Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/85CCBD5CD25411ED922D7209C4F9AE02.roa
File: 85CCBD5CD25411ED922D7209C4F9AE02.roa (raw, json)
Hash identifier: txCUhUqvwNEpF13yKpy4S0wfrIVbMepQbLKv9TJbDnI=
Subject key identifier: 81:A7:BB:79:D0:A6:1B:77:11:77:55:91:B5:69:45:D0:1D:0B:6F:71
Certificate issuer: /CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188
Certificate serial: 08D7
Authority key identifier: AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/85CCBD5CD25411ED922D7209C4F9AE02.roa
Signing time: Mon 03 Apr 2023 19:19:59 +0000
ROA not before: Mon 03 Apr 2023 19:19:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136790
IP address blocks: 103.149.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2263 (0x8d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188
Validity
Not Before: Apr 3 19:19:59 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=642b26de-a4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ca:d8:96:e2:ef:2d:a4:27:da:97:4d:eb:d5:
11:89:69:74:2b:e9:d0:34:09:e5:3e:57:cd:59:98:
d9:dc:af:d2:d6:9a:0e:82:0d:f2:1b:4a:eb:1e:a5:
3f:15:39:70:d0:8a:ba:fd:24:04:e4:cf:31:74:0b:
53:fc:3f:fe:66:be:38:4d:d3:5d:42:a5:df:2d:cd:
8c:7e:59:0c:79:bd:b5:64:c0:2c:52:ee:06:58:d6:
fd:c3:73:ab:0b:7b:3d:5a:f8:27:53:df:d8:4d:5c:
11:7d:7a:6e:bc:69:05:8b:31:b5:36:e0:22:c6:a2:
c2:d5:d5:b8:2d:a2:bb:8c:dd:a3:ea:d4:16:d2:35:
ac:e8:45:c0:14:b0:92:f5:e7:3d:d1:7b:a4:00:ad:
3c:f6:33:e3:d3:e2:94:26:fe:98:d3:59:4a:47:95:
7f:cf:74:50:66:60:74:7d:e6:b8:28:7f:46:df:d6:
b1:a1:5b:95:c9:08:36:b8:85:45:86:71:97:ad:06:
f4:a2:cd:8a:eb:69:36:9e:c5:fe:98:32:af:e5:3e:
2e:59:17:0a:4c:32:e2:af:b3:45:61:32:d5:b7:9a:
a7:e1:15:c1:62:2a:d8:a9:be:fd:4b:35:af:54:a9:
29:30:43:51:6f:d3:9c:9b:88:c9:54:11:3e:a8:db:
af:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A7:BB:79:D0:A6:1B:77:11:77:55:91:B5:69:45:D0:1D:0B:6F:71
X509v3 Authority Key Identifier:
keyid:AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/85CCBD5CD25411ED922D7209C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.33.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:36:24:63:94:5e:58:cc:d1:7c:57:a8:63:5c:ed:a6:9b:f2:
4f:17:4f:22:9b:49:82:1a:f2:0c:c7:a3:b4:6e:42:40:97:81:
cb:62:5b:52:5f:5a:88:0e:c6:3e:93:46:0a:da:59:b7:04:b3:
7a:4a:ef:4d:e0:d0:ce:6b:32:3f:ec:6b:a6:e6:70:af:e6:cb:
e2:f8:3c:a7:57:65:c0:85:99:95:39:f6:cc:0c:36:cd:4e:fa:
3c:2b:44:4d:60:9e:10:1b:7d:08:57:a3:04:b4:af:c3:35:12:
3c:fe:0d:f7:f0:f5:bd:ea:c5:a8:56:5c:70:e1:8f:92:b0:5e:
11:be:1a:da:11:db:e3:f6:0b:12:30:4a:fa:58:fd:cf:83:64:
d9:3e:fa:52:dd:1a:7a:01:18:36:bd:a7:a3:ae:cc:3f:3b:d0:
cf:75:b9:33:4b:39:e7:75:1f:35:b0:d3:ad:ec:be:e5:7b:28:
b2:af:9b:76:26:98:24:37:0e:6d:bd:3c:23:c9:56:fe:04:eb:
e7:c8:63:58:f0:2c:e2:4c:c0:48:27:99:8c:9c:0d:6a:09:5a:
65:f4:da:a6:07:80:46:73:ec:68:83:c8:fd:95:5f:69:36:b8:
7c:93:14:6d:39:26:f0:31:a6:ba:e7:8c:d3:b8:3a:ef:0e:32:
15:49:ce:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZCRkExMTAvBgNVBAUTKEFBNjJDNzlGRTE4NDM5NDEyQzVCMDJDRjRCRUI1NEFC
MkVCQkUxODgwHhcNMjMwNDAzMTkxOTU5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJiMjZkZS1hNGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAycrYluLvLaQn2pdN69URiWl0K+nQNAnlPlfNWZjZ3K/S1poOgg3yG0rrHqU/
FTlw0Iq6/SQE5M8xdAtT/D/+Zr44TdNdQqXfLc2MflkMeb21ZMAsUu4GWNb9w3Or
C3s9WvgnU9/YTVwRfXpuvGkFizG1NuAixqLC1dW4LaK7jN2j6tQW0jWs6EXAFLCS
9ec90XukAK089jPj0+KUJv6Y01lKR5V/z3RQZmB0fea4KH9G39axoVuVyQg2uIVF
hnGXrQb0os2K62k2nsX+mDKv5T4uWRcKTDLir7NFYTLVt5qn4RXBYirYqb79SzWv
VKkpMENRb9Ocm4jJVBE+qNuvwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIGnu3nQ
pht3EXdVkbVpRdAdC29xMB8GA1UdIwQYMBaAFKpix5/hhDlBLFsCz0vrVKsuu+GI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkJGQS80MEQ0QjdFQzY2
MDMxMUVBOTlBRDRGNDZDNEY5QUUwMi9xbUxIbi1HRU9VRXNXd0xQUy10VXF5Njc0
WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FtTEhuLUdFT1VFc1d3TFBTLXRVcXk2NzRZZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZCRkEvNDBENEI3RUM2NjAzMTFFQTk5QUQ0RjQ2QzRGOUFFMDIvODVDQ0JENUNE
MjU0MTFFRDkyMkQ3MjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlSEwDQYJKoZIhvcNAQELBQADggEBAH82JGOUXljM0XxX
qGNc7aab8k8XTyKbSYIa8gzHo7RuQkCXgctiW1JfWogOxj6TRgraWbcEs3pK703g
0M5rMj/sa6bmcK/my+L4PKdXZcCFmZU59swMNs1O+jwrRE1gnhAbfQhXowS0r8M1
Ejz+Dffw9b3qxahWXHDhj5KwXhG+GtoR2+P2CxIwSvpY/c+DZNk++lLdGnoBGDa9
p6OuzD870M91uTNLOed1HzWw063svuV7KLKvm3YmmCQ3Dm29PCPJVv4E6+fIY1jw
LOJMwEgnmYycDWoJWmX02qYHgEZz7GiDyP2VX2k2uHyTFG05JvAxprrnjNO4Ou8O
MhVJznA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org