Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91954C1/50C6E732E84011EA8A6B9980C4F9AE02/BD644342E84C11EA96A88328C4F9AE02.roa
File: BD644342E84C11EA96A88328C4F9AE02.roa (raw, json)
Hash identifier: YqTM33x+AUazNmrJWg3UwQq/MrHWQ/95BTn2PzKTH2s=
Subject key identifier: 91:77:E2:88:66:BB:52:69:39:47:6A:47:A0:AF:58:32:40:9B:71:80
Certificate issuer: /CN=A91954C1/serialNumber=4531A273C2C4EA68B67B98ADE55B4623EF9375A4
Certificate serial: 063A
Authority key identifier: 45:31:A2:73:C2:C4:EA:68:B6:7B:98:AD:E5:5B:46:23:EF:93:75:A4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RTGic8LE6mi2e5it5VtGI--TdaQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91954C1/50C6E732E84011EA8A6B9980C4F9AE02/BD644342E84C11EA96A88328C4F9AE02.roa
Signing time: Wed 18 Jan 2023 23:29:35 +0000
ROA not before: Wed 18 Jan 2023 23:29:35 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 131314
IP address blocks: 103.28.144.0/22 maxlen: 22
2403:cc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1594 (0x63a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91954C1/serialNumber=4531A273C2C4EA68B67B98ADE55B4623EF9375A4
Validity
Not Before: Jan 18 23:29:35 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63c880df-a873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:bd:d0:70:48:ad:12:6f:4f:bd:f8:73:4b:
7a:6f:9a:2f:eb:fa:11:73:3a:3c:a9:e9:c1:04:1b:
fc:ab:f3:cb:bd:02:a0:2c:66:dd:b3:ce:cc:b2:ea:
2c:f6:e3:04:ac:dd:bf:50:1b:d8:45:8c:b6:4e:69:
f4:53:2d:57:50:0a:a6:11:b0:35:19:11:1f:1f:22:
f7:eb:05:9e:cd:e1:70:47:81:47:51:56:26:4a:4f:
ed:31:e9:00:e3:09:64:fd:31:cb:83:5f:2b:61:aa:
fb:48:4d:a0:ea:1f:a8:05:92:98:1e:b8:75:d1:22:
23:78:3b:9f:d3:8d:db:79:6e:5b:07:76:09:44:ac:
74:4a:a7:84:81:6b:28:dd:c7:0a:2d:f4:70:ef:c9:
e1:06:51:06:d5:87:75:8a:77:3a:e8:35:c4:ef:cb:
2e:51:aa:51:a0:11:48:e1:75:98:43:95:7d:dc:ce:
0f:06:db:1d:c8:97:70:ca:e9:10:96:8d:91:9b:fb:
3d:75:f1:da:db:b8:03:e2:1e:2c:30:6b:60:32:4c:
bb:6e:27:c9:33:e2:3e:19:f1:85:9d:ab:59:7b:91:
2f:7a:25:99:c1:6c:a1:97:52:7d:38:08:f2:db:9e:
52:fb:b4:f5:0d:d5:83:bb:7f:e3:52:77:93:27:aa:
3c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:77:E2:88:66:BB:52:69:39:47:6A:47:A0:AF:58:32:40:9B:71:80
X509v3 Authority Key Identifier:
keyid:45:31:A2:73:C2:C4:EA:68:B6:7B:98:AD:E5:5B:46:23:EF:93:75:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91954C1/50C6E732E84011EA8A6B9980C4F9AE02/RTGic8LE6mi2e5it5VtGI--TdaQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RTGic8LE6mi2e5it5VtGI--TdaQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91954C1/50C6E732E84011EA8A6B9980C4F9AE02/BD644342E84C11EA96A88328C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.28.144.0/22
