Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/CAD32576BFD111ECA4347934C4F9AE02.roa
File: CAD32576BFD111ECA4347934C4F9AE02.roa (raw, json)
Hash identifier: ZfZpnnypBCS5WysTX+JAcm9FqkbNyOlsr0kFvUzN/5o=
Subject key identifier: 1B:FE:43:82:4A:5C:DB:5E:70:38:42:CD:70:8B:54:93:8C:F4:8D:A1
Certificate issuer: /CN=A91B72D9/serialNumber=41E5DC2155069FF317E5EE38C75B7889C22197E3
Certificate serial: FD
Authority key identifier: 41:E5:DC:21:55:06:9F:F3:17:E5:EE:38:C7:5B:78:89:C2:21:97:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeXcIVUGn_MX5e44x1t4icIhl-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/CAD32576BFD111ECA4347934C4F9AE02.roa
Signing time: Fri 29 Apr 2022 21:53:15 +0000
ROA not before: Fri 29 Apr 2022 21:53:15 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 149414
IP address blocks: 103.178.220.0/24 maxlen: 24
103.178.221.0/24 maxlen: 24
2001:df0:3e40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253 (0xfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B72D9/serialNumber=41E5DC2155069FF317E5EE38C75B7889C22197E3
Validity
Not Before: Apr 29 21:53:15 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=626c5e4b-531d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9c:ee:f9:7e:20:91:7a:09:22:e0:e5:81:30:
ce:2e:da:da:22:b9:14:d5:f5:a6:4d:ad:2d:b1:fc:
a5:b4:16:dc:a9:d2:ef:50:5b:ef:6e:cc:af:de:39:
fb:aa:2a:7f:7d:22:3e:f9:eb:aa:64:58:7f:b5:04:
79:74:6f:1e:74:d6:77:39:4f:a2:2d:8b:ae:52:93:
19:ab:1d:d8:45:3b:c9:87:d2:cf:99:5b:81:ce:59:
c4:fd:d1:e7:bb:0e:67:eb:c7:e4:6f:3c:cb:42:5a:
ad:97:f0:df:fe:88:e2:bb:b8:43:f1:38:eb:e7:48:
3a:ee:42:c4:ed:7d:83:93:1d:ae:34:62:82:4c:ad:
a9:ab:e4:d1:ba:38:8d:15:24:39:9f:3f:96:94:d1:
86:36:5b:52:02:eb:5e:b1:8a:cb:a7:6a:66:b2:ba:
87:33:f1:c1:ee:2b:7f:9e:de:ae:6d:48:71:60:3e:
b9:8c:25:1d:5d:e6:af:94:59:68:b4:10:b4:41:a4:
9a:8e:22:9e:23:0d:ec:26:3d:a2:68:77:12:5b:b6:
af:03:f8:32:c8:30:53:ca:5d:cb:68:53:91:e8:7f:
e1:c8:41:d0:4d:8e:ff:d3:4c:de:2b:5e:51:69:fb:
af:24:8e:76:fe:df:e4:42:21:f9:a1:a5:5e:26:e8:
76:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FE:43:82:4A:5C:DB:5E:70:38:42:CD:70:8B:54:93:8C:F4:8D:A1
X509v3 Authority Key Identifier:
keyid:41:E5:DC:21:55:06:9F:F3:17:E5:EE:38:C7:5B:78:89:C2:21:97:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/QeXcIVUGn_MX5e44x1t4icIhl-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeXcIVUGn_MX5e44x1t4icIhl-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/CAD32576BFD111ECA4347934C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.220.0/23
