Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/4D00F3149E6311ED919FF266C4F9AE02.roa
File: 4D00F3149E6311ED919FF266C4F9AE02.roa (raw, json)
Hash identifier: Hq5cfeKQ0OQEQP3YD7kqF6ESJUgMmnadbAxte5PlBN8=
Subject key identifier: 46:75:89:CD:C0:F4:6F:E4:69:B9:3D:6E:35:DF:DE:CC:59:5F:C7:F2
Certificate issuer: /CN=A91A8A52/serialNumber=712EB5A2D7069F18EE9C65F3B013271ADBF1F540
Certificate serial: 24
Authority key identifier: 71:2E:B5:A2:D7:06:9F:18:EE:9C:65:F3:B0:13:27:1A:DB:F1:F5:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cS61otcGnxjunGXzsBMnGtvx9UA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/4D00F3149E6311ED919FF266C4F9AE02.roa
Signing time: Fri 27 Jan 2023 16:54:45 +0000
ROA not before: Fri 27 Jan 2023 16:54:45 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150451
IP address blocks: 103.42.228.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36 (0x24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8A52/serialNumber=712EB5A2D7069F18EE9C65F3B013271ADBF1F540
Validity
Not Before: Jan 27 16:54:45 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63d401d5-4ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:53:de:90:94:e3:90:2e:fb:dc:48:98:1b:10:
ce:73:8e:e5:39:a2:8e:38:b6:8f:65:72:1a:b2:b4:
2e:72:3d:3a:9a:da:84:57:47:51:90:ff:7e:2e:2c:
c8:0f:3e:f6:d4:d3:79:d5:e6:e9:20:5f:3e:40:77:
0b:b8:7b:76:b1:68:c6:47:e3:26:76:7d:61:1d:0c:
d3:61:14:4a:9b:8a:9b:df:a8:fc:d4:bb:c2:fe:2d:
5d:f6:74:0e:42:f7:ba:6e:dd:c2:03:ce:1d:59:6f:
68:e3:2b:83:5c:a4:53:22:46:97:b0:3c:35:cc:8c:
7e:d9:1c:34:b5:47:2a:8b:de:fb:c5:25:ef:37:22:
31:bb:28:29:42:ff:88:9e:8a:59:7f:e0:5d:ef:a8:
89:b7:d5:24:8c:d4:2b:a9:f8:ca:cc:40:82:52:85:
42:e7:e0:88:00:04:ed:4f:48:57:75:5d:a1:33:1e:
70:77:07:69:1a:30:d7:fb:b8:46:05:2f:79:5e:73:
e2:fc:ca:8d:2e:04:f5:b3:4d:72:84:19:11:08:01:
e9:02:8b:37:ba:60:62:b0:da:ed:49:a4:4d:2a:f0:
b4:59:9b:1b:c1:9c:ba:51:93:60:ae:c2:71:c0:7f:
0c:26:ee:2a:1f:45:5b:e2:35:cd:ef:f3:0b:81:b3:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:75:89:CD:C0:F4:6F:E4:69:B9:3D:6E:35:DF:DE:CC:59:5F:C7:F2
X509v3 Authority Key Identifier:
keyid:71:2E:B5:A2:D7:06:9F:18:EE:9C:65:F3:B0:13:27:1A:DB:F1:F5:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/cS61otcGnxjunGXzsBMnGtvx9UA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cS61otcGnxjunGXzsBMnGtvx9UA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/4D00F3149E6311ED919FF266C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.228.0/23
