Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/54D748B21C7311EDBF7E320EC4F9AE02.roa
File: 54D748B21C7311EDBF7E320EC4F9AE02.roa (raw, json)
Hash identifier: 2zR28JlCcXxS0vjsAQSGvR+QaSNk9vqlCM8cp59fidk=
Subject key identifier: 4E:5B:18:94:16:F5:02:2F:8C:D0:81:BF:F6:93:B7:E7:93:EC:27:62
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2633
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/54D748B21C7311EDBF7E320EC4F9AE02.roa
Signing time: Tue 20 Dec 2022 16:12:07 +0000
ROA not before: Tue 20 Dec 2022 16:12:07 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 133177
IP address blocks: 103.254.120.0/24 maxlen: 24
103.254.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9779 (0x2633)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Dec 20 16:12:07 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a1ded7-aefc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6e:65:08:64:54:a2:33:d7:cf:60:eb:8c:9d:
2a:a0:30:be:cb:eb:a3:d8:d4:3a:89:45:d4:27:b8:
11:d8:16:a2:fe:48:a5:58:10:cb:a0:ae:c4:98:b2:
b1:17:4b:7e:5d:57:ab:7c:a1:48:af:9f:a8:c9:c3:
06:7b:84:3c:4a:d9:4c:1e:6b:df:20:ed:71:54:a0:
f9:4a:d9:92:0f:2e:20:22:a7:11:56:f8:d4:36:78:
bf:6f:6f:b3:a9:7b:36:4d:02:70:dd:74:fc:f9:bb:
4a:50:29:44:46:7b:23:8d:13:3a:9a:52:4d:7a:04:
6b:ab:62:fc:d8:6b:06:9d:b2:0a:d5:49:40:27:29:
59:31:69:fb:e1:bd:45:8d:e4:39:5f:a4:c4:8e:6c:
33:7a:e3:b6:00:d7:e7:b7:ef:52:fc:6b:37:05:d8:
ab:4d:9e:5c:4e:5c:e8:2e:95:5b:1b:c7:53:fa:ad:
7a:53:87:96:44:67:4c:23:ea:8c:60:1c:7b:c8:78:
ff:e0:32:bf:15:43:02:e5:a6:c1:90:80:a5:7f:80:
9e:d8:29:44:bc:a4:ae:df:25:c3:55:e7:b8:a3:82:
2f:69:60:df:92:f7:db:25:ff:65:98:06:a7:0c:4c:
a9:a8:a0:69:b3:03:f5:f1:09:ed:fd:ef:60:d3:c6:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5B:18:94:16:F5:02:2F:8C:D0:81:BF:F6:93:B7:E7:93:EC:27:62
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/54D748B21C7311EDBF7E320EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.120.0/23
Signature Algorithm: sha256WithRSAEncryption
02:46:94:2c:20:6f:50:dd:9a:22:d9:f8:eb:54:d3:4f:89:78:
53:2a:3a:0f:20:43:ed:10:b3:50:01:7c:ae:cf:d9:8e:7a:ec:
96:49:06:2c:e9:2a:3f:32:00:a0:4b:2f:6b:be:ea:ba:08:25:
90:a9:e9:6e:e3:41:cd:06:10:48:d7:62:d2:88:3b:f5:89:f4:
e3:7f:25:fd:1e:d5:32:9b:da:73:5b:7a:f9:d0:64:76:b6:95:
50:1e:b6:7c:cd:97:d0:63:b4:91:9f:e5:3a:40:65:5f:04:ef:
19:03:4f:64:e8:d0:ac:4e:be:bc:3d:49:ed:0d:5f:8b:c4:4a:
77:b4:e6:fa:76:35:9d:d4:cb:39:10:fe:5d:63:2b:33:f0:72:
dd:59:d2:3d:6f:c8:54:c5:3a:0b:36:7d:6a:73:22:1b:28:88:
b7:a9:5f:7e:10:2b:12:8d:d3:77:4b:e9:f0:c8:06:a7:f4:f3:
7a:cb:a7:40:30:7b:3c:d8:cb:e0:a9:45:c4:24:15:d2:51:5d:
d6:f8:74:d5:e2:dd:2e:c8:be:cd:42:6f:b9:de:27:e8:72:0a:
47:e1:02:c3:ce:9a:c8:6f:c7:2b:8c:fc:d1:32:f4:b2:ec:d9:
44:b2:0e:c8:3d:8c:4e:ec:8a:91:b4:03:aa:fb:7f:e4:f9:38:
70:48:51:04
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjIxMjIwMTYxMjA3WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ExZGVkNy1hZWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt25lCGRUojPXz2DrjJ0qoDC+y+uj2NQ6iUXUJ7gR2Bai/kilWBDLoK7EmLKx
F0t+XVerfKFIr5+oycMGe4Q8StlMHmvfIO1xVKD5StmSDy4gIqcRVvjUNni/b2+z
qXs2TQJw3XT8+btKUClERnsjjRM6mlJNegRrq2L82GsGnbIK1UlAJylZMWn74b1F
jeQ5X6TEjmwzeuO2ANfnt+9S/Gs3BdirTZ5cTlzoLpVbG8dT+q16U4eWRGdMI+qM
YBx7yHj/4DK/FUMC5abBkIClf4Ce2ClEvKSu3yXDVee4o4IvaWDfkvfbJf9lmAan
DEypqKBpswP18Qnt/e9g08asKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE5bGJQW
9QIvjNCBv/aTt+eT7CdiMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvNTRENzQ4QjIx
QzczMTFFREJGN0UzMjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn/ngwDQYJKoZIhvcNAQELBQADggEBAAJGlCwgb1DdmiLZ
+OtU00+JeFMqOg8gQ+0Qs1ABfK7P2Y567JZJBizpKj8yAKBLL2u+6roIJZCp6W7j
Qc0GEEjXYtKIO/WJ9ON/Jf0e1TKb2nNbevnQZHa2lVAetnzNl9BjtJGf5TpAZV8E
7xkDT2To0KxOvrw9Se0NX4vESne05vp2NZ3UyzkQ/l1jKzPwct1Z0j1vyFTFOgs2
fWpzIhsoiLepX34QKxKN03dL6fDIBqf083rLp0AwezzYy+CpRcQkFdJRXdb4dNXi
3S7Ivs1Cb7neJ+hyCkfhAsPOmshvxyuM/NEy9LLs2USyDsg9jE7sipG0A6r7f+T5
OHBIUQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org