Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/894C565C159011EEA7190965C4F9AE02.roa
File: 894C565C159011EEA7190965C4F9AE02.roa (raw, json)
Hash identifier: Yyg0ca/je1tOoMplDuE2i7C6ylQm8CXRR4W71NtkeC8=
Subject key identifier: 2E:07:4E:A9:94:BD:BD:F3:55:A8:F6:5F:45:17:4A:EB:3F:E1:87:06
Certificate issuer: /CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Certificate serial: 0345
Authority key identifier: 49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/894C565C159011EEA7190965C4F9AE02.roa
Signing time: Wed 28 Jun 2023 08:48:22 +0000
ROA not before: Wed 28 Jun 2023 08:48:22 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 1239
IP address blocks: 103.120.128.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 837 (0x345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Validity
Not Before: Jun 28 08:48:22 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=649bf3d6-19b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:c7:1f:a1:5e:6e:2f:ee:0b:8c:b0:52:be:
59:c2:4a:fa:a7:3c:1d:59:b2:f9:a6:36:42:21:cc:
f2:ac:d6:9a:6d:40:8e:eb:0c:d7:91:45:29:62:14:
1c:31:bf:7d:5a:67:d4:da:cb:7e:50:59:ef:cc:09:
14:2e:80:fb:6d:ba:cb:72:6a:db:a4:4c:db:bd:ed:
4c:93:61:9e:cf:26:a3:77:9b:2b:12:94:d8:48:4c:
0d:05:9a:39:19:9a:19:71:39:02:a8:5e:24:e0:a6:
b8:0c:7b:29:a8:4f:18:5b:9f:b6:9c:a5:f2:bc:9d:
6d:c2:5a:87:b1:27:76:8c:31:67:8b:06:5f:ed:61:
5d:18:22:7c:c6:12:63:c6:03:76:05:a8:69:dc:22:
95:a1:8b:56:83:9d:ff:85:05:06:b0:02:ab:ff:2f:
c4:f0:5b:30:18:a1:fd:98:eb:39:cd:9b:bb:87:a6:
ea:0a:4d:e1:82:3f:5b:f7:3f:8f:10:e5:f4:c2:03:
9a:cb:7f:a2:4e:6b:dc:25:33:ee:41:a1:b1:3e:80:
5c:de:90:39:6a:8d:61:90:4d:7e:06:5f:20:2e:1f:
5f:ef:58:a4:5d:b6:e8:10:e1:8c:17:0a:ef:b6:f7:
ab:56:16:10:29:da:f4:90:5b:56:05:f3:3b:46:a0:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:07:4E:A9:94:BD:BD:F3:55:A8:F6:5F:45:17:4A:EB:3F:E1:87:06
X509v3 Authority Key Identifier:
keyid:49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/SUICsDHp9CdkMVegbvqkwHDH8-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/894C565C159011EEA7190965C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.128.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:35:5a:79:cf:f5:31:b2:5b:dc:6b:b0:67:96:b6:ce:7e:d6:
e3:1f:5e:ec:8d:46:cc:a3:d3:e1:86:5f:4b:f0:31:b9:64:d8:
9e:21:19:2c:0a:18:e7:43:33:58:0d:01:1e:cd:94:71:b0:e8:
3a:2a:cc:54:18:0c:2f:99:62:f1:30:71:d9:fb:d2:b1:bd:da:
a6:8c:45:e9:d1:09:cf:c0:cc:87:b4:b1:dc:e7:84:df:c1:d4:
2a:91:ac:ef:e5:65:ec:77:c3:bd:55:38:55:46:b5:36:06:b0:
92:2a:12:2d:f8:aa:6e:56:2d:7b:1a:4e:fb:f8:24:7e:a7:80:
e2:c9:4b:4e:20:d6:b9:c5:6a:34:8b:fe:92:12:fc:4e:94:ee:
79:33:8c:66:68:c8:e3:c7:5a:84:0b:05:8c:89:49:4e:f5:0b:
1d:8a:c3:56:b1:a4:c1:64:ea:00:63:e2:2f:e9:0e:80:cc:9a:
50:fc:4c:0d:db:91:15:ea:43:e4:e2:88:5f:da:33:7b:0c:85:
64:8e:7b:ae:12:18:18:a1:40:7b:cc:0e:55:2f:35:72:31:60:
cb:f4:8e:73:7c:4f:50:cb:bc:99:e2:07:0c:8d:05:d7:9c:53:
3a:b6:67:69:f6:77:49:6a:ed:f6:6a:ac:cc:c5:27:93:93:d3:
bb:12:7d:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA0UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBDOUIxMTAvBgNVBAUTKDQ5NDIwMkIwMzFFOUY0Mjc2NDMxNTdBMDZFRkFBNEMw
NzBDN0YzRUQwHhcNMjMwNjI4MDg0ODIyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDliZjNkNi0xOWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxOzHH6Febi/uC4ywUr5Zwkr6pzwdWbL5pjZCIczyrNaabUCO6wzXkUUpYhQc
Mb99WmfU2st+UFnvzAkULoD7bbrLcmrbpEzbve1Mk2Gezyajd5srEpTYSEwNBZo5
GZoZcTkCqF4k4Ka4DHspqE8YW5+2nKXyvJ1twlqHsSd2jDFniwZf7WFdGCJ8xhJj
xgN2Bahp3CKVoYtWg53/hQUGsAKr/y/E8FswGKH9mOs5zZu7h6bqCk3hgj9b9z+P
EOX0wgOay3+iTmvcJTPuQaGxPoBc3pA5ao1hkE1+Bl8gLh9f71ikXbboEOGMFwrv
tverVhYQKdr0kFtWBfM7RqAvGwIDAQABo4IClTCCApEwHQYDVR0OBBYEFC4HTqmU
vb3zVaj2X0UXSus/4YcGMB8GA1UdIwQYMBaAFElCArAx6fQnZDFXoG76pMBwx/Pt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEM5Qi9BNDZFOTg5QTMy
MkIxMUVDOTdGOENGN0NDNEY5QUUwMi9TVUlDc0RIcDlDZGtNVmVnYnZxa3dIREg4
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NVSUNzREhwOUNka01WZWdidnFrd0hESDgtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBDOUIvQTQ2RTk4OUEzMjJCMTFFQzk3RjhDRjdDQzRGOUFFMDIvODk0QzU2NUMx
NTkwMTFFRUE3MTkwOTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFneIAwDQYJKoZIhvcNAQELBQADggEBAEs1WnnP9TGyW9xr
sGeWts5+1uMfXuyNRsyj0+GGX0vwMblk2J4hGSwKGOdDM1gNAR7NlHGw6DoqzFQY
DC+ZYvEwcdn70rG92qaMRenRCc/AzIe0sdznhN/B1CqRrO/lZex3w71VOFVGtTYG
sJIqEi34qm5WLXsaTvv4JH6ngOLJS04g1rnFajSL/pIS/E6U7nkzjGZoyOPHWoQL
BYyJSU71Cx2Kw1axpMFk6gBj4i/pDoDMmlD8TA3bkRXqQ+TiiF/aM3sMhWSOe64S
GBihQHvMDlUvNXIxYMv0jnN8T1DLvJniBwyNBdecUzq2Z2n2d0lq7fZqrMzFJ5OT
07sSffI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:24 2023 by rpki-client on console.sobornost.net