Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/5A992A32F6B611ECA8E02D58C4F9AE02.roa
File: 5A992A32F6B611ECA8E02D58C4F9AE02.roa (raw, json)
Hash identifier: Lc+qnAwRRd2GvfBqmBmg3emfdzXeS50rLXkqmxqDbvQ=
Subject key identifier: 4F:28:44:58:91:7A:96:4F:13:84:0F:B2:2E:4F:F2:C5:18:50:B0:67
Certificate issuer: /CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
Certificate serial: 0820
Authority key identifier: 76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/5A992A32F6B611ECA8E02D58C4F9AE02.roa
Signing time: Tue 28 Jun 2022 07:46:01 +0000
ROA not before: Tue 28 Jun 2022 07:46:01 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 55492
IP address blocks: 103.136.158.0/23 maxlen: 23
103.136.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2080 (0x820)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
Validity
Not Before: Jun 28 07:46:01 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=62bab1b8-932c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:4c:4a:4c:23:17:56:9a:98:d2:ab:93:27:
4c:ff:6e:cb:80:70:9d:76:f7:7c:f5:30:90:3f:79:
ea:55:b0:e8:03:19:61:59:a2:de:18:78:d4:b8:67:
72:19:27:2d:20:5f:33:3f:cb:c9:d3:da:74:04:54:
d6:2e:3e:6c:ff:0a:da:7f:4d:8d:63:ca:36:fd:d9:
9f:f4:44:0e:cf:65:01:bb:94:5a:69:d3:8b:46:77:
38:15:ac:08:88:6f:b5:65:43:9c:70:17:4a:e5:2f:
0a:a8:87:2d:6b:dd:9d:39:32:b7:20:ea:5c:94:0e:
e3:97:04:74:61:15:c1:f4:05:e7:91:44:3e:c4:37:
51:e2:ef:aa:eb:31:fc:e6:cc:51:0c:28:93:45:28:
5b:b9:a3:d7:01:fd:1c:ba:37:b4:29:a0:31:8c:37:
6b:ea:58:6f:6c:4c:39:48:9a:32:8b:2a:a8:42:3a:
8d:ea:4c:4e:2b:a7:3f:39:55:b2:19:2c:ec:a8:9b:
7d:a7:ad:16:ff:5e:a2:2e:2a:6d:90:8d:be:bf:ce:
85:20:7f:1f:13:fa:84:57:3c:50:9a:ab:b2:fb:a3:
88:87:8e:31:de:c2:38:4f:b1:ab:40:8d:d9:6c:5d:
37:31:2d:58:c3:90:57:a7:53:a7:ad:75:06:b7:ab:
ed:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:28:44:58:91:7A:96:4F:13:84:0F:B2:2E:4F:F2:C5:18:50:B0:67
X509v3 Authority Key Identifier:
keyid:76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/5A992A32F6B611ECA8E02D58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.158.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:3b:9b:13:97:ae:74:a3:5c:df:4d:4e:4b:11:53:55:f5:fc:
d1:79:09:3d:63:8c:fb:c5:9d:b2:2e:36:18:48:88:b0:46:c5:
37:bc:0d:d3:99:56:51:06:75:a3:53:2a:85:58:80:01:ff:a9:
32:de:31:81:03:d2:d3:43:48:c1:c7:43:58:68:9c:1d:82:33:
95:55:ef:f1:93:2d:d2:8a:e6:1b:73:b0:df:af:11:16:cd:ee:
c2:0a:27:25:3f:4d:7d:fc:6c:38:07:7c:73:52:dd:1d:fc:5b:
ae:89:da:6f:a1:9e:a2:c5:d7:62:4d:c0:83:10:24:08:ee:e4:
c2:e3:53:fa:61:d0:91:99:35:83:c5:c3:cc:59:1d:83:eb:92:
fd:2d:ab:68:82:d1:92:de:3d:3b:aa:d1:90:34:24:f6:49:7f:
64:bf:85:89:6b:1c:e6:7d:33:fc:3e:dd:f1:34:60:42:98:74:
fd:14:8b:b0:b9:d0:3a:98:a2:be:cc:fe:b3:38:fe:1c:a3:8f:
b4:77:cd:a6:9d:45:58:0a:2c:0b:8c:e2:8a:a9:d7:54:fb:04:
ba:de:17:8a:ec:67:57:e7:ee:08:d4:b6:40:b7:37:12:20:10:
a1:17:18:e0:7c:72:be:02:c1:90:be:9e:4a:1a:a1:5e:69:f5:
9f:6e:cb:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUU2Q0ExMTAvBgNVBAUTKDc2QjlEMzM5RkFDRDYyQjQ3RTkzRTg4ODRERTg1MDM5
NkRCQ0VGQjQwHhcNMjIwNjI4MDc0NjAxWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJhYjFiOC05MzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyDxMSkwjF1aamNKrkydM/27LgHCddvd89TCQP3nqVbDoAxlhWaLeGHjUuGdy
GSctIF8zP8vJ09p0BFTWLj5s/wraf02NY8o2/dmf9EQOz2UBu5RaadOLRnc4FawI
iG+1ZUOccBdK5S8KqIcta92dOTK3IOpclA7jlwR0YRXB9AXnkUQ+xDdR4u+q6zH8
5sxRDCiTRShbuaPXAf0cuje0KaAxjDdr6lhvbEw5SJoyiyqoQjqN6kxOK6c/OVWy
GSzsqJt9p60W/16iLiptkI2+v86FIH8fE/qEVzxQmquy+6OIh44x3sI4T7GrQI3Z
bF03MS1Yw5BXp1OnrXUGt6vtkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFE8oRFiR
epZPE4QPsi5P8sUYULBnMB8GA1UdIwQYMBaAFHa50zn6zWK0fpPoiE3oUDltvO+0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTZDQS83NDA5QjQ3QTRG
QzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTllyUi1rLWlJVGVoUU9XMjg3
N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RyblRPZnJOWXJSLWstaUlUZWhRT1cyODc3US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUU2Q0EvNzQwOUI0N0E0RkM3MTFFQThFNDZENDE1QzRGOUFFMDIvNUE5OTJBMzJG
NkI2MTFFQ0E4RTAyRDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFniJ4wDQYJKoZIhvcNAQELBQADggEBAEo7mxOXrnSjXN9N
TksRU1X1/NF5CT1jjPvFnbIuNhhIiLBGxTe8DdOZVlEGdaNTKoVYgAH/qTLeMYED
0tNDSMHHQ1honB2CM5VV7/GTLdKK5htzsN+vERbN7sIKJyU/TX38bDgHfHNS3R38
W66J2m+hnqLF12JNwIMQJAju5MLjU/ph0JGZNYPFw8xZHYPrkv0tq2iC0ZLePTuq
0ZA0JPZJf2S/hYlrHOZ9M/w+3fE0YEKYdP0Ui7C50DqYor7M/rM4/hyjj7R3zaad
RVgKLAuM4oqp11T7BLreF4rsZ1fn7gjUtkC3NxIgEKEXGOB8cr4CwZC+nkoaoV5p
9Z9uy5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org