Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/263A06DA861811EC9AA35B51C4F9AE02.roa
File: 263A06DA861811EC9AA35B51C4F9AE02.roa (raw, json)
Hash identifier: adp3DwoYOx3ryGZ91ZpZ+zfPEfVcrTVw2yrjGM8OfSs=
Subject key identifier: 94:18:DE:04:23:84:6B:34:EF:86:92:77:FE:61:60:B8:B9:E1:65:1D
Certificate issuer: /CN=A91FE75F/serialNumber=2DB6F01365B359E30AA8173F5D4A728C7E85EA5F
Certificate serial: 023F
Authority key identifier: 2D:B6:F0:13:65:B3:59:E3:0A:A8:17:3F:5D:4A:72:8C:7E:85:EA:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbbwE2WzWeMKqBc_XUpyjH6F6l8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/263A06DA861811EC9AA35B51C4F9AE02.roa
Signing time: Mon 07 Feb 2022 11:51:00 +0000
ROA not before: Mon 07 Feb 2022 11:51:00 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 141778
IP address blocks: 103.163.254.0/24 maxlen: 24
103.163.255.0/24 maxlen: 24
2001:df6:3580::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 575 (0x23f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE75F/serialNumber=2DB6F01365B359E30AA8173F5D4A728C7E85EA5F
Validity
Not Before: Feb 7 11:51:00 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=620107a4-747e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:20:bc:77:6a:e1:b4:f0:c6:9d:fb:9d:2f:5d:
8d:83:06:b3:e3:07:ab:a3:c0:57:8b:d6:30:63:63:
7a:5a:aa:af:a6:1b:33:e5:9f:95:c6:28:0d:77:6e:
18:fa:27:e6:32:ba:63:c8:e7:d9:03:3c:b9:20:e8:
a1:fa:4b:19:12:29:e2:c8:7b:b1:89:bb:c4:59:29:
1a:b5:6d:0d:3a:35:59:d2:75:3f:8a:dc:cd:d4:24:
a7:e9:5f:d9:56:91:07:90:aa:54:55:12:91:ec:00:
f2:d2:11:f4:df:cd:b6:64:d7:b0:57:a0:cb:f2:d1:
50:0e:96:4c:15:55:ae:c3:6c:b2:e3:5d:fc:ab:e0:
fe:82:bf:d4:35:63:de:58:d0:ae:54:26:38:78:70:
56:31:53:6c:97:a4:d9:26:c3:67:3d:02:98:58:9d:
0f:7f:1b:e6:ab:7e:b0:d9:21:b6:cc:e3:bf:e6:95:
1b:df:06:28:b2:64:5e:59:dc:41:12:b2:1b:ca:7a:
cf:72:e1:14:24:f2:90:f3:75:f4:27:8d:d0:66:1c:
b2:6d:ce:43:0e:e4:44:79:33:55:e7:38:49:e6:62:
7d:90:a8:60:57:ea:d6:c5:9c:aa:55:85:ba:f6:e5:
56:5d:5c:c0:b8:7e:d1:bf:f0:44:44:ba:bd:05:af:
ad:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:18:DE:04:23:84:6B:34:EF:86:92:77:FE:61:60:B8:B9:E1:65:1D
X509v3 Authority Key Identifier:
keyid:2D:B6:F0:13:65:B3:59:E3:0A:A8:17:3F:5D:4A:72:8C:7E:85:EA:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/LbbwE2WzWeMKqBc_XUpyjH6F6l8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbbwE2WzWeMKqBc_XUpyjH6F6l8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/263A06DA861811EC9AA35B51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.254.0/23