IPv6:
2001:df0:3e40::/48
Signature Algorithm: sha256WithRSAEncryption
6d:74:26:04:dc:14:63:1b:f2:38:bc:bb:d6:f1:44:ba:ce:bc:
bf:5a:94:ee:b3:33:e6:85:bd:0c:14:9f:e8:5f:42:57:ca:01:
17:c2:d6:09:16:f6:1a:53:4a:9a:94:26:48:f3:02:a6:9a:6c:
3b:5c:70:d4:97:44:d0:ae:26:f3:c2:81:72:14:d3:4e:c1:99:
14:5b:73:48:36:86:4d:0f:6d:cf:f4:6c:1b:2b:7a:b3:5d:e7:
d1:03:78:a7:81:b7:14:c8:d7:d9:e9:ce:ed:9f:58:df:9a:d1:
22:ec:5f:53:53:53:d3:fc:a8:c1:38:85:49:21:45:91:f1:40:
08:a9:35:da:5a:50:49:70:8f:58:ba:e6:f1:6d:20:31:54:6d:
70:be:79:88:cc:c2:09:30:91:3f:95:87:7e:ec:1b:24:e3:d1:
d3:b0:ed:84:b5:db:6b:27:f3:a4:f2:e2:9b:50:ec:c2:6f:5f:
9c:a9:d1:7b:d2:63:9c:2b:4a:15:94:78:7f:ff:4e:07:7e:11:
1f:60:30:9f:d7:e3:50:32:0b:93:88:73:43:bb:99:37:ef:f0:
2d:d8:e5:66:0b:0c:91:44:fa:77:c9:5f:6c:90:01:0b:65:d9:
8a:0a:63:de:d0:37:f1:8f:94:69:36:04:ee:d0:66:ee:49:18:
2a:20:d2:4d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjcyRDkxMTAvBgNVBAUTKDQxRTVEQzIxNTUwNjlGRjMxN0U1RUUzOEM3NUI3ODg5
QzIyMTk3RTMwHhcNMjIwNDI5MjE1MzE1WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZjNWU0Yi01MzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJzu+X4gkXoJIuDlgTDOLtraIrkU1fWmTa0tsfyltBbcqdLvUFvvbsyv3jn7
qip/fSI++euqZFh/tQR5dG8edNZ3OU+iLYuuUpMZqx3YRTvJh9LPmVuBzlnE/dHn
uw5n68fkbzzLQlqtl/Df/ojiu7hD8Tjr50g67kLE7X2Dkx2uNGKCTK2pq+TRujiN
FSQ5nz+WlNGGNltSAutesYrLp2pmsrqHM/HB7it/nt6ubUhxYD65jCUdXeavlFlo
tBC0QaSajiKeIw3sJj2iaHcSW7avA/gyyDBTyl3LaFOR6H/hyEHQTY7/00zeK15R
afuvJI52/t/kQiH5oaVeJuh2eQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBv+Q4JK
XNtecDhCzXCLVJOM9I2hMB8GA1UdIwQYMBaAFEHl3CFVBp/zF+XuOMdbeInCIZfj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzJEOS9BQTIzRkE5NjY5
NzExMUVDQjYyNTkzMENDNEY5QUUwMi9RZVhjSVZVR25fTVg1ZTQ0eDF0NGljSWhs
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FlWGNJVlVHbl9NWDVlNDR4MXQ0aWNJaGwtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjcyRDkvQUEyM0ZBOTY2OTcxMTFFQ0I2MjU5MzBDQzRGOUFFMDIvQ0FEMzI1NzZC
RkQxMTFFQ0E0MzQ3OTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnstwwDwQCAAIwCQMHACABDfA+QDANBgkqhkiG9w0BAQsF
AAOCAQEAbXQmBNwUYxvyOLy71vFEus68v1qU7rMz5oW9DBSf6F9CV8oBF8LWCRb2
GlNKmpQmSPMCpppsO1xw1JdE0K4m88KBchTTTsGZFFtzSDaGTQ9tz/RsGyt6s13n
0QN4p4G3FMjX2enO7Z9Y35rRIuxfU1NT0/yowTiFSSFFkfFACKk12lpQSXCPWLrm
8W0gMVRtcL55iMzCCTCRP5WHfuwbJOPR07DthLXbayfzpPLim1Dswm9fnKnRe9Jj
nCtKFZR4f/9OB34RH2Awn9fjUDILk4hzQ7uZN+/wLdjlZgsMkUT6d8lfbJABC2XZ
igpj3tA38Y+UaTYE7tBm7kkYKiDSTQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org