Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA8E8/9039783010D911ED80B80D29C4F9AE02/02AA8C5613FA11ED88BBC427C4F9AE02.roa
File: 02AA8C5613FA11ED88BBC427C4F9AE02.roa (raw, json)
Hash identifier: 6etr7JhJbMwUSNLivjqSV2+SCiuy6qI6r9EqPX4Zt7s=
Subject key identifier: E8:B1:5F:A7:8D:EA:AF:D7:0B:B7:0A:E7:32:17:4E:39:74:F9:63:AD
Certificate issuer: /CN=A91FA8E8/serialNumber=8DA19FCE0EFAE022BBA8F8E0C1237BEDBEBE3EF3
Certificate serial: 0B
Authority key identifier: 8D:A1:9F:CE:0E:FA:E0:22:BB:A8:F8:E0:C1:23:7B:ED:BE:BE:3E:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jaGfzg764CK7qPjgwSN77b6-PvM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FA8E8/9039783010D911ED80B80D29C4F9AE02/02AA8C5613FA11ED88BBC427C4F9AE02.roa
Signing time: Thu 04 Aug 2022 13:33:23 +0000
ROA not before: Thu 04 Aug 2022 13:33:23 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 146998
IP address blocks: 103.154.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FA8E8/serialNumber=8DA19FCE0EFAE022BBA8F8E0C1237BEDBEBE3EF3
Validity
Not Before: Aug 4 13:33:23 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=62ebcaa2-529e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:5e:80:78:4e:68:a8:89:41:3a:59:c2:df:
2c:8f:f6:cf:df:3d:0b:2e:12:0c:ba:c6:3e:2e:67:
ee:13:ee:0c:ea:24:88:1c:78:83:a3:42:61:09:84:
8e:94:c7:e7:0d:47:bf:62:43:65:52:f4:49:a7:08:
c5:7c:69:18:50:4a:07:3d:52:2c:92:30:5f:03:1d:
44:e3:dc:08:b2:2e:0e:a2:52:7c:f0:44:46:b6:1f:
8b:e4:fd:b4:82:98:2a:4e:60:8a:0d:60:ce:13:f2:
95:25:32:b2:c0:18:f6:6c:05:88:27:29:11:72:a0:
9c:14:31:dc:30:3e:a7:26:42:51:32:0a:ec:0d:19:
f0:1e:b9:8a:a1:c7:c6:a5:50:32:71:d7:d5:b5:df:
79:14:43:43:14:7f:17:64:1f:7a:71:28:93:f7:70:
ec:68:19:4f:4c:fd:13:7c:53:09:58:3f:fc:c7:4f:
19:c9:3f:35:ed:fb:45:fa:36:c5:19:4e:e6:44:bd:
56:9f:83:84:c6:3b:16:e9:1f:17:bd:b0:f1:28:43:
ee:80:64:c1:54:23:1d:b9:b7:b7:ee:a6:b4:d2:ac:
de:ed:5d:e8:2b:b5:e8:5b:4f:fa:c8:33:07:36:e0:
64:c6:fc:55:64:5f:e2:99:e2:4e:eb:14:4a:ea:f9:
e1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B1:5F:A7:8D:EA:AF:D7:0B:B7:0A:E7:32:17:4E:39:74:F9:63:AD
X509v3 Authority Key Identifier:
keyid:8D:A1:9F:CE:0E:FA:E0:22:BB:A8:F8:E0:C1:23:7B:ED:BE:BE:3E:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FA8E8/9039783010D911ED80B80D29C4F9AE02/jaGfzg764CK7qPjgwSN77b6-PvM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jaGfzg764CK7qPjgwSN77b6-PvM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA8E8/9039783010D911ED80B80D29C4F9AE02/02AA8C5613FA11ED88BBC427C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.154.65.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:e6:2d:aa:f2:ea:db:e4:d2:7f:e5:b7:52:7c:6a:52:b2:e8:
