34:54:23:E0:57:BE:67:4D:C0:13:B0:6B
Certificate issuer: /CN=A91EE8AC/serialNumber=9507F11D1363AC5B392F36F5EF3822C5CFCD68F9
Certificate serial: 7B
Authority key identifier: 95:07:F1:1D:13:63:AC:5B:39:2F:36:F5:EF:38:22:C5:CF:CD:68:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQfxHRNjrFs5Lzb17zgixc_NaPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/4F0AE028A25C11ED8054E085C4F9AE02.roa
Signing time: Tue 01 Aug 2023 05:04:51 +0000
ROA not before: Tue 01 Aug 2023 05:04:51 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 136969
IP address blocks: 103.189.194.0/24 maxlen: 24
103.189.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123 (0x7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE8AC/serialNumber=9507F11D1363AC5B392F36F5EF3822C5CFCD68F9
Validity
Not Before: Aug 1 05:04:51 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64c89273-b0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a4:2a:ab:f3:2b:c3:f8:ba:b0:0c:92:19:dd:
78:13:6d:be:36:06:6a:01:87:75:7f:41:12:0c:58:
0a:f4:9f:42:da:17:f8:57:0f:bc:97:9d:e1:4a:1d:
9b:73:48:0f:ae:57:23:18:01:cc:1c:9d:d0:02:79:
6f:1e:22:ae:f4:1b:07:b2:2a:bd:4d:13:a0:ef:d9:
4c:20:41:f3:18:c6:96:a1:2e:27:89:ed:31:0a:9f:
ef:40:d8:eb:53:9b:65:54:e8:e8:08:0d:ad:fa:ac:
80:9d:b3:a7:39:45:2a:e1:6e:c4:1e:34:5a:cf:07:
f1:c1:d7:42:b8:80:de:73:ff:14:0a:9f:28:c9:03:
39:9d:78:49:f4:84:20:62:b7:f9:2e:66:76:b1:b7:
b7:08:d3:97:e8:b1:61:bd:fa:c2:d0:c6:7a:11:cc:
86:a4:b5:46:2e:1d:49:39:64:94:4b:77:73:e3:eb:
06:a9:6a:eb:22:b7:b3:5d:31:24:0a:89:ab:a2:3b:
50:e0:6c:5c:a4:27:59:2e:65:22:9b:3c:0f:0c:7a:
c5:60:12:6d:b0:24:1b:34:91:c7:a6:3f:b5:9b:81:
75:aa:60:dd:8a:1e:90:c2:f8:51:5b:94:e1:86:7f:
c7:07:61:0e:b5:76:75:33:67:bc:22:af:bc:47:be:
d9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AD:69:C3:BD:E4:7A:00:34:54:23:E0:57:BE:67:4D:C0:13:B0:6B
X509v3 Authority Key Identifier:
keyid:95:07:F1:1D:13:63:AC:5B:39:2F:36:F5:EF:38:22:C5:CF:CD:68:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQfxHRNjrFs5Lzb17zgixc_NaPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/4F0AE028A25C11ED8054E085C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.194.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:9b:a6:33:b5:a6:a8:f1:4a:ee:c2:39:fa:93:94:47:38:df:
6a:ef:5a:c1:07:34:81:37:81:25:f6:ff:b1:13:55:89:80:d2:
22:0c:98:8b:85:bb:cb:3c:ca:e5:7f:25:c0:79:2a:96:34:c9:
ca:9d:d9:ef:26:13:ed:50:e3:56:4b:13:3e:4e:57:0f:84:43:
96:da:91:9c:44:c5:01:6c:21:d2:57:77:ed:51:72:2f:87:a8:
74:d5:70:56:86:3d:77:21:83:d5:5a:86:c7:fe:26:21:5e:99:
65:fe:45:b3:39:e7:bf:65:00:cc:2f:41:e5:b8:f3:81:c9:2a:
63:04:62:35:42:15:67:26:cd:00:cd:d8:c0:8d:81:12:12:1b:
53:19:48:41:a0:c3:c0:9c:6f:56:9d:4f:c3:2f:1f:1d:49:2a:
fb:7c:f3:93:3f:d9:74:86:89:9a:da:ea:46:e6:93:aa:b3:d1:
27:a8:fb:f5:de:9a:a1:d5:22:99:24:29:66:a2:e5:f1:51:99:
17:78:8e:54:30:2b:5b:77:95:6c:e6:e6:57:76:a9:6b:ca:31:
87:39:c4:0f:3e:17:30:34:d1:6d:97:58:1c:49:a5:2e:74:c9:
f2:65:af:04:f0:0d:ee:ab:c4:a9:e4:7a:cb:49:61:71:c2:ce:
aa:ce:f9:7f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBezANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RThBQzExMC8GA1UEBRMoOTUwN0YxMUQxMzYzQUM1QjM5MkYzNkY1RUYzODIyQzVD
RkNENjhGOTAeFw0yMzA4MDEwNTA0NTFaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0Yzg5MjczLWIwYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJpCqr8yvD+LqwDJIZ3XgTbb42BmoBh3V/QRIMWAr0n0LaF/hXD7yXneFKHZtz
SA+uVyMYAcwcndACeW8eIq70GweyKr1NE6Dv2UwgQfMYxpahLieJ7TEKn+9A2OtT
m2VU6OgIDa36rICds6c5RSrhbsQeNFrPB/HB10K4gN5z/xQKnyjJAzmdeEn0hCBi
t/kuZnaxt7cI05fosWG9+sLQxnoRzIaktUYuHUk5ZJRLd3Pj6wapausit7NdMSQK
iauiO1DgbFykJ1kuZSKbPA8MesVgEm2wJBs0kcemP7WbgXWqYN2KHpDC+FFblOGG
f8cHYQ61dnUzZ7wir7xHvtmlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUlq1pw73k
egA0VCPgV75nTcATsGswHwYDVR0jBBgwFoAUlQfxHRNjrFs5Lzb17zgixc/NaPkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFOEFDLzUwMzhFQzhDN0RF
QjExRURBN0NBNEE3RUM0RjlBRTAyL2xRZnhIUk5qckZzNUx6YjE3emdpeGNfTmFQ
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbFFmeEhSTmpyRnM1THpiMTd6Z2l4Y19OYVBrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RThBQy81MDM4RUM4QzdERUIxMUVEQTdDQTRBN0VDNEY5QUUwMi80RjBBRTAyOEEy
NUMxMUVEODA1NEUwODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe9wjANBgkqhkiG9w0BAQsFAAOCAQEAsZumM7WmqPFK7sI5
+pOURzjfau9awQc0gTeBJfb/sRNViYDSIgyYi4W7yzzK5X8lwHkqljTJyp3Z7yYT
7VDjVksTPk5XD4RDltqRnETFAWwh0ld37VFyL4eodNVwVoY9dyGD1VqGx/4mIV6Z
Zf5Fsznnv2UAzC9B5bjzgckqYwRiNUIVZybNAM3YwI2BEhIbUxlIQaDDwJxvVp1P
wy8fHUkq+3zzkz/ZdIaJmtrqRuaTqrPRJ6j79d6aodUimSQpZqLl8VGZF3iOVDAr
W3eVbObmV3apa8oxhznEDz4XMDTRbZdYHEmlLnTJ8mWvBPAN7qvEqeR6y0lhccLO
qs75fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org