Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/69E25658A76411EDA51FEB53C4F9AE02.roa
File: 69E25658A76411EDA51FEB53C4F9AE02.roa (raw, json)
Hash identifier: hY48eI6+kC508Yt8JJgsWcxrXR8tem0qNKOiZdknV6A=
Subject key identifier: 0A:40:B0:6C:D4:BE:F1:BE:0E:82:73:EF:42:05:E9:B6:84:73:0B:92
Certificate issuer: /CN=A91F0FC6/serialNumber=66E6F6F8FDCE3D954A77E5B0A3E250CC262E5D5D
Certificate serial: 02
Authority key identifier: 66:E6:F6:F8:FD:CE:3D:95:4A:77:E5:B0:A3:E2:50:CC:26:2E:5D:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zub2-P3OPZVKd-Wwo-JQzCYuXV0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/69E25658A76411EDA51FEB53C4F9AE02.roa
Signing time: Wed 08 Feb 2023 03:55:23 +0000
ROA not before: Wed 08 Feb 2023 03:55:23 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 63962
IP address blocks: 103.41.112.0/24 maxlen: 24
103.41.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F0FC6/serialNumber=66E6F6F8FDCE3D954A77E5B0A3E250CC262E5D5D
Validity
Not Before: Feb 8 03:55:23 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63e31d2b-c819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6a:87:e3:d5:7e:0c:32:43:a9:16:75:ef:de:
b2:6a:d6:37:e9:b1:ef:79:50:85:b2:65:bb:cf:a6:
2c:e7:3d:b6:c3:70:2c:5b:65:b2:1e:65:be:2f:32:
73:eb:66:e8:c8:23:88:3e:9a:51:fc:93:74:46:ee:
1b:cb:0b:f3:f4:e7:e9:9f:37:c9:e0:98:6d:62:b5:
ad:72:2a:12:c1:55:9c:4c:e8:2e:29:ef:37:c6:45:
b2:b7:fd:ed:fa:5b:c7:27:ff:c1:95:66:7b:c1:7d:
86:f9:cb:51:28:ba:5d:ee:d8:b5:49:9e:ca:42:7d:
45:a4:fd:30:6e:90:07:f7:95:62:30:f0:84:3a:e1:
d0:8f:79:6b:65:3f:11:81:85:b5:48:40:d0:a2:d7:
78:5d:68:7f:2f:e9:45:1e:3e:7e:e6:de:94:73:90:
23:26:b6:89:05:ad:f2:70:c5:a9:28:81:98:3d:db:
a6:86:07:55:bf:a7:8f:2e:a3:f7:7e:13:2f:cb:ac:
5e:e3:81:74:bf:ac:6e:48:ba:03:65:8e:a5:ad:7e:
66:32:ed:07:e4:82:da:c9:43:c6:ae:34:dd:c8:ea:
b7:c3:d2:dc:42:58:59:cb:a9:b1:8d:84:2d:4d:80:
b1:3c:b3:12:a9:61:29:5e:a6:72:07:44:6c:14:05:
b5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:40:B0:6C:D4:BE:F1:BE:0E:82:73:EF:42:05:E9:B6:84:73:0B:92
X509v3 Authority Key Identifier:
keyid:66:E6:F6:F8:FD:CE:3D:95:4A:77:E5:B0:A3:E2:50:CC:26:2E:5D:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/Zub2-P3OPZVKd-Wwo-JQzCYuXV0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zub2-P3OPZVKd-Wwo-JQzCYuXV0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/69E25658A76411EDA51FEB53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.112.0/23
