Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/A89DFE2A924011EE87B36F74C4F9AE02.roa
File: A89DFE2A924011EE87B36F74C4F9AE02.roa (raw, json)
Hash identifier: GD8dg2n1FQuooo1cvyq9X9EN8af4MOnVQ8r16wDhwPU=
Subject key identifier: 8B:7B:6C:FA:3D:16:2B:46:9C:10:1E:8B:53:C7:60:7D:52:00:F8:BC
Certificate issuer: /CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Certificate serial: 70
Authority key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/A89DFE2A924011EE87B36F74C4F9AE02.roa
Signing time: Mon 04 Dec 2023 01:01:30 +0000
ROA not before: Mon 04 Dec 2023 01:01:30 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 197789
IP address blocks: 103.83.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112 (0x70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Validity
Not Before: Dec 4 01:01:30 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=656d24ea-3e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:77:b5:87:91:c9:5c:f6:b9:a9:b1:5e:af:ff:
91:e6:11:29:79:93:17:cc:68:a0:ba:75:2f:74:7c:
e5:a7:77:83:47:b4:20:ea:28:5d:31:57:2d:76:0d:
a0:ac:a1:20:4b:d0:eb:6d:c3:59:69:79:27:10:f8:
66:26:d7:9f:95:1b:5e:47:07:ec:44:ec:4e:c6:d9:
07:62:77:fa:5d:36:91:a0:6a:9c:12:d9:ec:06:00:
52:85:13:e6:cc:f2:7f:56:68:31:37:7f:85:31:1e:
55:7f:6f:ae:72:a9:5d:f2:65:01:87:17:cf:03:ee:
18:55:3b:cb:c1:50:ca:56:83:9e:e2:ae:3d:1e:cf:
1d:eb:25:04:73:f3:e3:f5:f3:69:34:6e:63:3b:33:
53:d7:85:d9:ea:b0:c0:ad:f9:7e:fa:bf:c6:68:cc:
09:8b:55:db:15:19:a4:6c:f4:12:a1:92:a4:af:2f:
fa:07:9b:cb:b1:e5:be:69:aa:a4:e2:78:6c:e4:b2:
e7:5a:77:44:47:fe:85:5e:0c:92:82:26:95:b0:0e:
2c:d7:f6:e3:69:f0:2b:64:1b:26:8f:6e:b9:0b:86:
53:6c:90:fb:b8:4e:ee:65:0d:97:ef:ac:a8:c6:61:
21:95:9d:ed:f7:80:51:14:d6:3f:8a:39:ef:30:07:
f3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7B:6C:FA:3D:16:2B:46:9C:10:1E:8B:53:C7:60:7D:52:00:F8:BC
X509v3 Authority Key Identifier:
keyid:A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/A89DFE2A924011EE87B36F74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.41.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:81:60:74:10:52:3c:d4:11:d4:fb:f1:7b:fc:86:2b:d5:d4:
2d:f8:65:8c:d5:c2:cc:e2:7b:6c:69:9f:74:c0:c9:bd:b4:2d:
6a:e8:24:15:5d:5d:07:8b:0c:57:68:ae:44:b6:cc:ad:79:00:
7a:7b:a7:94:7a:ba:df:57:55:6f:10:ee:f2:c2:ae:bc:8d:7d:
04:bb:3f:c0:35:c5:c5:eb:cf:d2:52:b0:e2:81:7c:0d:a5:df:
65:32:2e:e3:b8:24:1c:b2:05:fe:6a:cc:53:ec:e2:b1:6b:9e:
b3:2c:27:20:bc:3f:2d:52:7a:b6:bb:b1:e4:db:c5:5b:d6:8f:
7c:5e:7a:13:e8:1a:9f:20:9d:1b:d7:f1:e1:82:f3:81:e0:00:
ff:93:bd:f3:20:52:f3:b9:1c:5b:cf:94:22:09:7d:8a:43:b7:
99:d8:8a:e8:7b:93:16:fb:9d:06:27:85:6d:6b:78:3d:52:7f:
cf:06:a7:64:a6:4a:82:06:33:f5:75:ca:7e:1b:e9:fa:e5:76:
27:69:4c:b1:82:fa:45:c7:91:de:cf:d9:58:f0:48:13:f5:75:
16:2f:ee:23:ad:f1:d0:cd:61:45:73:b9:b5:84:38:18:d5:0b:
98:b9:89:1d:b5:a8:f5:4f:6f:ee:01:28:21:98:34:4f:29:69:
9e:86:8c:11
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QUE5MTExMC8GA1UEBRMoQTBDODBDRUUwNjNDOUNDODJDRENCMEJDNzQ1QzRGRTQ2
REQwMjY1NzAeFw0yMzEyMDQwMTAxMzBaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmQyNGVhLTNlMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtd7WHkclc9rmpsV6v/5HmESl5kxfMaKC6dS90fOWnd4NHtCDqKF0xVy12DaCs
oSBL0Ottw1lpeScQ+GYm15+VG15HB+xE7E7G2Qdid/pdNpGgapwS2ewGAFKFE+bM
8n9WaDE3f4UxHlV/b65yqV3yZQGHF88D7hhVO8vBUMpWg57irj0ezx3rJQRz8+P1
82k0bmM7M1PXhdnqsMCt+X76v8ZozAmLVdsVGaRs9BKhkqSvL/oHm8ux5b5pqqTi
eGzksudad0RH/oVeDJKCJpWwDizX9uNp8CtkGyaPbrkLhlNskPu4Tu5lDZfvrKjG
YSGVne33gFEU1j+KOe8wB/M9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUi3ts+j0W
K0acEB6LU8dgfVIA+LwwHwYDVR0jBBgwFoAUoMgM7gY8nMgs3LC8dFxP5G3QJlcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBQTkxLzk0MjBEMjEwMEE1
QTExRUVBM0Y1QjQ0MUM0RjlBRTAyL29NZ003Z1k4bk1nczNMQzhkRnhQNUczUUps
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb01nTTdnWThuTWdzM0xDOGRGeFA1RzNRSmxjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi9BODlERkUyQTky
NDAxMUVFODdCMzZGNzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdTKTANBgkqhkiG9w0BAQsFAAOCAQEAo4FgdBBSPNQR1Pvx
e/yGK9XULfhljNXCzOJ7bGmfdMDJvbQtaugkFV1dB4sMV2iuRLbMrXkAenunlHq6
31dVbxDu8sKuvI19BLs/wDXFxevP0lKw4oF8DaXfZTIu47gkHLIF/mrMU+zisWue
sywnILw/LVJ6trux5NvFW9aPfF56E+ganyCdG9fx4YLzgeAA/5O98yBS87kcW8+U
Igl9ikO3mdiK6HuTFvudBieFbWt4PVJ/zwanZKZKggYz9XXKfhvp+uV2J2lMsYL6
RceR3s/ZWPBIE/V1Fi/uI63x0M1hRXO5tYQ4GNULmLmJHbWo9U9v7gEoIZg0Tylp
noaMEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org