Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/6C88B24C7DEF11EDA55F5984C4F9AE02.roa
File: 6C88B24C7DEF11EDA55F5984C4F9AE02.roa (raw, json)
Hash identifier: RgodX3VY4XMRShY6IXlTpwRIxU+wrUyjL6lj1B3CfwM=
Subject key identifier: 4E:7D:54:81:71:49:3D:96:6C:02:23:54:C7:82:E0:C2:01:6E:01:9C
Certificate issuer: /CN=A91EE8AC/serialNumber=9507F11D1363AC5B392F36F5EF3822C5CFCD68F9
Certificate serial: 02
Authority key identifier: 95:07:F1:1D:13:63:AC:5B:39:2F:36:F5:EF:38:22:C5:CF:CD:68:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQfxHRNjrFs5Lzb17zgixc_NaPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/6C88B24C7DEF11EDA55F5984C4F9AE02.roa
Signing time: Sat 17 Dec 2022 09:44:39 +0000
ROA not before: Sat 17 Dec 2022 09:44:39 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 140607
IP address blocks: 103.189.194.0/24 maxlen: 24
103.189.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE8AC/serialNumber=9507F11D1363AC5B392F36F5EF3822C5CFCD68F9
Validity
Not Before: Dec 17 09:44:39 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=639d8f87-e53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ab:eb:b5:5d:49:44:cb:c0:5b:8d:5c:c8:f6:
b1:ab:9a:ef:55:5d:47:d2:8f:7d:a0:49:d5:fb:3a:
38:09:29:e7:32:1f:57:52:1e:4a:cb:c5:0a:31:31:
2f:52:9f:ad:bb:6c:c0:89:90:36:79:8e:16:92:2c:
e2:84:12:7f:c2:33:44:19:a3:6d:3a:f7:75:6f:34:
53:28:4a:5c:b2:23:85:57:7f:03:c4:8b:9f:18:da:
29:e0:03:07:60:31:13:48:52:e7:5d:0b:97:3d:da:
2d:db:d2:33:ff:92:9f:03:08:c3:f9:a1:a9:98:25:
5d:d1:2c:e9:46:f6:6d:a8:4d:89:01:13:7b:0d:b6:
6b:ba:e2:45:63:b0:cf:c9:3f:c8:58:e7:e3:9c:4e:
72:f8:aa:f0:dc:66:16:8d:e2:ce:34:f2:c1:8f:09:
a7:0e:e3:66:3f:36:dd:f3:7b:f0:0b:c9:ec:6c:1c:
e9:89:90:f2:8a:d9:d1:d5:f3:62:87:9c:77:d5:7f:
fb:86:47:5d:7e:d0:39:24:98:fe:89:0c:4f:ea:6c:
d2:0a:28:f3:84:e0:d1:20:37:b7:7c:12:90:ab:04:
76:7b:86:5b:76:1e:b1:39:0a:f2:27:f8:a3:10:ca:
2d:6e:3e:aa:41:bc:76:9c:84:0c:78:8f:95:05:d5:
8e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7D:54:81:71:49:3D:96:6C:02:23:54:C7:82:E0:C2:01:6E:01:9C
X509v3 Authority Key Identifier:
keyid:95:07:F1:1D:13:63:AC:5B:39:2F:36:F5:EF:38:22:C5:CF:CD:68:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/lQfxHRNjrFs5Lzb17zgixc_NaPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQfxHRNjrFs5Lzb17zgixc_NaPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE8AC/5038EC8C7DEB11EDA7CA4A7EC4F9AE02/6C88B24C7DEF11EDA55F5984C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.194.0/23
