Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/388D892484FF11ED93CC760BC4F9AE02.roa
File: 388D892484FF11ED93CC760BC4F9AE02.roa (raw, json)
Hash identifier: yV/zLh4GMk3iSBxfftRBc5aFQFaK1muBp938IkV5mqU=
Subject key identifier: 59:55:E7:54:07:15:2B:4D:99:78:13:0A:9B:F9:C2:C3:40:1B:EF:82
Certificate issuer: /CN=A9165D52/serialNumber=2E71B8BA6305FFD48C131D0860AF2C1ACF6D22B6
Certificate serial: 02
Authority key identifier: 2E:71:B8:BA:63:05:FF:D4:8C:13:1D:08:60:AF:2C:1A:CF:6D:22:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnG4umMF_9SMEx0IYK8sGs9tIrY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/388D892484FF11ED93CC760BC4F9AE02.roa
Signing time: Mon 26 Dec 2022 09:25:22 +0000
ROA not before: Mon 26 Dec 2022 09:25:22 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 138638
IP address blocks: 103.49.100.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165D52/serialNumber=2E71B8BA6305FFD48C131D0860AF2C1ACF6D22B6
Validity
Not Before: Dec 26 09:25:22 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a96882-6c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4d:e1:0e:14:84:4f:a3:91:03:62:99:bc:0d:
66:6e:a0:f4:f2:32:7a:8a:f2:f0:48:b6:39:2e:d6:
76:8a:98:2d:e6:11:4f:fc:3c:e7:0a:e5:3b:e9:02:
12:35:ab:8d:41:19:af:ce:5e:33:c9:f6:0e:0a:ba:
42:91:c1:65:b5:35:31:9d:81:fc:ea:9f:57:cc:27:
5d:27:fb:4e:aa:4f:a2:6d:53:00:c3:53:87:a5:d4:
dc:ae:fd:0e:db:3d:82:7f:6f:03:a8:74:05:92:9e:
ca:8e:b0:17:12:68:55:d1:46:90:ad:8b:ad:4e:8b:
20:89:48:c2:cd:0e:44:03:34:99:f2:0b:79:f4:92:
ad:ba:82:bf:9d:6c:f0:07:29:12:23:3f:f9:6e:f5:
00:d5:5e:aa:f2:62:04:c9:7a:ff:10:90:e9:ed:97:
4c:1a:c8:bb:63:d7:c9:97:d9:24:c4:38:71:f1:d8:
3c:62:a7:d5:6b:df:c7:de:3e:4a:7f:be:af:1e:7e:
40:d0:5c:3a:82:63:81:b3:a8:ba:60:e7:d3:73:b3:
e9:cb:78:80:bb:46:90:e0:af:3c:57:1a:ce:8b:b1:
f6:7a:e0:6f:cb:78:0d:d3:ec:da:da:49:77:f8:10:
de:4f:8d:4a:d0:55:45:e8:c2:36:b2:61:51:3e:70:
ad:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:55:E7:54:07:15:2B:4D:99:78:13:0A:9B:F9:C2:C3:40:1B:EF:82
X509v3 Authority Key Identifier:
keyid:2E:71:B8:BA:63:05:FF:D4:8C:13:1D:08:60:AF:2C:1A:CF:6D:22:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/LnG4umMF_9SMEx0IYK8sGs9tIrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnG4umMF_9SMEx0IYK8sGs9tIrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/388D892484FF11ED93CC760BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.49.100.0/23
