Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/2FBFA05C3E4611ED85097F53C4F9AE02.roa
File: 2FBFA05C3E4611ED85097F53C4F9AE02.roa (raw, json)
Hash identifier: gNdEkwv0J6jsXL2cKmVcWa8bsZFnwzIN84hPjaxn3Oo=
Subject key identifier: 80:46:6B:8D:5A:CE:08:00:85:76:27:11:4D:28:60:71:34:23:41:C5
Certificate issuer: /CN=A91F5266/serialNumber=62D1119F188E3F7C1355F6539E06436DA268FF9D
Certificate serial: 0190
Authority key identifier: 62:D1:11:9F:18:8E:3F:7C:13:55:F6:53:9E:06:43:6D:A2:68:FF:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YtERnxiOP3wTVfZTngZDbaJo_50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/2FBFA05C3E4611ED85097F53C4F9AE02.roa
Signing time: Tue 27 Sep 2022 09:24:29 +0000
ROA not before: Tue 27 Sep 2022 09:24:29 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 142615
IP address blocks: 103.170.230.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400 (0x190)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F5266/serialNumber=62D1119F188E3F7C1355F6539E06436DA268FF9D
Validity
Not Before: Sep 27 09:24:29 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6332c14d-40b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:a8:ee:54:bb:93:e3:ea:2b:9a:54:59:a5:
fd:da:6d:e5:45:cb:9e:5e:fb:ba:af:42:3d:39:7d:
28:50:0c:3a:3e:d5:20:e3:a2:f2:87:6f:e9:bb:77:
40:30:81:bc:aa:81:fa:c3:5c:fb:88:6a:3e:cd:d3:
9b:c1:af:56:43:f9:1b:18:ef:91:c1:13:09:d4:3e:
93:80:60:7b:bd:a8:d6:eb:3a:18:2f:bf:42:27:9c:
34:76:d5:e0:d7:d3:2f:7c:6b:95:1d:ad:b4:29:d6:
55:1a:6a:8c:03:dd:9e:82:88:94:13:28:fe:8f:9e:
9d:7c:3a:a9:2c:84:5c:30:73:47:50:17:be:45:3a:
b5:7a:10:54:b4:29:c5:d6:f9:18:8a:38:65:dc:b2:
6f:09:98:4d:b6:e5:2e:b8:ac:34:ce:fb:6f:2e:9c:
5b:75:aa:51:7f:c6:63:60:22:20:13:69:69:57:2e:
27:48:a6:85:9f:11:e4:6b:ec:20:d3:d8:cd:b3:8f:
2e:8c:11:61:5d:82:d1:f5:05:59:2b:7c:13:ca:b0:
ef:d0:86:4c:e2:71:3a:fb:3f:db:52:0f:1b:70:d5:
ca:96:e9:25:99:83:4e:ff:79:7c:53:f8:71:60:a2:
37:e2:88:cd:da:40:73:a9:5a:bd:d1:b0:6b:98:b1:
2a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:46:6B:8D:5A:CE:08:00:85:76:27:11:4D:28:60:71:34:23:41:C5
X509v3 Authority Key Identifier:
keyid:62:D1:11:9F:18:8E:3F:7C:13:55:F6:53:9E:06:43:6D:A2:68:FF:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/YtERnxiOP3wTVfZTngZDbaJo_50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YtERnxiOP3wTVfZTngZDbaJo_50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5266/27BC50C4A13B11EC8343757EC4F9AE02/2FBFA05C3E4611ED85097F53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.230.0/23
