Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/A7D6FA9298CA11EE93DFB93EC4F9AE02.roa
File: A7D6FA9298CA11EE93DFB93EC4F9AE02.roa (raw, json)
Hash identifier: XZudt8E9JH/ElKOAWHi4H03B2OIGaugNMvjtw0UvjlA=
Subject key identifier: 29:54:8D:EF:48:E0:D7:29:63:1E:C5:FB:6B:C4:8F:21:0F:5D:AB:DA
Certificate issuer: /CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Certificate serial: 79
Authority key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/A7D6FA9298CA11EE93DFB93EC4F9AE02.roa
Signing time: Tue 12 Dec 2023 08:44:26 +0000
ROA not before: Tue 12 Dec 2023 08:44:26 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 397423
IP address blocks: 103.83.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121 (0x79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Validity
Not Before: Dec 12 08:44:26 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65781d6a-58ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:4d:69:7e:22:ee:d6:99:6f:a6:8d:91:e3:
ce:e6:4f:f7:e6:75:84:f7:76:23:61:bd:33:29:ab:
e6:8f:22:d3:64:00:b9:4f:89:52:2c:3e:60:da:b7:
12:73:23:d5:d6:e5:bc:e5:c0:86:71:51:f0:73:00:
8f:24:3b:86:a7:82:62:62:d2:ef:ad:7c:a2:aa:9f:
13:64:8a:80:29:04:f2:aa:8a:d0:35:1c:31:e9:62:
b3:3f:bb:cb:0d:6a:78:fd:38:65:39:4b:91:02:eb:
d9:ae:f1:92:5d:7f:09:e2:26:67:81:fd:3c:c3:bc:
95:43:d4:33:c3:27:0d:be:ee:3f:b9:26:6c:6c:d7:
74:14:ef:bd:8e:a6:2f:9e:5f:4e:25:93:0a:d1:bf:
a2:b3:aa:1b:73:f3:21:36:41:87:e9:b3:e7:dd:93:
81:19:a2:33:7a:f6:a1:ea:2d:3e:5d:02:13:39:03:
4d:c8:23:5f:1d:82:24:9f:8e:8c:da:3b:b0:a2:1a:
01:b7:43:e8:43:07:5f:1f:58:26:10:13:1b:90:ac:
46:18:02:0e:05:15:00:72:19:f7:cb:c2:4a:82:d6:
78:4b:1d:49:f3:25:01:2d:74:ed:05:d0:e3:bc:20:
58:8e:03:57:91:2f:92:af:6a:23:f1:0e:ad:60:3c:
87:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:54:8D:EF:48:E0:D7:29:63:1E:C5:FB:6B:C4:8F:21:0F:5D:AB:DA
X509v3 Authority Key Identifier:
keyid:A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/A7D6FA9298CA11EE93DFB93EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.42.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:5d:fa:d9:be:64:c7:b6:87:51:79:c9:be:28:09:c5:89:e9:
5c:0f:34:0a:64:4b:86:48:87:1f:95:ab:93:e7:37:a1:e7:48:
b6:b8:54:66:64:0a:2d:e2:65:85:2e:9c:26:12:8e:e5:72:d6:
bf:32:67:3b:84:e5:41:66:32:b3:05:ff:1f:f3:db:fd:a4:47:
b6:e4:13:2b:5b:e0:06:f0:9e:94:d4:61:35:6e:32:cb:cb:83:
95:68:c5:9b:94:a4:09:5c:f2:fb:e9:fd:dc:22:c5:f0:8a:0d:
6e:07:fb:81:1a:73:a9:25:9b:d6:c7:12:30:78:3d:fe:f2:d5:
ae:b6:1a:6e:9a:69:39:d9:dc:84:c6:5a:1c:39:eb:02:c4:ef:
25:55:8e:74:db:74:de:53:24:00:a0:f4:48:32:6b:c1:60:a4:
7c:86:6d:66:1f:3f:69:df:9e:41:0c:4d:0a:97:02:3f:76:18:
d0:44:30:35:d6:6a:bf:3b:61:4f:b0:52:79:dc:95:56:9d:12:
a7:3b:a4:7a:4a:c2:f7:ea:8a:de:88:e3:ca:9e:34:fe:03:51:
57:87:f6:e4:83:ac:55:2d:ab:a8:5d:19:33:9a:21:d5:b2:40:
b7:0d:df:85:40:81:b6:1a:d7:57:21:d0:f5:f5:50:84:7a:9e:
64:df:95:b1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QUE5MTExMC8GA1UEBRMoQTBDODBDRUUwNjNDOUNDODJDRENCMEJDNzQ1QzRGRTQ2
REQwMjY1NzAeFw0yMzEyMTIwODQ0MjZaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzgxZDZhLTU4YWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGtU1pfiLu1plvpo2R487mT/fmdYT3diNhvTMpq+aPItNkALlPiVIsPmDatxJz
I9XW5bzlwIZxUfBzAI8kO4angmJi0u+tfKKqnxNkioApBPKqitA1HDHpYrM/u8sN
anj9OGU5S5EC69mu8ZJdfwniJmeB/TzDvJVD1DPDJw2+7j+5Jmxs13QU772Opi+e
X04lkwrRv6Kzqhtz8yE2QYfps+fdk4EZojN69qHqLT5dAhM5A03II18dgiSfjoza
O7CiGgG3Q+hDB18fWCYQExuQrEYYAg4FFQByGffLwkqC1nhLHUnzJQEtdO0F0OO8
IFiOA1eRL5KvaiPxDq1gPIffAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKVSN70jg
1yljHsX7a8SPIQ9dq9owHwYDVR0jBBgwFoAUoMgM7gY8nMgs3LC8dFxP5G3QJlcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBQTkxLzk0MjBEMjEwMEE1
QTExRUVBM0Y1QjQ0MUM0RjlBRTAyL29NZ003Z1k4bk1nczNMQzhkRnhQNUczUUps
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb01nTTdnWThuTWdzM0xDOGRGeFA1RzNRSmxjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi9BN0Q2RkE5Mjk4
Q0ExMUVFOTNERkI5M0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdTKjANBgkqhkiG9w0BAQsFAAOCAQEAH1362b5kx7aHUXnJ
vigJxYnpXA80CmRLhkiHH5Wrk+c3oedItrhUZmQKLeJlhS6cJhKO5XLWvzJnO4Tl
QWYyswX/H/Pb/aRHtuQTK1vgBvCelNRhNW4yy8uDlWjFm5SkCVzy++n93CLF8IoN
bgf7gRpzqSWb1scSMHg9/vLVrrYabpppOdnchMZaHDnrAsTvJVWOdNt03lMkAKD0
SDJrwWCkfIZtZh8/ad+eQQxNCpcCP3YY0EQwNdZqvzthT7BSedyVVp0SpzukekrC
9+qK3ojjyp40/gNRV4f25IOsVS2rqF0ZM5oh1bJAtw3fhUCBthrXVyHQ9fVQhHqe
ZN+VsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org