Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/CB2E6F0E0A6111EEB7C7EE60C4F9AE02.roa
File: CB2E6F0E0A6111EEB7C7EE60C4F9AE02.roa (raw, json)
Hash identifier: tRcmY1CAFov5ZEjJFcjrj485tTidL6+I/Oh9ztORgzY=
Subject key identifier: D0:3A:E8:62:D5:B7:E9:5E:69:2C:E1:CA:7A:9F:FC:BD:0F:5A:6B:93
Certificate issuer: /CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Certificate serial: 02
Authority key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/CB2E6F0E0A6111EEB7C7EE60C4F9AE02.roa
Signing time: Wed 14 Jun 2023 03:16:03 +0000
ROA not before: Wed 14 Jun 2023 03:16:03 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 211256
IP address blocks: 103.83.40.0/24 maxlen: 24
103.83.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Validity
Not Before: Jun 14 03:16:03 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=648930f3-8f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:a1:d3:a7:ac:8a:d2:b4:f3:a4:b5:1a:2b:
91:e2:bb:a9:4e:35:2d:88:0c:b4:40:1a:08:27:16:
40:a7:30:4c:23:46:8c:23:2f:c1:15:f6:bd:7c:df:
bb:d5:f1:56:c1:3c:1b:87:cb:78:2f:2f:dc:c9:c3:
ad:04:d0:cf:c8:b2:cb:f8:9c:3a:a4:8c:be:36:47:
c2:10:35:31:6b:0f:53:97:6b:1e:1e:27:82:98:bc:
5a:d2:f9:c2:1c:24:87:df:00:20:cb:f6:5d:05:0a:
8a:26:52:f5:83:b1:21:a5:c5:b2:19:ad:34:a1:bb:
7d:80:20:a5:61:2e:e7:b1:7b:99:2e:37:ba:e6:60:
60:05:89:f1:a1:60:0b:68:d1:1e:d0:c8:d8:24:e0:
ba:a6:e0:72:18:0c:70:e6:ac:70:3c:84:f8:b6:61:
80:e8:b5:ea:cb:f5:4a:7e:ee:90:fa:f2:c3:cc:dd:
1c:ab:93:9c:c5:d4:77:5a:2f:52:a3:42:25:d3:00:
95:28:12:f2:48:c8:41:af:c8:31:a7:ac:f4:44:f6:
c8:4a:1d:71:ee:fd:79:c2:1f:83:01:e7:ef:3d:f2:
23:cb:2b:ac:93:7d:00:6c:f1:27:4e:d0:74:8a:22:
c9:99:c8:47:ca:41:5b:83:71:a4:ff:d9:b6:a8:cb:
fb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3A:E8:62:D5:B7:E9:5E:69:2C:E1:CA:7A:9F:FC:BD:0F:5A:6B:93
X509v3 Authority Key Identifier:
keyid:A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/CB2E6F0E0A6111EEB7C7EE60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.40.0/23
Signature Algorithm: sha256WithRSAEncryption
48:32:41:1c:41:51:72:ff:60:e6:21:ac:27:1d:73:83:5d:26:
b6:d6:1e:de:e4:1b:20:78:e6:b7:eb:e4:a9:32:6d:6c:7b:1a:
0b:f0:a0:11:3c:b7:f1:80:25:41:2e:9b:ac:31:0c:90:7a:81:
a1:f1:f3:84:28:41:f3:92:ee:0d:bc:90:cc:f3:1a:b5:60:f9:
36:ad:ca:46:79:ab:fb:f4:a9:85:5e:c2:3d:fe:9b:d6:1c:d8:
c6:36:23:19:60:a7:0b:8f:2c:89:b7:61:e8:be:3a:be:ab:a0:
d8:ba:34:0a:57:9a:ef:4e:98:82:32:5c:fa:d1:3d:ca:2a:da:
2d:24:87:36:fe:73:6d:7a:27:4e:59:bd:6b:8f:54:32:b0:99:
7f:6a:70:ce:55:3e:e5:f4:de:bf:e9:c4:7e:5b:b0:45:5f:d7:
99:f2:54:47:a2:de:5d:e5:a2:23:ef:e8:4f:94:f1:8b:52:71:
c4:d3:28:22:29:55:25:90:d5:02:29:50:94:10:69:34:4f:c9:
e0:19:13:de:75:de:14:e6:f7:67:44:2c:ee:19:93:45:cc:32:
86:7d:7b:30:7c:b4:b9:56:af:98:9e:55:04:aa:70:a9:b1:d2:
cb:6f:c7:25:16:3d:ae:5e:3b:82:5b:d3:bc:3e:5c:7a:6d:65:
59:d0:eb:2f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QUE5MTExMC8GA1UEBRMoQTBDODBDRUUwNjNDOUNDODJDRENCMEJDNzQ1QzRGRTQ2
REQwMjY1NzAeFw0yMzA2MTQwMzE2MDNaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODkzMGYzLThmMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCYgqHTp6yK0rTzpLUaK5Hiu6lONS2IDLRAGggnFkCnMEwjRowjL8EV9r1837vV
8VbBPBuHy3gvL9zJw60E0M/Issv4nDqkjL42R8IQNTFrD1OXax4eJ4KYvFrS+cIc
JIffACDL9l0FCoomUvWDsSGlxbIZrTShu32AIKVhLuexe5kuN7rmYGAFifGhYAto
0R7QyNgk4Lqm4HIYDHDmrHA8hPi2YYDoterL9Up+7pD68sPM3Ryrk5zF1HdaL1Kj
QiXTAJUoEvJIyEGvyDGnrPRE9shKHXHu/XnCH4MB5+898iPLK6yTfQBs8SdO0HSK
IsmZyEfKQVuDcaT/2baoy/vPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU0DroYtW3
6V5pLOHKep/8vQ9aa5MwHwYDVR0jBBgwFoAUoMgM7gY8nMgs3LC8dFxP5G3QJlcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBQTkxLzk0MjBEMjEwMEE1
QTExRUVBM0Y1QjQ0MUM0RjlBRTAyL29NZ003Z1k4bk1nczNMQzhkRnhQNUczUUps
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb01nTTdnWThuTWdzM0xDOGRGeFA1RzNRSmxjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi9DQjJFNkYwRTBB
NjExMUVFQjdDN0VFNjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdTKDANBgkqhkiG9w0BAQsFAAOCAQEASDJBHEFRcv9g5iGs
Jx1zg10mttYe3uQbIHjmt+vkqTJtbHsaC/CgETy38YAlQS6brDEMkHqBofHzhChB
85LuDbyQzPMatWD5Nq3KRnmr+/SphV7CPf6b1hzYxjYjGWCnC48sibdh6L46vqug
2Lo0Clea706YgjJc+tE9yiraLSSHNv5zbXonTlm9a49UMrCZf2pwzlU+5fTev+nE
fluwRV/XmfJUR6LeXeWiI+/oT5Txi1JxxNMoIilVJZDVAilQlBBpNE/J4BkT3nXe
FOb3Z0Qs7hmTRcwyhn17MHy0uVavmJ5VBKpwqbHSy2/HJRY9rl47glvTvD5cem1l
WdDrLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org