Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/0E408B8C08FC11EDBC8E4418C4F9AE02.roa
File: 0E408B8C08FC11EDBC8E4418C4F9AE02.roa (raw, json)
Hash identifier: QsElaR2VKN+lykmYDso1EyVUVkNoRB4t7LICFfm6qRg=
Subject key identifier: AF:D2:01:23:E0:DC:E7:06:71:E2:6B:E9:E6:4B:8F:EB:93:72:53:EB
Certificate issuer: /CN=A91FE75F/serialNumber=4D14E1AF22F53B22F56DEF02EB72EA5DD6BE77E2
Certificate serial: 02
Authority key identifier: 4D:14:E1:AF:22:F5:3B:22:F5:6D:EF:02:EB:72:EA:5D:D6:BE:77:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRThryL1OyL1be8C63LqXda-d-I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/0E408B8C08FC11EDBC8E4418C4F9AE02.roa
Signing time: Thu 21 Jul 2022 13:50:18 +0000
ROA not before: Thu 21 Jul 2022 13:50:18 +0000
ROA not after: Sat 01 Oct 2022 00:00:00 +0000
asID: 141778
IP address blocks: 103.163.254.0/24 maxlen: 24
103.163.255.0/24 maxlen: 24
2001:df6:3580::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE75F/serialNumber=4D14E1AF22F53B22F56DEF02EB72EA5DD6BE77E2
Validity
Not Before: Jul 21 13:50:18 2022 GMT
Not After : Oct 1 00:00:00 2022 GMT
Subject: CN=62d9599a-098e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:de:85:f0:47:05:8d:7d:ed:64:e6:aa:2c:55:
bf:fc:be:5a:28:5a:44:ea:31:48:1f:13:6b:51:ed:
8d:0e:31:5a:4f:62:8c:e6:23:e4:d0:a7:e7:a7:1d:
28:f8:3a:09:33:d8:91:a1:5f:5c:63:5f:f5:9f:32:
4a:ec:fb:77:20:72:95:09:be:9f:d5:72:79:27:15:
02:3e:e0:a0:24:76:87:01:34:90:a9:63:9f:76:d4:
ff:eb:46:05:a6:bf:08:35:c7:ab:0d:1a:f2:93:46:
2d:e0:57:09:f3:a4:98:7e:d4:62:ab:d1:8f:aa:9b:
d9:01:9a:e2:77:50:e8:4e:05:ce:62:74:ed:78:65:
a9:98:71:65:b5:54:40:cc:e4:7a:fd:4e:fe:c6:a2:
cb:4e:45:84:52:6b:97:87:11:ed:6d:ac:17:93:5c:
5f:48:f9:1f:23:bd:41:12:f5:fa:ad:5e:52:82:0d:
c6:b4:6c:a6:4f:e9:47:0e:7d:63:4d:43:58:a1:f4:
b7:2e:8b:0b:2e:22:d5:2c:db:46:35:9f:0f:78:11:
d8:ea:3d:bc:bc:2a:4d:ad:0f:09:75:99:ec:b6:cd:
ab:fc:3b:37:a8:8d:2c:06:35:79:1a:c0:3b:d0:df:
ab:b4:78:03:5e:16:b4:bd:2f:bd:18:e4:a7:ef:55:
b1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D2:01:23:E0:DC:E7:06:71:E2:6B:E9:E6:4B:8F:EB:93:72:53:EB
X509v3 Authority Key Identifier:
keyid:4D:14:E1:AF:22:F5:3B:22:F5:6D:EF:02:EB:72:EA:5D:D6:BE:77:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/TRThryL1OyL1be8C63LqXda-d-I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRThryL1OyL1be8C63LqXda-d-I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/0E408B8C08FC11EDBC8E4418C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.254.0/23
IPv6:
