Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/B9AB8C3682CD11EAB1C3805DC4F9AE02.roa
File: B9AB8C3682CD11EAB1C3805DC4F9AE02.roa (raw, json)
Hash identifier: //Nk6fOoms8prx6ZAr59hWHG1W3fBJYJupwKBxXhA+k=
Subject key identifier: E6:7E:7C:9B:23:8C:C2:0F:87:01:C9:30:C7:37:0E:4D:EB:6A:63:11
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 23B7
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/B9AB8C3682CD11EAB1C3805DC4F9AE02.roa
Signing time: Thu 16 Dec 2021 04:32:07 +0000
ROA not before: Thu 16 Dec 2021 04:32:07 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 137386
IP address blocks: 103.254.122.0/24 maxlen: 24
103.254.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9143 (0x23b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Dec 16 04:32:07 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61bac147-efa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f2:19:af:b4:73:17:46:dc:2d:4f:c7:63:04:
11:dd:5b:dc:c2:c2:6a:ab:a1:62:77:6a:f5:89:71:
cf:91:6e:03:4f:f4:45:48:b8:93:1f:87:e7:a4:84:
a1:53:c6:82:8e:39:6f:af:62:d5:74:60:bf:26:2a:
30:1e:8a:3b:db:38:9f:3c:bd:e3:0f:6d:a7:39:0e:
e5:3f:94:82:5e:72:5f:be:96:56:d9:32:95:b9:1c:
8e:16:60:c0:16:e0:f7:ef:d8:bf:af:a0:a8:e3:f6:
b9:50:d6:74:20:4b:3a:9a:c3:51:72:8f:92:be:90:
4e:30:5d:de:f2:64:44:b1:97:38:a2:68:9e:8f:5e:
68:f0:8b:6e:be:9d:92:ea:ac:3f:1e:3b:2b:89:ef:
2c:de:b5:44:32:4f:88:20:3d:8d:9b:2a:55:0f:3c:
f6:b8:95:5c:7c:e7:ec:d2:c3:d5:2a:34:76:41:59:
4f:1d:e9:de:bc:8d:3a:19:1e:f6:b0:7d:c5:80:df:
44:7e:06:74:bf:9e:d4:41:2d:65:31:cb:46:12:df:
34:b8:9a:e6:47:e1:92:b6:84:ce:f3:99:b6:c8:97:
28:78:a9:ed:0d:6a:5f:9f:4e:bb:7e:ac:11:e3:cf:
78:e6:e3:e6:57:f8:6b:63:32:29:9a:99:a2:17:96:
00:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7E:7C:9B:23:8C:C2:0F:87:01:C9:30:C7:37:0E:4D:EB:6A:63:11
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/B9AB8C3682CD11EAB1C3805DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
36:4c:47:78:51:d2:83:07:fa:42:f8:74:5c:35:ec:c5:9c:1c:
c6:b8:d5:4b:50:4e:dd:d4:7d:8b:68:1b:09:8e:93:ef:87:3e:
c6:5a:ad:79:9e:20:11:86:ef:de:b7:23:c1:37:00:4c:35:3c:
55:e2:46:03:9a:c1:f4:78:56:7b:e5:63:bd:d5:55:bb:ad:9e:
28:2d:ba:22:69:fc:ba:ae:d7:ef:b0:9d:aa:10:6f:c6:01:ba:
82:d2:18:29:05:9f:63:18:33:ff:3e:0d:de:c3:71:de:5e:10:
df:3c:a8:f9:db:08:90:05:40:e9:fe:15:b3:db:b4:11:75:37:
00:a8:22:c6:76:de:01:bb:1f:8b:b3:cc:f4:db:87:e6:e8:0f:
b7:d0:08:cc:b8:03:6e:df:52:ea:7b:4c:50:dc:50:5c:3b:22:
c2:5d:c5:c0:97:54:95:99:bb:df:76:7a:19:50:49:7a:cf:c1:
29:7c:96:9d:b1:4f:c8:56:f1:3e:27:49:6f:68:57:a8:7a:73:
f0:c3:05:6b:42:b0:5b:21:c3:d4:4d:40:2b:f1:8e:b7:1b:ac:
9d:8f:27:5a:42:00:44:18:fc:81:9e:2a:e9:03:d6:01:78:59:
92:6f:0f:25:dd:35:35:2d:f3:08:50:99:c8:20:1f:0f:70:db:
54:cf:c0:40
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICI7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjExMjE2MDQzMjA3WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWJhYzE0Ny1lZmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6fIZr7RzF0bcLU/HYwQR3VvcwsJqq6Fid2r1iXHPkW4DT/RFSLiTH4fnpISh
U8aCjjlvr2LVdGC/JiowHoo72zifPL3jD22nOQ7lP5SCXnJfvpZW2TKVuRyOFmDA
FuD379i/r6Co4/a5UNZ0IEs6msNRco+SvpBOMF3e8mREsZc4omiej15o8Ituvp2S
6qw/Hjsrie8s3rVEMk+IID2NmypVDzz2uJVcfOfs0sPVKjR2QVlPHenevI06GR72
sH3FgN9EfgZ0v57UQS1lMctGEt80uJrmR+GStoTO85m2yJcoeKntDWpfn067fqwR
48945uPmV/hrYzIpmpmiF5YAVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOZ+fJsj
jMIPhwHJMMc3Dk3ramMRMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvQjlBQjhDMzY4
MkNEMTFFQUIxQzM4MDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn/nowDQYJKoZIhvcNAQELBQADggEBADZMR3hR0oMH+kL4
dFw17MWcHMa41UtQTt3UfYtoGwmOk++HPsZarXmeIBGG7963I8E3AEw1PFXiRgOa
wfR4VnvlY73VVbutnigtuiJp/Lqu1++wnaoQb8YBuoLSGCkFn2MYM/8+Dd7Dcd5e
EN88qPnbCJAFQOn+FbPbtBF1NwCoIsZ23gG7H4uzzPTbh+boD7fQCMy4A27fUup7
TFDcUFw7IsJdxcCXVJWZu992ehlQSXrPwSl8lp2xT8hW8T4nSW9oV6h6c/DDBWtC
sFshw9RNQCvxjrcbrJ2PJ1pCAEQY/IGeKukD1gF4WZJvDyXdNTUt8whQmcggHw9w
21TPwEA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org