Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DDD7EB0ED46511ECA1A27035C4F9AE02.roa
File: DDD7EB0ED46511ECA1A27035C4F9AE02.roa (raw, json)
Hash identifier: LJEBLtC/46nh7nCL5lto0VNtLjaA1229vUmg5BTfEAI=
Subject key identifier: BC:98:3B:AB:6E:1B:81:1B:0E:5F:DA:29:42:D7:F6:72:6F:5E:81:36
Certificate issuer: /CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Certificate serial: 16B8
Authority key identifier: 90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DDD7EB0ED46511ECA1A27035C4F9AE02.roa
Signing time: Wed 01 Feb 2023 08:06:34 +0000
ROA not before: Wed 01 Feb 2023 08:06:34 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132325
IP address blocks: 103.71.154.0/24 maxlen: 24
103.71.155.0/24 maxlen: 24
103.234.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5816 (0x16b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Validity
Not Before: Feb 1 08:06:34 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63da1d8a-9a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:95:77:d2:66:f0:c9:e5:70:ac:b4:00:5d:a5:
d6:e9:20:29:e2:8e:cf:a3:dd:76:d3:84:d6:da:a8:
4a:40:88:f4:8f:47:ef:24:87:4c:d9:f9:e3:e3:14:
37:ed:51:8e:af:95:2c:8a:07:8c:c4:4d:bd:d1:ce:
e6:e6:d9:74:a1:a2:b8:35:d6:bf:2d:04:d9:4c:9f:
a7:e8:65:20:7f:26:7c:3b:17:a6:8e:81:68:33:b1:
be:a1:2f:f8:9d:76:e3:68:98:d6:1c:80:ae:48:99:
66:09:92:46:2f:a0:ec:66:54:8e:62:f7:f6:01:ea:
9b:ef:53:0a:ee:7a:dc:4c:b6:a0:a0:b6:e1:9e:d5:
68:8a:10:7e:fa:3c:f5:b4:2d:a7:96:80:91:98:c1:
b2:c8:39:dd:25:3c:4e:eb:de:f6:15:c9:d1:64:37:
9b:83:a8:9b:43:ac:c0:ef:6d:a5:b5:c0:8a:7c:53:
22:dc:3d:fc:80:6a:a1:96:1a:d1:02:62:c8:a0:4d:
17:86:c7:1f:04:20:60:bf:20:b6:28:a8:99:16:34:
04:cc:2e:8c:1b:91:c1:23:09:58:20:7a:7a:f0:09:
93:de:99:4a:1d:ba:a3:fc:6d:a8:6a:5c:38:d8:af:
ba:f8:e0:0a:d3:5e:4e:82:66:fb:4e:54:8e:31:91:
38:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:98:3B:AB:6E:1B:81:1B:0E:5F:DA:29:42:D7:F6:72:6F:5E:81:36
X509v3 Authority Key Identifier:
keyid:90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/kAuHDIDA6z-EaPU-dnL6dBdSxdU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DDD7EB0ED46511ECA1A27035C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.154.0/23
103.234.74.0/24
Signature Algorithm: sha256WithRSAEncryption
78:39:d5:f0:87:46:46:98:66:f7:86:ec:44:f8:a8:db:33:d4:
34:25:81:67:29:dc:ce:c4:85:4b:ce:5d:10:76:fa:09:5c:ee:
98:8c:a1:59:1b:38:9b:a5:00:61:73:cf:f7:33:0b:ab:25:92:
8e:95:88:a3:1e:2d:a3:9e:06:18:d7:82:2b:a2:ba:83:54:53:
e0:40:41:61:21:5a:0d:66:0d:05:d8:0f:8f:7e:02:0d:19:02:
c8:b5:74:a2:a6:c9:c4:75:08:ca:88:57:43:b4:44:24:a5:8a:
06:4b:a1:46:dd:73:25:eb:fb:4f:66:7a:31:57:5c:cd:f8:79:
4c:04:cb:d5:75:7c:55:ce:85:aa:23:97:bd:36:1e:cc:92:78:
2f:3c:a7:f6:26:53:66:d0:df:7b:a6:f0:01:27:72:db:6a:b7:
05:3e:f6:c0:fc:30:da:2b:41:5a:2e:76:49:f2:09:6f:37:2a:
43:7f:02:37:9d:17:fd:88:0f:68:96:c1:51:d5:ca:cc:54:40:
ee:f8:e3:87:9a:a9:1b:9e:b9:b3:f2:b7:af:7f:70:b3:d4:81:
53:59:02:88:c8:46:81:86:24:7e:17:ca:39:b5:f8:33:4f:fd:
dd:eb:e8:30:cc:e9:9d:43:4d:0a:3b:70:c8:be:cc:44:a6:8b:
a7:3f:7e:87
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcxNjkxMTAvBgNVBAUTKDkwMEI4NzBDODBDMEVCM0Y4NDY4RjUzRTc2NzJGQTc0
MTc1MkM1RDUwHhcNMjMwMjAxMDgwNjM0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RhMWQ4YS05YTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA65V30mbwyeVwrLQAXaXW6SAp4o7Po91204TW2qhKQIj0j0fvJIdM2fnj4xQ3
7VGOr5UsigeMxE290c7m5tl0oaK4Nda/LQTZTJ+n6GUgfyZ8OxemjoFoM7G+oS/4
nXbjaJjWHICuSJlmCZJGL6DsZlSOYvf2Aeqb71MK7nrcTLagoLbhntVoihB++jz1
tC2nloCRmMGyyDndJTxO6972FcnRZDebg6ibQ6zA722ltcCKfFMi3D38gGqhlhrR
AmLIoE0XhscfBCBgvyC2KKiZFjQEzC6MG5HBIwlYIHp68AmT3plKHbqj/G2oalw4
2K+6+OAK015Ogmb7TlSOMZE4DwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLyYO6tu
G4EbDl/aKULX9nJvXoE2MB8GA1UdIwQYMBaAFJALhwyAwOs/hGj1PnZy+nQXUsXV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzE2OS81MDI2MDhCNEFE
OTAxMUU3OTI2N0ZGMEZDNEY5QUUwMi9rQXVIRElEQTZ6LUVhUFUtZG5MNmRCZFN4
ZFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBdUhESURBNnotRWFQVS1kbkw2ZEJkU3hkVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNjkvNTAyNjA4QjRBRDkwMTFFNzkyNjdGRjBGQzRGOUFFMDIvREREN0VCMEVE
NDY1MTFFQ0ExQTI3MDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnR5oDBABn6kowDQYJKoZIhvcNAQELBQADggEBAHg51fCH
RkaYZveG7ET4qNsz1DQlgWcp3M7EhUvOXRB2+glc7piMoVkbOJulAGFzz/czC6sl
ko6ViKMeLaOeBhjXgiuiuoNUU+BAQWEhWg1mDQXYD49+Ag0ZAsi1dKKmycR1CMqI
V0O0RCSligZLoUbdcyXr+09mejFXXM34eUwEy9V1fFXOhaojl702HsySeC88p/Ym
U2bQ33um8AEncttqtwU+9sD8MNorQVoudknyCW83KkN/AjedF/2ID2iWwVHVysxU
QO7444eaqRueubPyt69/cLPUgVNZAojIRoGGJH4Xyjm1+DNP/d3r6DDM6Z1DTQo7
cMi+zESmi6c/foc=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:25 2023 by rpki-client on console.sobornost.net