Signature Algorithm: sha256WithRSAEncryption
50:49:5d:61:4e:8b:5c:e8:15:c1:df:da:ed:b3:ed:92:13:0b:
1d:ae:37:1d:71:eb:e6:bd:1d:b3:5b:c7:d3:6f:a7:69:ce:b2:
42:80:5c:4b:03:2c:e7:59:76:f6:e1:ad:f8:62:dc:a8:86:8f:
cb:19:97:d8:01:42:b8:3e:f2:92:23:a1:85:ba:6a:61:77:49:
b5:3c:c0:4c:7d:df:97:7b:62:1b:5b:e6:ad:4e:a4:41:ce:2f:
52:a3:52:f3:56:98:70:40:2e:bd:11:56:f1:7f:e9:2c:88:e0:
96:0d:bb:7c:9c:be:ce:72:8d:f2:bd:bf:03:30:f1:d7:7b:3a:
15:38:e2:3d:3c:21:6e:d5:37:4a:0c:db:28:07:9a:bf:00:8f:
8a:a5:d4:7c:99:f9:24:7c:4c:73:a1:61:f4:54:71:d3:aa:ab:
95:f8:87:d0:47:c6:9c:d7:4d:a9:19:0e:fa:d8:d7:c1:59:55:
fd:e7:56:60:a2:8d:52:12:12:a5:36:78:b6:f5:9b:3f:f5:b5:
c1:59:be:6f:5f:4f:b5:d9:22:98:52:9b:af:e3:77:85:06:96:
9c:0f:b2:f2:74:e1:40:e9:df:17:47:2e:ed:e1:83:cc:80:d3:
b8:b1:17:29:63:87:94:e8:92:62:fc:25:ba:f7:d2:8e:44:9c:
d4:79:b5:2f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
OEE1MjExMC8GA1UEBRMoNzEyRUI1QTJENzA2OUYxOEVFOUM2NUYzQjAxMzI3MUFE
QkYxRjU0MDAeFw0yMzAxMjcxNjU0NDVaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZDQwMWQ1LTRmZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1U96QlOOQLvvcSJgbEM5zjuU5oo44to9lchqytC5yPTqa2oRXR1GQ/34uLMgP
PvbU03nV5ukgXz5Adwu4e3axaMZH4yZ2fWEdDNNhFEqbipvfqPzUu8L+LV32dA5C
97pu3cIDzh1Zb2jjK4NcpFMiRpewPDXMjH7ZHDS1RyqL3vvFJe83IjG7KClC/4ie
ill/4F3vqIm31SSM1Cup+MrMQIJShULn4IgABO1PSFd1XaEzHnB3B2kaMNf7uEYF
L3lec+L8yo0uBPWzTXKEGREIAekCize6YGKw2u1JpE0q8LRZmxvBnLpRk2CuwnHA
fwwm7iofRVviNc3v8wuBs9MbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQURnWJzcD0
b+RpuT1uNd/ezFlfx/IwHwYDVR0jBBgwFoAUcS61otcGnxjunGXzsBMnGtvx9UAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE4QTUyL0ZCN0U0QkRFNzBC
NTExRUQ5M0YwREQxNkM0RjlBRTAyL2NTNjFvdGNHbnhqdW5HWHpzQk1uR3R2eDlV
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvY1M2MW90Y0dueGp1bkdYenNCTW5HdHZ4OVVBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
OEE1Mi9GQjdFNEJERTcwQjUxMUVEOTNGMEREMTZDNEY5QUUwMi80RDAwRjMxNDlF
NjMxMUVEOTE5RkYyNjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcq5DANBgkqhkiG9w0BAQsFAAOCAQEAUEldYU6LXOgVwd/a
7bPtkhMLHa43HXHr5r0ds1vH02+nac6yQoBcSwMs51l29uGt+GLcqIaPyxmX2AFC
uD7ykiOhhbpqYXdJtTzATH3fl3tiG1vmrU6kQc4vUqNS81aYcEAuvRFW8X/pLIjg
lg27fJy+znKN8r2/AzDx13s6FTjiPTwhbtU3SgzbKAeavwCPiqXUfJn5JHxMc6Fh
9FRx06qrlfiH0EfGnNdNqRkO+tjXwVlV/edWYKKNUhISpTZ4tvWbP/W1wVm+b19P
tdkimFKbr+N3hQaWnA+y8nThQOnfF0cu7eGDzIDTuLEXKWOHlOiSYvwluvfSjkSc
1Hm1Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org