Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/2DB21FD22D1111EE9D63BE10C4F9AE02.roa
File: 2DB21FD22D1111EE9D63BE10C4F9AE02.roa (raw, json)
Hash identifier: UhiBkJ7tGs3Y3kdoU06Q/FpfhdaE/zxPyxSjl6pl7y4=
Subject key identifier: DB:83:98:79:F9:C1:3A:92:16:CF:28:0A:9C:1E:07:1F:A2:AD:72:53
Certificate issuer: /CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Certificate serial: 1D
Authority key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/2DB21FD22D1111EE9D63BE10C4F9AE02.roa
Signing time: Fri 28 Jul 2023 06:37:10 +0000
ROA not before: Fri 28 Jul 2023 06:37:10 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 211256
IP address blocks: 103.83.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Validity
Not Before: Jul 28 06:37:10 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64c36216-28d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:69:a7:0c:0f:00:b7:33:15:2e:c3:3a:67:
3b:2a:15:ae:6d:76:bd:ec:7c:e8:75:1a:28:14:db:
95:f0:6b:90:e1:ac:ce:31:20:39:7e:36:fe:91:8e:
bc:be:38:16:38:dc:c4:c7:66:10:d6:98:5f:b9:cd:
22:b3:74:1d:61:1d:83:35:2b:39:4c:19:c7:de:42:
4c:68:ad:20:3e:b4:bf:01:68:cf:87:c0:ce:22:24:
1e:d5:0a:e1:0c:2e:2a:2c:c6:98:82:03:ab:8e:98:
92:33:f5:65:c9:e3:13:62:27:e8:62:6d:64:dc:69:
e1:17:41:af:5e:9d:0f:5c:3d:81:2e:f4:19:84:2b:
21:d5:79:da:78:68:1e:c8:9e:e5:10:75:be:c6:34:
a0:23:fd:9d:7c:f7:a5:5b:c6:5d:86:7c:e2:18:2d:
a6:dc:0c:17:0c:05:ce:d3:cb:a9:11:8c:b6:00:69:
a1:07:e7:70:bc:34:8f:c9:f8:06:fa:09:95:ce:ee:
54:ef:f3:da:57:bc:40:f7:e2:b4:64:53:f1:46:3a:
1c:95:5f:c7:c2:31:99:08:4a:ae:b5:a3:18:bc:86:
21:c3:66:26:7a:0f:46:79:b8:ea:fb:9a:7b:e7:c1:
4e:05:55:24:11:12:5a:68:34:bd:f6:97:d6:c3:af:
50:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:83:98:79:F9:C1:3A:92:16:CF:28:0A:9C:1E:07:1F:A2:AD:72:53
X509v3 Authority Key Identifier:
keyid:A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/2DB21FD22D1111EE9D63BE10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.40.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:49:24:ad:01:4f:a9:24:d3:aa:e2:73:c0:42:71:9f:d5:99:
74:5a:fd:ff:bc:25:e0:7e:26:b7:a8:58:8b:e7:59:32:40:1b:
01:e6:47:3d:b6:61:47:ad:5c:c9:28:6d:16:4b:c0:94:c4:6d:
cc:de:4e:f7:ce:86:5a:ba:c0:3a:c6:3a:dc:37:a0:be:fa:d1:
71:a5:96:0c:e7:34:4e:6e:07:79:9c:55:b6:29:ec:5d:c1:d6:
ca:46:53:4f:b1:93:f1:de:1d:3e:3b:b9:14:36:19:55:eb:95:
c9:7e:c6:da:66:67:b7:93:cb:ec:ed:fd:e8:a4:e8:9d:d8:fd:
e4:c7:c9:8d:14:4f:b3:d2:4e:92:44:1a:82:17:4d:fd:a7:fd:
53:38:9d:5a:46:6c:8b:0f:a1:fe:87:b6:81:84:82:d7:71:0e:
a9:5b:87:e8:44:55:b1:44:4a:e2:71:c8:f8:ec:5f:28:08:79:
30:8f:ff:0b:f2:a3:ba:d3:aa:e7:10:fc:1a:1a:7d:6a:96:b7:
af:7d:6f:dc:0e:7a:62:77:b1:36:60:c8:3e:cc:f7:4e:af:93:
60:eb:58:a3:ce:61:ac:65:8a:4d:db:5a:95:dc:41:9a:05:38:
c9:30:cd:79:1c:e1:0e:96:f0:34:23:3b:2c:af:ec:fd:03:22:
58:ba:7a:4b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QUE5MTExMC8GA1UEBRMoQTBDODBDRUUwNjNDOUNDODJDRENCMEJDNzQ1QzRGRTQ2
REQwMjY1NzAeFw0yMzA3MjgwNjM3MTBaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YzM2MjE2LTI4ZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1XWmnDA8AtzMVLsM6ZzsqFa5tdr3sfOh1GigU25Xwa5DhrM4xIDl+Nv6Rjry+
OBY43MTHZhDWmF+5zSKzdB1hHYM1KzlMGcfeQkxorSA+tL8BaM+HwM4iJB7VCuEM
LiosxpiCA6uOmJIz9WXJ4xNiJ+hibWTcaeEXQa9enQ9cPYEu9BmEKyHVedp4aB7I
nuUQdb7GNKAj/Z1896Vbxl2GfOIYLabcDBcMBc7Ty6kRjLYAaaEH53C8NI/J+Ab6
CZXO7lTv89pXvED34rRkU/FGOhyVX8fCMZkISq61oxi8hiHDZiZ6D0Z5uOr7mnvn
wU4FVSQRElpoNL32l9bDr1AJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU24OYefnB
OpIWzygKnB4HH6KtclMwHwYDVR0jBBgwFoAUoMgM7gY8nMgs3LC8dFxP5G3QJlcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBQTkxLzk0MjBEMjEwMEE1
QTExRUVBM0Y1QjQ0MUM0RjlBRTAyL29NZ003Z1k4bk1nczNMQzhkRnhQNUczUUps
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb01nTTdnWThuTWdzM0xDOGRGeFA1RzNRSmxjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi8yREIyMUZEMjJE
MTExMUVFOUQ2M0JFMTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdTKDANBgkqhkiG9w0BAQsFAAOCAQEAuUkkrQFPqSTTquJz
wEJxn9WZdFr9/7wl4H4mt6hYi+dZMkAbAeZHPbZhR61cyShtFkvAlMRtzN5O986G
WrrAOsY63DegvvrRcaWWDOc0Tm4HeZxVtinsXcHWykZTT7GT8d4dPju5FDYZVeuV
yX7G2mZnt5PL7O396KTondj95MfJjRRPs9JOkkQaghdN/af9UzidWkZsiw+h/oe2
gYSC13EOqVuH6ERVsURK4nHI+OxfKAh5MI//C/KjutOq5xD8Ghp9apa3r31v3A56
YnexNmDIPsz3Tq+TYOtYo85hrGWKTdtaldxBmgU4yTDNeRzhDpbwNCM7LK/s/QMi
WLp6Sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org