IPv6:
2001:df6:3580::/48
Signature Algorithm: sha256WithRSAEncryption
53:36:14:ba:5c:06:34:b9:29:1b:b1:d7:22:16:20:84:59:6b:
3a:01:7e:35:ea:b6:b6:35:73:ba:dd:61:81:3c:15:90:cb:4d:
81:67:23:f4:95:b6:37:a2:23:b7:f4:0d:b3:b4:21:8d:dd:43:
7d:b1:19:5a:9a:68:27:c9:07:8d:d7:5c:26:3f:16:d7:a3:af:
82:73:d1:97:13:83:60:81:61:08:99:52:74:bd:0b:95:86:f1:
6d:61:51:a3:9c:cd:5d:74:e8:01:7b:01:45:d5:31:12:71:ac:
f7:21:8f:e7:14:b5:6c:cd:78:32:3e:48:cc:e3:1f:5e:c7:5f:
a2:14:b4:8b:77:67:67:12:df:03:2c:17:77:8a:6d:b5:cf:c9:
21:9b:7d:1c:f0:cd:f1:dd:d6:4d:c3:a2:b5:38:de:1d:f2:2f:
24:57:b3:47:e2:5a:1d:09:be:8c:71:ba:c2:26:bd:2f:58:71:
51:d5:1e:26:89:39:69:f3:f7:e0:51:8f:05:6a:69:f8:65:e3:
57:48:37:84:63:50:80:56:f5:24:4f:88:03:3d:ac:e4:5a:fc:
23:e3:87:9d:b9:dd:3f:a0:3b:0c:61:a1:69:bc:61:b1:26:c7:
31:55:f6:a7:f0:fe:28:ae:1b:e9:e6:49:74:2c:18:a0:66:e6:
79:1f:71:92
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NUYxMTAvBgNVBAUTKDJEQjZGMDEzNjVCMzU5RTMwQUE4MTczRjVENEE3MjhD
N0U4NUVBNUYwHhcNMjIwMjA3MTE1MTAwWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjAxMDdhNC03NDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2SC8d2rhtPDGnfudL12Ngwaz4wero8BXi9YwY2N6Wqqvphsz5Z+VxigNd24Y
+ifmMrpjyOfZAzy5IOih+ksZEiniyHuxibvEWSkatW0NOjVZ0nU/itzN1CSn6V/Z
VpEHkKpUVRKR7ADy0hH03822ZNewV6DL8tFQDpZMFVWuw2yy4138q+D+gr/UNWPe
WNCuVCY4eHBWMVNsl6TZJsNnPQKYWJ0Pfxvmq36w2SG2zOO/5pUb3wYosmReWdxB
ErIbynrPcuEUJPKQ83X0J43QZhyybc5DDuREeTNV5zhJ5mJ9kKhgV+rWxZyqVYW6
9uVWXVzAuH7Rv/BERLq9Ba+tOQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJQY3gQj
hGs074aSd/5hYLi54WUdMB8GA1UdIwQYMBaAFC228BNls1njCqgXP11Kcox+hepf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc1Ri9BQjlFQjhDQUE5
RjUxMUVCOEE0OTIyNTRDNEY5QUUwMi9MYmJ3RTJXeldlTUtxQmNfWFVweWpINkY2
bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xiYndFMld6V2VNS3FCY19YVXB5akg2RjZsOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NUYvQUI5RUI4Q0FBOUY1MTFFQjhBNDkyMjU0QzRGOUFFMDIvMjYzQTA2REE4
NjE4MTFFQzlBQTM1QjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFno/4wDwQCAAIwCQMHACABDfY1gDANBgkqhkiG9w0BAQsF
AAOCAQEAUzYUulwGNLkpG7HXIhYghFlrOgF+Neq2tjVzut1hgTwVkMtNgWcj9JW2
N6Ijt/QNs7Qhjd1DfbEZWppoJ8kHjddcJj8W16OvgnPRlxODYIFhCJlSdL0LlYbx
bWFRo5zNXXToAXsBRdUxEnGs9yGP5xS1bM14Mj5IzOMfXsdfohS0i3dnZxLfAywX
d4pttc/JIZt9HPDN8d3WTcOitTjeHfIvJFezR+JaHQm+jHG6wia9L1hxUdUeJok5
afP34FGPBWpp+GXjV0g3hGNQgFb1JE+IAz2s5Fr8I+OHnbndP6A7DGGhabxhsSbH
MVX2p/D+KK4b6eZJdCwYoGbmeR9xkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org