Signature Algorithm: sha256WithRSAEncryption
15:ed:af:21:ac:75:8a:ff:ff:e1:5d:f2:4e:5c:bf:9f:7d:24:
e5:f3:31:c1:82:70:f7:04:90:0c:40:aa:e3:95:69:2f:cf:1f:
ae:92:3e:09:fd:df:fd:a8:37:a1:03:1b:5c:a4:3a:73:82:5f:
02:4d:8d:fc:54:e0:b9:27:06:e9:68:ca:81:e9:26:30:df:60:
eb:00:eb:ae:bc:61:9d:2e:01:5b:5c:0e:dd:36:85:53:2d:51:
87:c3:5b:42:6f:28:50:25:9d:07:68:ee:01:20:cf:70:08:b4:
8d:ff:eb:78:df:a3:7f:d4:4c:e6:18:b9:17:85:be:03:cf:00:
01:c4:75:55:e5:ea:c5:d1:98:ed:07:f4:d0:08:16:c6:2e:25:
06:ae:41:b9:c1:ef:9c:d1:a3:77:cf:7c:03:5a:34:ca:37:df:
65:40:3f:00:8a:16:d5:fd:c4:ab:74:66:03:f0:da:56:31:8d:
de:ff:16:de:08:5c:a5:74:dd:d1:e0:ac:01:d7:31:11:0a:28:
f3:74:3d:b9:4c:b3:61:0b:8f:f9:67:d4:b7:ee:fc:c1:a3:f1:
0c:2c:da:1b:6a:c5:a1:33:a0:2e:77:00:88:3d:b0:60:2a:9e:
2e:78:e7:88:51:c6:66:8b:ef:26:cc:0e:cd:67:8d:69:28:66:
33:94:e4:b6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
NUQ1MjExMC8GA1UEBRMoMkU3MUI4QkE2MzA1RkZENDhDMTMxRDA4NjBBRjJDMUFD
RjZEMjJCNjAeFw0yMjEyMjYwOTI1MjJaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYTk2ODgyLTZjMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzTeEOFIRPo5EDYpm8DWZuoPTyMnqK8vBItjku1naKmC3mEU/8POcK5TvpAhI1
q41BGa/OXjPJ9g4KukKRwWW1NTGdgfzqn1fMJ10n+06qT6JtUwDDU4el1Nyu/Q7b
PYJ/bwOodAWSnsqOsBcSaFXRRpCti61OiyCJSMLNDkQDNJnyC3n0kq26gr+dbPAH
KRIjP/lu9QDVXqryYgTJev8QkOntl0wayLtj18mX2STEOHHx2Dxip9Vr38fePkp/
vq8efkDQXDqCY4GzqLpg59Nzs+nLeIC7RpDgrzxXGs6LsfZ64G/LeA3T7NraSXf4
EN5PjUrQVUXowjayYVE+cK19AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWVXnVAcV
K02ZeBMKm/nCw0Ab74IwHwYDVR0jBBgwFoAULnG4umMF/9SMEx0IYK8sGs9tIrYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1RDUyLzYxMkI2N0FDODRG
QTExRUQ4MEFDNEUxMEM0RjlBRTAyL0xuRzR1bU1GXzlTTUV4MElZSzhzR3M5dEly
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTG5HNHVtTUZfOVNNRXgwSVlLOHNHczl0SXJZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NUQ1Mi82MTJCNjdBQzg0RkExMUVEODBBQzRFMTBDNEY5QUUwMi8zODhEODkyNDg0
RkYxMUVEOTNDQzc2MEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcxZDANBgkqhkiG9w0BAQsFAAOCAQEAFe2vIax1iv//4V3y
Tly/n30k5fMxwYJw9wSQDECq45VpL88frpI+Cf3f/ag3oQMbXKQ6c4JfAk2N/FTg
uScG6WjKgekmMN9g6wDrrrxhnS4BW1wO3TaFUy1Rh8NbQm8oUCWdB2juASDPcAi0
jf/reN+jf9RM5hi5F4W+A88AAcR1VeXqxdGY7Qf00AgWxi4lBq5BucHvnNGjd898
A1o0yjffZUA/AIoW1f3Eq3RmA/DaVjGN3v8W3ghcpXTd0eCsAdcxEQoo83Q9uUyz
YQuP+WfUt+78waPxDCzaG2rFoTOgLncAiD2wYCqeLnjniFHGZovvJswOzWeNaShm
M5Tktg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org