50:46:56:1a:40:e4:ba:85:86:75:ac:66:bc:7a:16:b5:17:54:
73:65:03:75:ca:72:b8:4b:f7:3e:c7:9a:13:c8:c5:65:b8:07:
3a:d1:04:23:3d:36:3f:f3:af:22:7c:f7:85:a0:5f:cc:4b:bc:
16:4d:c5:44:3a:4f:b4:c6:1d:f2:27:c3:6e:24:ba:e9:bd:51:
dc:ba:db:b7:34:77:c6:f1:30:c7:bc:f8:4d:04:5b:4e:d7:60:
bc:67:27:8b:48:bc:19:9a:05:cf:15:2b:8f:3f:9a:81:5b:06:
9f:c1:0b:a4:f7:89:33:d1:25:a0:4f:9b:cb:ec:69:73:67:e1:
6b:df:0c:4d:c5:ea:bf:f4:62:c6:98:29:02:af:f2:1e:8a:97:
c0:d4:fc:bf:7b:07:d9:2a:c3:bd:19:38:aa:ce:15:ec:c5:3f:
22:42:b4:d0:e8:3b:f4:ee:22:50:fe:d1:ad:68:34:0d:63:db:
22:2f:b0:4f:fb:82:2c:a1:f8:bb:ae:d9:0e:a9:26:5d:d6:ef:
52:23:37:82:27:61:1d:8c:6a:46:24:77:af:11:ad:eb:56:75:
05:b6:96:ea:56:8d:ad:86:d5:f8:9a:b6:fe:7b:18:27:d9:e9:
a3:fb:b8:2c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QThFODExMC8GA1UEBRMoOERBMTlGQ0UwRUZBRTAyMkJCQThGOEUwQzEyMzdCRURC
RUJFM0VGMzAeFw0yMjA4MDQxMzMzMjNaFw0yMjEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZWJjYWEyLTUyOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0yV6AeE5oqIlBOlnC3yyP9s/fPQsuEgy6xj4uZ+4T7gzqJIgceIOjQmEJhI6U
x+cNR79iQ2VS9EmnCMV8aRhQSgc9UiySMF8DHUTj3AiyLg6iUnzwREa2H4vk/bSC
mCpOYIoNYM4T8pUlMrLAGPZsBYgnKRFyoJwUMdwwPqcmQlEyCuwNGfAeuYqhx8al
UDJx19W133kUQ0MUfxdkH3pxKJP3cOxoGU9M/RN8UwlYP/zHTxnJPzXt+0X6NsUZ
TuZEvVafg4TGOxbpHxe9sPEoQ+6AZMFUIx25t7fuprTSrN7tXegrtehbT/rIMwc2
4GTG/FVkX+KZ4k7rFErq+eEDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU6LFfp43q
r9cLtwrnMhdOOXT5Y60wHwYDVR0jBBgwFoAUjaGfzg764CK7qPjgwSN77b6+PvMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBOEU4LzkwMzk3ODMwMTBE
OTExRUQ4MEI4MEQyOUM0RjlBRTAyL2phR2Z6Zzc2NENLN3FQamd3U043N2I2LVB2
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvamFHZnpnNzY0Q0s3cVBqZ3dTTjc3YjYtUHZNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QThFOC85MDM5NzgzMDEwRDkxMUVEODBCODBEMjlDNEY5QUUwMi8wMkFBOEM1NjEz
RkExMUVEODhCQkM0MjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGeaQTANBgkqhkiG9w0BAQsFAAOCAQEAi+YtqvLq2+TSf+W3
UnxqUrLoUEZWGkDkuoWGdaxmvHoWtRdUc2UDdcpyuEv3PseaE8jFZbgHOtEEIz02
P/OvInz3haBfzEu8Fk3FRDpPtMYd8ifDbiS66b1R3LrbtzR3xvEwx7z4TQRbTtdg
vGcni0i8GZoFzxUrjz+agVsGn8ELpPeJM9EloE+by+xpc2fha98MTcXqv/Rixpgp
Aq/yHoqXwNT8v3sH2SrDvRk4qs4V7MU/IkK00Og79O4iUP7RrWg0DWPbIi+wT/uC
LKH4u67ZDqkmXdbvUiM3gidhHYxqRiR3rxGt61Z1BbaW6laNrYbV+Jq2/nsYJ9np
o/u4LA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-ams.rpki-client.org