Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/D22E647A5C2A11ED86B05D2CC4F9AE02.roa
File: D22E647A5C2A11ED86B05D2CC4F9AE02.roa (raw, json)
Hash identifier: SD/aHhHYCvqGkan/QwGvo/4432PIYsKGqOH9jG61qg0=
Subject key identifier: CE:DA:4F:84:DA:44:96:DA:51:50:3B:C1:C2:6A:FE:80:C4:B3:A2:67
Certificate issuer: /CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Certificate serial: 1331
Authority key identifier: 12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/D22E647A5C2A11ED86B05D2CC4F9AE02.roa
Signing time: Fri 04 Nov 2022 10:46:02 +0000
ROA not before: Fri 04 Nov 2022 10:46:02 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 30860
IP address blocks: 103.114.191.0/24 maxlen: 24
2402:d240:1776::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4913 (0x1331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Validity
Not Before: Nov 4 10:46:02 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6364ed6a-67ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6c:b4:a5:e8:3c:9f:21:2c:47:9d:bb:34:5b:
ce:84:0c:9a:b3:15:24:32:ca:84:e9:05:3d:db:73:
60:e6:fb:14:f7:3b:24:52:3f:11:be:66:ee:59:23:
0f:1d:3d:d0:ed:6d:17:4b:54:46:84:8b:08:64:40:
9b:be:94:3b:b4:84:a4:06:80:ee:d1:4a:0a:5f:dc:
40:5f:cb:05:a2:2b:09:5c:3a:a8:a2:40:cb:c3:82:
37:a5:37:61:e0:3b:e6:eb:1c:c7:50:c8:40:d3:96:
45:e1:f8:4e:5c:82:2d:0c:f8:3f:2e:3a:dc:4b:5b:
6f:5a:91:f0:4b:11:51:13:21:ca:2a:76:e9:11:cf:
0e:5c:66:c4:ae:fe:50:eb:75:83:ac:6b:23:72:e7:
b8:93:6d:8d:3b:c3:3f:23:54:12:e0:3c:79:6d:3e:
bb:e1:c5:5c:2d:da:29:68:06:fb:7d:2b:a8:19:8c:
3f:eb:54:28:cc:24:69:57:f7:b5:e7:d4:09:2d:05:
29:88:88:85:4d:d9:48:a5:ef:b3:7a:f4:d4:90:fa:
2f:e1:d1:4b:e6:e3:68:3d:6a:db:5d:08:5b:74:1f:
57:82:3b:5f:58:24:11:d6:75:51:4a:f6:0f:ea:47:
4a:04:aa:7a:0d:f8:21:9d:11:a8:ea:91:f0:2b:67:
39:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:DA:4F:84:DA:44:96:DA:51:50:3B:C1:C2:6A:FE:80:C4:B3:A2:67
X509v3 Authority Key Identifier:
keyid:12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/EuqCrgqUMQmx9PNJhOnDbUxtVx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/D22E647A5C2A11ED86B05D2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.191.0/24
IPv6:
2402:d240:1776::/48
Signature Algorithm: sha256WithRSAEncryption
0a:b7:18:43:7e:c6:91:e1:66:3b:ea:47:b6:5a:b2:f7:93:75:
f1:5c:36:98:8f:66:27:64:18:a1:18:bf:bd:d5:9a:de:c1:5f:
56:43:33:e1:5d:84:e8:b0:c3:9f:61:ba:15:e7:5d:d7:97:c6:
2f:36:be:a8:8e:58:65:ae:d9:4a:ba:06:39:68:76:53:82:c4:
da:8d:61:75:51:a0:a1:3c:3e:96:9a:f8:0b:67:3b:53:b4:e0:
7c:66:ce:32:88:af:24:e2:37:b3:98:25:8f:3c:cf:2f:b7:41:
37:f7:29:e3:b9:1c:7b:92:dd:fb:c2:dd:3c:37:b2:f0:7f:fb:
cf:4b:68:13:05:c0:b2:fc:13:40:11:77:25:87:65:1e:32:4b:
0d:5b:a3:2c:18:ae:af:99:df:06:26:47:f7:28:64:55:7d:57:
0b:31:f5:8d:fd:52:02:c7:6e:f9:5b:c7:72:23:4d:a8:c2:42:
e3:1a:6a:26:1f:19:8a:57:40:42:8f:db:91:1f:84:1d:06:b9:
17:a5:6b:f8:31:11:ba:fd:0d:42:50:cc:73:74:7f:ba:e0:b0:
f8:ab:5d:71:b3:b9:c0:6c:c2:04:5c:91:e7:50:15:fb:d8:7d:
25:8a:92:86:56:56:9b:fe:99:38:3e:eb:27:9a:7e:f6:26:a9:
d9:b6:a5:d9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICEzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjU5RkMxMTAvBgNVBAUTKDEyRUE4MkFFMEE5NDMxMDlCMUY0RjM0OTg0RTlDMzZE
NEM2RDU3MUYwHhcNMjIxMTA0MTA0NjAyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY0ZWQ2YS02N2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Gy0peg8nyEsR527NFvOhAyasxUkMsqE6QU923Ng5vsU9zskUj8RvmbuWSMP
HT3Q7W0XS1RGhIsIZECbvpQ7tISkBoDu0UoKX9xAX8sFoisJXDqookDLw4I3pTdh
4Dvm6xzHUMhA05ZF4fhOXIItDPg/LjrcS1tvWpHwSxFREyHKKnbpEc8OXGbErv5Q
63WDrGsjcue4k22NO8M/I1QS4Dx5bT674cVcLdopaAb7fSuoGYw/61QozCRpV/e1
59QJLQUpiIiFTdlIpe+zevTUkPov4dFL5uNoPWrbXQhbdB9XgjtfWCQR1nVRSvYP
6kdKBKp6DfghnRGo6pHwK2c5DQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFM7aT4Ta
RJbaUVA7wcJq/oDEs6JnMB8GA1UdIwQYMBaAFBLqgq4KlDEJsfTzSYTpw21MbVcf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTlGQy84MTA0NUUzQTU2
NjAxMUU4QkYzRkQ1MjdDNEY5QUUwMi9FdXFDcmdxVU1RbXg5UE5KaE9uRGJVeHRW
eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V1cUNyZ3FVTVFteDlQTkpoT25EYlV4dFZ4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjU5RkMvODEwNDVFM0E1NjYwMTFFOEJGM0ZENTI3QzRGOUFFMDIvRDIyRTY0N0E1
QzJBMTFFRDg2QjA1RDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABncr8wDwQCAAIwCQMHACQC0kAXdjANBgkqhkiG9w0BAQsF
AAOCAQEACrcYQ37GkeFmO+pHtlqy95N18Vw2mI9mJ2QYoRi/vdWa3sFfVkMz4V2E
6LDDn2G6Fedd15fGLza+qI5YZa7ZSroGOWh2U4LE2o1hdVGgoTw+lpr4C2c7U7Tg
fGbOMoivJOI3s5gljzzPL7dBN/cp47kce5Ld+8LdPDey8H/7z0toEwXAsvwTQBF3
JYdlHjJLDVujLBiur5nfBiZH9yhkVX1XCzH1jf1SAsdu+VvHciNNqMJC4xpqJh8Z
ildAQo/bkR+EHQa5F6Vr+DERuv0NQlDMc3R/uuCw+KtdcbO5wGzCBFyR51AV+9h9
JYqShlZWm/6ZOD7rJ5p+9iap2bal2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org