Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/66F8B5C42F6711ED9AB61626C4F9AE02.roa
File: 66F8B5C42F6711ED9AB61626C4F9AE02.roa (raw, json)
Hash identifier: UBJPoMDsDvm0uU5xBzcX9qs2bas4wFhjoSoDSZoA/OU=
Subject key identifier: 37:20:8C:73:8D:36:C2:F3:35:31:60:2A:8D:9C:2A:51:F0:1D:66:5F
Certificate issuer: /CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Certificate serial: 12CE
Authority key identifier: 12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/66F8B5C42F6711ED9AB61626C4F9AE02.roa
Signing time: Fri 09 Sep 2022 12:14:22 +0000
ROA not before: Fri 09 Sep 2022 12:14:22 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 397702
IP address blocks: 103.114.191.0/24 maxlen: 24
2402:d240:1776::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4814 (0x12ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Validity
Not Before: Sep 9 12:14:22 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=631b2e1d-3bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:56:f8:8f:ff:5d:08:df:04:75:51:93:ee:ac:
68:02:69:ba:e5:ee:71:65:7c:06:e5:5e:18:bf:96:
1d:79:8a:7e:f3:72:5f:95:a0:af:ca:aa:74:67:b5:
2f:0d:a9:bf:6b:fb:67:76:f6:e0:8c:0e:88:09:15:
cf:5f:bc:b0:47:f3:58:9f:15:5d:f5:5c:ee:a6:fc:
30:37:62:a9:41:fa:fb:9b:dc:10:fa:54:96:be:f7:
79:68:63:88:53:9c:28:d6:5f:27:a5:17:83:ee:eb:
6b:d1:48:17:68:71:0a:14:df:75:28:20:cc:aa:54:
78:c1:cb:df:ae:6a:5a:50:23:dd:01:af:aa:6e:2f:
43:33:e3:00:04:76:b8:be:86:62:62:b7:f3:65:b0:
7b:17:88:ac:0d:49:87:73:18:8f:0f:7b:98:9b:14:
26:fc:c2:74:23:d6:1e:c2:f5:07:36:ed:3c:0e:27:
1b:41:7f:27:36:e9:ec:1e:6c:b1:1e:81:6f:4c:0d:
85:6b:91:54:23:bc:13:e3:26:2a:16:a0:f3:5a:60:
9d:b5:19:84:6f:a6:77:e8:f3:ae:a9:fe:68:7d:75:
4d:8c:24:99:01:ef:bc:5b:fb:f9:6a:57:d3:a9:e5:
ea:f6:b4:41:c9:8a:ca:dd:aa:bf:7e:6b:67:1c:58:
21:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:20:8C:73:8D:36:C2:F3:35:31:60:2A:8D:9C:2A:51:F0:1D:66:5F
X509v3 Authority Key Identifier:
keyid:12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/EuqCrgqUMQmx9PNJhOnDbUxtVx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/66F8B5C42F6711ED9AB61626C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.191.0/24
IPv6:
2402:d240:1776::/48
Signature Algorithm: sha256WithRSAEncryption
bd:75:30:0f:e5:91:bc:94:0f:45:43:e2:76:2c:6f:1d:20:e0:
1f:43:cf:44:d7:1f:ce:ea:7d:f5:e0:df:97:cb:d1:e6:3a:3a:
cb:96:88:54:48:9c:21:a8:d6:74:d2:99:05:77:44:3d:60:15:
93:f6:a8:67:3f:8b:30:6d:74:22:ec:f1:d3:eb:cc:71:5f:53:
f2:ea:1f:a5:e8:39:56:b6:d2:1f:22:e5:7c:08:6c:6f:09:74:
d9:7e:b6:64:0d:a7:88:1d:47:36:ed:25:2a:3c:d1:25:1a:91:
15:aa:76:b6:c3:fe:40:6e:ac:54:94:01:99:15:ba:b8:df:63:
cc:2a:56:b6:ab:8a:ed:4f:3d:28:7d:25:f4:35:ab:89:42:bd:
5b:b5:d0:e9:89:c7:ab:c3:ea:6e:0a:91:fe:23:27:db:a0:c6:
60:88:fb:fa:4a:70:86:b4:47:0b:67:8b:61:a3:e7:e5:e6:f3:
6c:bf:b7:08:19:6e:8e:32:36:e9:26:bb:45:fc:e0:e9:08:63:
6a:0a:e8:6a:89:29:8d:df:71:15:3f:a4:0e:8a:94:78:7d:97:
35:67:18:fb:00:1e:b1:f8:63:e3:34:00:28:67:45:de:91:78:
3b:1d:ab:6b:2c:7b:0a:5d:f9:f9:bb:29:e9:f6:a7:47:50:68:
19:db:4f:c0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICEs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjU5RkMxMTAvBgNVBAUTKDEyRUE4MkFFMEE5NDMxMDlCMUY0RjM0OTg0RTlDMzZE
NEM2RDU3MUYwHhcNMjIwOTA5MTIxNDIyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzFiMmUxZC0zYmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwFb4j/9dCN8EdVGT7qxoAmm65e5xZXwG5V4Yv5YdeYp+83JflaCvyqp0Z7Uv
Dam/a/tndvbgjA6ICRXPX7ywR/NYnxVd9VzupvwwN2KpQfr7m9wQ+lSWvvd5aGOI
U5wo1l8npReD7utr0UgXaHEKFN91KCDMqlR4wcvfrmpaUCPdAa+qbi9DM+MABHa4
voZiYrfzZbB7F4isDUmHcxiPD3uYmxQm/MJ0I9YewvUHNu08DicbQX8nNunsHmyx
HoFvTA2Fa5FUI7wT4yYqFqDzWmCdtRmEb6Z36POuqf5ofXVNjCSZAe+8W/v5alfT
qeXq9rRByYrK3aq/fmtnHFghiQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDcgjHON
NsLzNTFgKo2cKlHwHWZfMB8GA1UdIwQYMBaAFBLqgq4KlDEJsfTzSYTpw21MbVcf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTlGQy84MTA0NUUzQTU2
NjAxMUU4QkYzRkQ1MjdDNEY5QUUwMi9FdXFDcmdxVU1RbXg5UE5KaE9uRGJVeHRW
eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V1cUNyZ3FVTVFteDlQTkpoT25EYlV4dFZ4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjU5RkMvODEwNDVFM0E1NjYwMTFFOEJGM0ZENTI3QzRGOUFFMDIvNjZGOEI1QzQy
RjY3MTFFRDlBQjYxNjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABncr8wDwQCAAIwCQMHACQC0kAXdjANBgkqhkiG9w0BAQsF
AAOCAQEAvXUwD+WRvJQPRUPidixvHSDgH0PPRNcfzup99eDfl8vR5jo6y5aIVEic
IajWdNKZBXdEPWAVk/aoZz+LMG10Iuzx0+vMcV9T8uofpeg5VrbSHyLlfAhsbwl0
2X62ZA2niB1HNu0lKjzRJRqRFap2tsP+QG6sVJQBmRW6uN9jzCpWtquK7U89KH0l
9DWriUK9W7XQ6YnHq8PqbgqR/iMn26DGYIj7+kpwhrRHC2eLYaPn5ebzbL+3CBlu
jjI26Sa7Rfzg6Qhjagroaokpjd9xFT+kDoqUeH2XNWcY+wAesfhj4zQAKGdF3pF4
Ox2rayx7Cl35+bsp6fanR1BoGdtPwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org