Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/CBBCAB160A6111EEB7C7EE60C4F9AE02.roa
File: CBBCAB160A6111EEB7C7EE60C4F9AE02.roa (raw, json)
Hash identifier: PcHA1UtEH1Li7ZH8JV3W+afuJjneknITtzORs0fiUwY=
Subject key identifier: 81:BD:BE:C5:88:48:3D:9B:18:56:CD:B9:83:8C:22:48:CA:F7:23:A8
Certificate issuer: /CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Certificate serial: 03
Authority key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/CBBCAB160A6111EEB7C7EE60C4F9AE02.roa
Signing time: Wed 14 Jun 2023 03:16:04 +0000
ROA not before: Wed 14 Jun 2023 03:16:04 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 51722
IP address blocks: 103.83.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657
Validity
Not Before: Jun 14 03:16:04 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=648930f4-7aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:d1:9e:77:b7:57:26:6c:8c:c2:a9:36:25:
35:fd:82:1e:91:ee:cb:dc:79:63:56:42:7a:3b:25:
c4:83:bd:4c:7d:f8:a4:04:3d:7b:77:82:65:e2:8e:
0f:83:58:9a:a1:29:33:28:3b:62:57:a7:f2:5c:b6:
1a:79:0a:16:75:49:66:ab:b8:f5:34:e7:30:a0:a4:
fd:f1:a4:ee:77:ab:53:32:15:e5:8b:76:7c:ef:f1:
e0:3e:9c:9a:f7:78:6b:a1:68:b6:96:e3:a0:83:fa:
0c:0e:e2:95:61:4c:84:3e:43:81:54:c7:28:aa:c9:
f4:4f:02:f7:95:ea:24:ca:ab:b3:f1:f9:16:74:18:
63:9f:61:82:40:00:e6:66:e3:19:03:74:59:a2:0e:
5b:b3:9a:ff:ff:cc:ac:ba:d0:12:d4:03:00:ea:b4:
18:db:2f:0c:79:aa:56:50:49:8f:65:8c:18:05:e6:
f1:6f:ba:a5:3a:ef:8c:8e:a3:f0:2e:60:48:e8:c9:
48:84:6e:b3:20:06:b9:83:07:3d:bf:71:46:9b:a8:
a7:65:bd:6e:3d:68:64:91:6d:0d:1f:23:b3:6e:a2:
f8:8a:11:1b:1d:02:47:9d:e9:33:bc:b9:12:47:ff:
e1:b6:a8:21:48:08:5b:ca:bf:2b:5a:41:52:b3:6f:
0d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BD:BE:C5:88:48:3D:9B:18:56:CD:B9:83:8C:22:48:CA:F7:23:A8
X509v3 Authority Key Identifier:
keyid:A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/CBBCAB160A6111EEB7C7EE60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.43.0/24
Signature Algorithm: sha256WithRSAEncryption
79:8e:66:d7:7d:59:99:61:2c:78:c0:a4:0a:a8:8e:be:c0:86:
66:9e:27:4a:07:22:c7:36:bd:5a:56:b9:34:5a:fb:aa:a7:b3:
7f:f7:2f:ab:2e:fc:b8:96:c4:e2:16:07:bb:64:42:87:7c:07:
5d:f5:cd:fb:7c:b6:cc:05:84:a8:a7:1c:d6:64:4b:df:eb:6d:
a6:f8:f7:7d:7f:bc:40:ab:0b:43:b6:c8:35:eb:dd:b7:f9:51:
a1:e9:50:5a:47:49:4b:a6:7a:0d:b4:11:08:4d:0d:d1:b2:2d:
e3:36:f2:c9:36:d3:c4:10:ae:87:f1:9e:86:fd:45:f3:4d:a1:
b5:ec:9c:89:16:dd:46:bc:9b:5e:b1:d9:52:92:3b:40:3d:f8:
6c:ba:ea:96:85:69:82:7f:cc:ed:05:dc:db:e5:43:a2:de:3e:
b2:64:fd:a4:2e:a4:88:6b:d3:11:8c:44:03:72:fc:2e:31:6c:
9f:79:2f:66:3a:b9:62:5e:9f:0a:d0:fb:b1:b9:e9:6e:38:e0:
f7:fd:18:d3:9b:40:4c:e1:a9:b9:62:8a:93:37:55:ed:7f:7f:
22:4c:12:03:93:16:c1:65:48:fa:77:a2:1e:e6:07:59:5a:73:
be:1a:44:e9:59:cf:5e:ad:ed:00:2c:3c:fa:46:81:10:f4:66:
f4:21:7f:d9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QUE5MTExMC8GA1UEBRMoQTBDODBDRUUwNjNDOUNDODJDRENCMEJDNzQ1QzRGRTQ2
REQwMjY1NzAeFw0yMzA2MTQwMzE2MDRaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODkzMGY0LTdhZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtoNGed7dXJmyMwqk2JTX9gh6R7svceWNWQno7JcSDvUx9+KQEPXt3gmXijg+D
WJqhKTMoO2JXp/Jcthp5ChZ1SWaruPU05zCgpP3xpO53q1MyFeWLdnzv8eA+nJr3
eGuhaLaW46CD+gwO4pVhTIQ+Q4FUxyiqyfRPAveV6iTKq7Px+RZ0GGOfYYJAAOZm
4xkDdFmiDluzmv//zKy60BLUAwDqtBjbLwx5qlZQSY9ljBgF5vFvuqU674yOo/Au
YEjoyUiEbrMgBrmDBz2/cUabqKdlvW49aGSRbQ0fI7NuoviKERsdAked6TO8uRJH
/+G2qCFICFvKvytaQVKzbw3LAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgb2+xYhI
PZsYVs25g4wiSMr3I6gwHwYDVR0jBBgwFoAUoMgM7gY8nMgs3LC8dFxP5G3QJlcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBQTkxLzk0MjBEMjEwMEE1
QTExRUVBM0Y1QjQ0MUM0RjlBRTAyL29NZ003Z1k4bk1nczNMQzhkRnhQNUczUUps
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb01nTTdnWThuTWdzM0xDOGRGeFA1RzNRSmxjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi9DQkJDQUIxNjBB
NjExMUVFQjdDN0VFNjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdTKzANBgkqhkiG9w0BAQsFAAOCAQEAeY5m131ZmWEseMCk
CqiOvsCGZp4nSgcixza9Wla5NFr7qqezf/cvqy78uJbE4hYHu2RCh3wHXfXN+3y2
zAWEqKcc1mRL3+ttpvj3fX+8QKsLQ7bINevdt/lRoelQWkdJS6Z6DbQRCE0N0bIt
4zbyyTbTxBCuh/Gehv1F802hteyciRbdRrybXrHZUpI7QD34bLrqloVpgn/M7QXc
2+VDot4+smT9pC6kiGvTEYxEA3L8LjFsn3kvZjq5Yl6fCtD7sbnpbjjg9/0Y05tA
TOGpuWKKkzdV7X9/IkwSA5MWwWVI+neiHuYHWVpzvhpE6VnPXq3tACw8+kaBEPRm
9CF/2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org