IPv6:
2403:cc0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:80:b0:4e:0b:d9:d8:92:8f:0a:db:7d:b1:b0:67:97:9c:e1:
a7:97:37:40:7f:b5:f0:8a:24:96:f8:30:bb:55:b0:ca:55:e6:
f9:be:06:5a:6f:b4:7a:23:73:98:f4:cb:17:9b:21:89:0a:cc:
7f:06:31:cd:a5:f4:88:46:c8:99:63:2e:b7:56:d6:e9:14:c9:
0d:71:1f:40:ce:b9:75:a6:b7:cd:71:d0:7d:da:96:50:ff:42:
36:73:9d:28:20:1e:b8:43:f1:98:ef:05:4e:53:21:a1:cb:93:
1b:cb:0a:3d:31:d1:03:cd:ca:ec:52:f2:04:b2:92:30:14:ff:
c5:aa:92:40:0b:97:b5:9e:96:b7:08:b7:c1:04:cc:c6:33:44:
9b:9e:ce:16:11:f0:a5:06:85:fe:c8:42:1e:1f:3f:e6:48:76:
8d:78:e5:ea:32:f6:da:91:7b:9c:d9:a1:d9:3a:cb:ea:8a:11:
05:08:80:57:bd:3c:1f:c0:b3:83:7d:ea:f7:63:53:1b:1c:3b:
4f:9c:f8:af:79:44:ab:5d:57:10:de:af:f9:47:ff:1e:bd:ce:
33:fc:d4:56:fd:f4:c4:0b:5f:a5:ff:33:b9:80:63:2d:b0:0f:
c5:93:f0:97:bf:f4:e4:20:4d:c0:e7:43:5d:1d:61:e5:33:8a:
e1:49:20:3e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU0QzExMTAvBgNVBAUTKDQ1MzFBMjczQzJDNEVBNjhCNjdCOThBREU1NUI0NjIz
RUY5Mzc1QTQwHhcNMjMwMTE4MjMyOTM1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M4ODBkZi1hODczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvBu90HBIrRJvT734c0t6b5ov6/oRczo8qenBBBv8q/PLvQKgLGbds87Msuos
9uMErN2/UBvYRYy2Tmn0Uy1XUAqmEbA1GREfHyL36wWezeFwR4FHUVYmSk/tMekA
4wlk/THLg18rYar7SE2g6h+oBZKYHrh10SIjeDuf043beW5bB3YJRKx0SqeEgWso
3ccKLfRw78nhBlEG1Yd1inc66DXE78suUapRoBFI4XWYQ5V93M4PBtsdyJdwyukQ
lo2Rm/s9dfHa27gD4h4sMGtgMky7bifJM+I+GfGFnatZe5EveiWZwWyhl1J9OAjy
255S+7T1DdWDu3/jUneTJ6o8EwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJF34ohm
u1JpOUdqR6CvWDJAm3GAMB8GA1UdIwQYMBaAFEUxonPCxOpotnuYreVbRiPvk3Wk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTRDMS81MEM2RTczMkU4
NDAxMUVBOEE2Qjk5ODBDNEY5QUUwMi9SVEdpYzhMRTZtaTJlNWl0NVZ0R0ktLVRk
YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JUR2ljOExFNm1pMmU1aXQ1VnRHSS0tVGRhUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU0QzEvNTBDNkU3MzJFODQwMTFFQThBNkI5OTgwQzRGOUFFMDIvQkQ2NDQzNDJF
ODRDMTFFQTk2QTg4MzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnHJAwDQQCAAIwBwMFACQDDMAwDQYJKoZIhvcNAQELBQAD
ggEBAGyAsE4L2diSjwrbfbGwZ5ec4aeXN0B/tfCKJJb4MLtVsMpV5vm+BlpvtHoj
c5j0yxebIYkKzH8GMc2l9IhGyJljLrdW1ukUyQ1xH0DOuXWmt81x0H3allD/QjZz
nSggHrhD8ZjvBU5TIaHLkxvLCj0x0QPNyuxS8gSykjAU/8WqkkALl7WelrcIt8EE
zMYzRJuezhYR8KUGhf7IQh4fP+ZIdo145eoy9tqRe5zZodk6y+qKEQUIgFe9PB/A
s4N96vdjUxscO0+c+K95RKtdVxDer/lH/x69zjP81Fb99MQLX6X/M7mAYy2wD8WT
8Je/9OQgTcDnQ10dYeUziuFJID4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org