2001:df6:3580::/48
Signature Algorithm: sha256WithRSAEncryption
8e:a1:68:ec:75:7b:4f:b2:b4:c2:55:65:8e:83:49:b6:8b:d0:
5a:34:5e:d6:aa:e8:31:15:61:5c:5f:cf:cc:f0:36:59:82:a4:
3d:f7:b0:2c:90:89:05:2e:e7:fd:87:9b:c0:16:e0:f7:65:52:
eb:e6:ac:b4:48:be:a7:a0:9a:0f:c4:22:d4:71:57:1d:96:69:
20:cb:48:9b:90:db:47:39:00:ff:dc:97:ff:7b:f0:fc:08:c1:
58:41:f0:40:35:92:23:1b:b1:90:a4:49:9f:4a:71:8d:09:91:
b1:8e:32:bf:0c:9a:da:ef:17:10:61:21:5f:a3:2e:2d:f9:26:
d6:f8:9e:03:3b:3f:31:31:64:b5:01:f8:ca:a6:cd:18:92:3f:
89:25:7d:66:1d:46:99:95:69:4d:78:9e:96:59:79:a0:f6:c4:
0e:be:41:32:12:e4:b3:30:cd:59:c8:8b:4c:40:e4:32:c7:f0:
55:2c:e8:f2:07:a5:b8:4d:76:56:61:1f:a4:fd:60:c4:d7:36:
b3:ec:bc:ac:ff:03:09:e7:ea:22:ac:d9:e7:cb:54:e5:5d:4b:
d0:7d:12:26:d4:b1:be:2a:6c:9c:b6:97:4a:bb:f4:ca:ea:2c:
c8:5a:ab:95:5d:b9:9e:11:1f:5a:39:f7:fa:a8:1e:11:4e:e5:
33:51:ab:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RTc1RjExMC8GA1UEBRMoNEQxNEUxQUYyMkY1M0IyMkY1NkRFRjAyRUI3MkVBNURE
NkJFNzdFMjAeFw0yMjA3MjExMzUwMThaFw0yMjEwMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZDk1OTlhLTA5OGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJ3oXwRwWNfe1k5qosVb/8vlooWkTqMUgfE2tR7Y0OMVpPYozmI+TQp+enHSj4
Ogkz2JGhX1xjX/WfMkrs+3cgcpUJvp/VcnknFQI+4KAkdocBNJCpY5921P/rRgWm
vwg1x6sNGvKTRi3gVwnzpJh+1GKr0Y+qm9kBmuJ3UOhOBc5idO14ZamYcWW1VEDM
5Hr9Tv7GostORYRSa5eHEe1trBeTXF9I+R8jvUES9fqtXlKCDca0bKZP6UcOfWNN
Q1ih9LcuiwsuItUs20Y1nw94EdjqPby8Kk2tDwl1mey2zav8OzeojSwGNXkawDvQ
36u0eANeFrS9L70Y5KfvVbEDAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUr9IBI+Dc
5wZx4mvp5kuP65NyU+swHwYDVR0jBBgwFoAUTRThryL1OyL1be8C63LqXda+d+Iw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZFNzVGL0FCOUVCOENBQTlG
NTExRUI4QTQ5MjI1NEM0RjlBRTAyL1RSVGhyeUwxT3lMMWJlOEM2M0xxWGRhLWQt
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVFJUaHJ5TDFPeUwxYmU4QzYzTHFYZGEtZC1JLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RTc1Ri9BQjlFQjhDQUE5RjUxMUVCOEE0OTIyNTRDNEY5QUUwMi8wRTQwOEI4QzA4
RkMxMUVEQkM4RTQ0MThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWej/jAPBAIAAjAJAwcAIAEN9jWAMA0GCSqGSIb3DQEBCwUA
A4IBAQCOoWjsdXtPsrTCVWWOg0m2i9BaNF7WqugxFWFcX8/M8DZZgqQ997AskIkF
Luf9h5vAFuD3ZVLr5qy0SL6noJoPxCLUcVcdlmkgy0ibkNtHOQD/3Jf/e/D8CMFY
QfBANZIjG7GQpEmfSnGNCZGxjjK/DJra7xcQYSFfoy4t+SbW+J4DOz8xMWS1AfjK
ps0Ykj+JJX1mHUaZlWlNeJ6WWXmg9sQOvkEyEuSzMM1ZyItMQOQyx/BVLOjyB6W4
TXZWYR+k/WDE1zaz7Lys/wMJ5+oirNnny1TlXUvQfRIm1LG+KmyctpdKu/TK6izI
WquVXbmeER9aOff6qB4RTuUzUavc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org