Signature Algorithm: sha256WithRSAEncryption
41:fd:92:7e:29:a9:4d:ba:e5:66:35:2b:27:11:91:26:22:85:
9d:88:a8:3b:97:11:9d:ce:fa:41:6e:99:1d:4b:fc:94:fd:b8:
3e:f1:95:e5:a0:2c:00:03:6c:27:61:a1:13:2b:54:dd:11:37:
a7:e7:d2:06:ce:57:ed:95:66:6c:fe:da:46:7e:90:97:e1:11:
c5:0e:80:40:97:dc:c3:7b:f7:26:ab:2a:b8:33:54:e4:26:0a:
ec:67:e7:59:95:c5:dd:34:a2:3d:26:15:62:c0:ca:3e:e1:a0:
62:48:d8:cc:46:59:74:6b:1d:87:73:4d:f6:cc:00:56:9f:50:
b0:3e:ba:47:c0:71:75:eb:32:04:eb:ad:9e:8a:66:7b:55:69:
9c:6a:f9:41:7c:10:b4:77:21:e0:7b:5e:2b:24:da:a0:ce:3d:
47:41:4f:af:32:8a:aa:4e:1e:72:a8:0f:c3:55:6a:f9:f2:93:
f1:e4:6b:4d:4e:95:6c:27:92:a7:41:3d:0a:ff:a3:bd:c5:c5:
77:b7:e3:4e:00:78:43:9a:57:d9:a8:61:1c:e5:9a:e4:67:36:
3a:b1:a7:30:02:ee:ef:04:a0:4b:05:f4:a0:63:b1:3b:62:cc:
d6:dc:ab:97:5f:eb:5f:c7:fd:e5:e1:0b:6b:a4:ec:50:ad:44:
7c:08:cf:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjUyNjYxMTAvBgNVBAUTKDYyRDExMTlGMTg4RTNGN0MxMzU1RjY1MzlFMDY0MzZE
QTI2OEZGOUQwHhcNMjIwOTI3MDkyNDI5WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzMyYzE0ZC00MGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtlWo7lS7k+PqK5pUWaX92m3lRcueXvu6r0I9OX0oUAw6PtUg46Lyh2/pu3dA
MIG8qoH6w1z7iGo+zdObwa9WQ/kbGO+RwRMJ1D6TgGB7vajW6zoYL79CJ5w0dtXg
19MvfGuVHa20KdZVGmqMA92egoiUEyj+j56dfDqpLIRcMHNHUBe+RTq1ehBUtCnF
1vkYijhl3LJvCZhNtuUuuKw0zvtvLpxbdapRf8ZjYCIgE2lpVy4nSKaFnxHka+wg
09jNs48ujBFhXYLR9QVZK3wTyrDv0IZM4nE6+z/bUg8bcNXKluklmYNO/3l8U/hx
YKI34ojN2kBzqVq90bBrmLEqmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIBGa41a
zggAhXYnEU0oYHE0I0HFMB8GA1UdIwQYMBaAFGLREZ8Yjj98E1X2U54GQ22iaP+d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTI2Ni8yN0JDNTBDNEEx
M0IxMUVDODM0Mzc1N0VDNEY5QUUwMi9ZdEVSbnhpT1Azd1RWZlpUbmdaRGJhSm9f
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1l0RVJueGlPUDN3VFZmWlRuZ1pEYmFKb181MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjUyNjYvMjdCQzUwQzRBMTNCMTFFQzgzNDM3NTdFQzRGOUFFMDIvMkZCRkEwNUMz
RTQ2MTFFRDg1MDk3RjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnquYwDQYJKoZIhvcNAQELBQADggEBAEH9kn4pqU265WY1
KycRkSYihZ2IqDuXEZ3O+kFumR1L/JT9uD7xleWgLAADbCdhoRMrVN0RN6fn0gbO
V+2VZmz+2kZ+kJfhEcUOgECX3MN79yarKrgzVOQmCuxn51mVxd00oj0mFWLAyj7h
oGJI2MxGWXRrHYdzTfbMAFafULA+ukfAcXXrMgTrrZ6KZntVaZxq+UF8ELR3IeB7
Xisk2qDOPUdBT68yiqpOHnKoD8NVavnyk/Hka01OlWwnkqdBPQr/o73FxXe3404A
eEOaV9moYRzlmuRnNjqxpzAC7u8EoEsF9KBjsTtizNbcq5df61/H/eXhC2uk7FCt
RHwIz/s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org