Signature Algorithm: sha256WithRSAEncryption
63:d1:51:5a:72:79:51:87:d5:9a:64:48:e0:85:5a:f1:1a:db:
70:c4:0c:2d:61:5b:b7:8a:42:e6:ce:a7:f0:ff:36:66:96:75:
e4:75:15:a1:7e:92:7f:77:1c:6e:1e:91:b1:06:db:d5:b6:38:
66:cb:aa:54:ab:3d:ad:40:d6:97:ba:0d:35:89:03:de:07:a3:
3e:db:d4:43:c4:9d:fe:b2:4b:9b:73:4f:e3:06:67:b4:33:79:
bd:9a:4c:54:48:eb:ce:cc:e5:0c:8a:f3:59:70:76:f6:d5:a0:
91:44:39:c8:f8:5e:3e:97:20:9d:0a:b6:59:ef:04:ff:a9:04:
66:94:23:1c:9c:78:d0:a3:96:65:a4:0d:3b:fd:7a:ff:a8:67:
97:27:55:eb:fe:96:95:5c:78:53:e2:27:74:ab:91:bd:28:47:
28:2b:13:44:f5:7f:97:b7:60:09:f2:b8:9c:28:71:bd:82:95:
aa:63:e2:bf:57:a7:06:85:41:18:61:2d:b3:00:c4:a8:d9:27:
4c:7a:72:48:83:dc:61:8a:91:4a:33:69:52:26:34:f2:3d:e5:
7c:80:cb:9a:3a:e7:62:6c:3a:0d:f8:8c:08:f8:dd:6c:cc:f9:
2e:14:e3:30:7b:49:28:0b:1d:0c:bc:3e:2d:21:e8:b3:14:b4:
f6:53:82:61
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MEZDNjExMC8GA1UEBRMoNjZFNkY2RjhGRENFM0Q5NTRBNzdFNUIwQTNFMjUwQ0My
NjJFNUQ1RDAeFw0yMzAyMDgwMzU1MjNaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZTMxZDJiLWM4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLaofj1X4MMkOpFnXv3rJq1jfpse95UIWyZbvPpiznPbbDcCxbZbIeZb4vMnPr
ZujII4g+mlH8k3RG7hvLC/P05+mfN8ngmG1ita1yKhLBVZxM6C4p7zfGRbK3/e36
W8cn/8GVZnvBfYb5y1Eoul3u2LVJnspCfUWk/TBukAf3lWIw8IQ64dCPeWtlPxGB
hbVIQNCi13hdaH8v6UUePn7m3pRzkCMmtokFrfJwxakogZg926aGB1W/p48uo/d+
Ey/LrF7jgXS/rG5IugNljqWtfmYy7QfkgtrJQ8auNN3I6rfD0txCWFnLqbGNhC1N
gLE8sxKpYSlepnIHRGwUBbWFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUCkCwbNS+
8b4OgnPvQgXptoRzC5IwHwYDVR0jBBgwFoAUZub2+P3OPZVKd+Wwo+JQzCYuXV0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwRkM2LzFEOUYzRTA4QTc2
MTExRUQ5ODI0MjI1MkM0RjlBRTAyL1p1YjItUDNPUFpWS2QtV3dvLUpRekNZdVhW
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWnViMi1QM09QWlZLZC1Xd28tSlF6Q1l1WFYwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MEZDNi8xRDlGM0UwOEE3NjExMUVEOTgyNDIyNTJDNEY5QUUwMi82OUUyNTY1OEE3
NjQxMUVEQTUxRkVCNTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcpcDANBgkqhkiG9w0BAQsFAAOCAQEAY9FRWnJ5UYfVmmRI
4IVa8RrbcMQMLWFbt4pC5s6n8P82ZpZ15HUVoX6Sf3ccbh6RsQbb1bY4ZsuqVKs9
rUDWl7oNNYkD3gejPtvUQ8Sd/rJLm3NP4wZntDN5vZpMVEjrzszlDIrzWXB29tWg
kUQ5yPhePpcgnQq2We8E/6kEZpQjHJx40KOWZaQNO/16/6hnlydV6/6WlVx4U+In
dKuRvShHKCsTRPV/l7dgCfK4nChxvYKVqmPiv1enBoVBGGEtswDEqNknTHpySIPc
YYqRSjNpUiY08j3lfIDLmjrnYmw6DfiMCPjdbMz5LhTjMHtJKAsdDLw+LSHosxS0
9lOCYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org