Signature Algorithm: sha256WithRSAEncryption
66:43:fd:7b:51:03:39:32:71:2c:56:b2:33:b0:64:5b:2b:d7:
59:25:45:21:86:33:cb:34:cd:94:20:34:ed:f8:8d:ae:37:e3:
79:c2:6d:59:49:50:ef:da:c8:65:20:0a:b1:ca:2c:4c:c2:d2:
ca:3e:4a:ab:66:58:16:06:5d:a0:4a:bb:d6:dc:6f:14:32:94:
07:0e:cc:6b:7c:53:68:f2:0c:e1:9d:92:58:93:fe:27:a1:8b:
f5:23:55:f7:a5:d9:c5:5b:b4:61:a9:01:5f:a7:72:1d:59:e8:
17:a2:25:1a:ca:0b:e7:c5:6c:ae:d5:39:75:fe:c8:92:96:34:
7b:78:74:ca:4d:16:85:4f:fc:a9:59:22:49:65:c2:1f:5d:15:
a1:18:c0:19:35:47:6a:e4:bd:49:6f:34:a7:ae:49:40:d9:86:
74:8e:85:5c:02:45:5b:5a:fd:29:8d:e8:df:f9:c8:64:9f:15:
ba:d3:21:4c:7e:c7:7d:f1:b9:75:d7:2c:a0:de:4b:c0:08:48:
20:c3:33:b9:c9:ba:ef:18:36:ff:4c:ff:e2:ba:61:09:ed:f9:
4d:75:64:d1:4e:e5:ef:6d:ae:a3:09:d0:75:b3:da:d3:70:9a:
f8:18:15:1e:e2:ae:4e:3c:61:95:3e:da:41:23:00:3e:da:ae:
fa:f4:3e:df
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RThBQzExMC8GA1UEBRMoOTUwN0YxMUQxMzYzQUM1QjM5MkYzNkY1RUYzODIyQzVD
RkNENjhGOTAeFw0yMjEyMTcwOTQ0MzlaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOWQ4Zjg3LWU1M2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXq+u1XUlEy8BbjVzI9rGrmu9VXUfSj32gSdX7OjgJKecyH1dSHkrLxQoxMS9S
n627bMCJkDZ5jhaSLOKEEn/CM0QZo20693VvNFMoSlyyI4VXfwPEi58Y2ingAwdg
MRNIUuddC5c92i3b0jP/kp8DCMP5oamYJV3RLOlG9m2oTYkBE3sNtmu64kVjsM/J
P8hY5+OcTnL4qvDcZhaN4s408sGPCacO42Y/Nt3ze/ALyexsHOmJkPKK2dHV82KH
nHfVf/uGR11+0DkkmP6JDE/qbNIKKPOE4NEgN7d8EpCrBHZ7hlt2HrE5CvIn+KMQ
yi1uPqpBvHachAx4j5UF1Y7DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUTn1UgXFJ
PZZsAiNUx4LgwgFuAZwwHwYDVR0jBBgwFoAUlQfxHRNjrFs5Lzb17zgixc/NaPkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFOEFDLzUwMzhFQzhDN0RF
QjExRURBN0NBNEE3RUM0RjlBRTAyL2xRZnhIUk5qckZzNUx6YjE3emdpeGNfTmFQ
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbFFmeEhSTmpyRnM1THpiMTd6Z2l4Y19OYVBrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RThBQy81MDM4RUM4QzdERUIxMUVEQTdDQTRBN0VDNEY5QUUwMi82Qzg4QjI0QzdE
RUYxMUVEQTU1RjU5ODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe9wjANBgkqhkiG9w0BAQsFAAOCAQEAZkP9e1EDOTJxLFay
M7BkWyvXWSVFIYYzyzTNlCA07fiNrjfjecJtWUlQ79rIZSAKscosTMLSyj5Kq2ZY
FgZdoEq71txvFDKUBw7Ma3xTaPIM4Z2SWJP+J6GL9SNV96XZxVu0YakBX6dyHVno
F6IlGsoL58VsrtU5df7IkpY0e3h0yk0WhU/8qVkiSWXCH10VoRjAGTVHauS9SW80
p65JQNmGdI6FXAJFW1r9KY3o3/nIZJ8VutMhTH7HffG5ddcsoN5LwAhIIMMzucm6
7xg2/0z/4rphCe35TXVk0U7l722uownQdbPa03Ca+BgVHuKuTjxhlT7aQSMAPtqu
+vQ+3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org