Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6744/33E78FACDBAE11EAAD966723C4F9AE02/023BA3CADBAF11EAB44F9123C4F9AE02.roa
File: 023BA3CADBAF11EAB44F9123C4F9AE02.roa (raw, json)
Hash identifier: IQiYyCjAKlvYFEEqOKX7C/JX3XPiY5NBotllymFCkvU=
Subject key identifier: 2D:42:E2:F0:52:8B:41:26:91:CD:20:54:61:00:69:61:C1:38:69:60
Certificate issuer: /CN=A91C6744/serialNumber=963C20B7D3804DB801CAE2574C31D760D53D3344
Certificate serial: 046D
Authority key identifier: 96:3C:20:B7:D3:80:4D:B8:01:CA:E2:57:4C:31:D7:60:D5:3D:33:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ljwgt9OATbgByuJXTDHXYNU9M0Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6744/33E78FACDBAE11EAAD966723C4F9AE02/023BA3CADBAF11EAB44F9123C4F9AE02.roa
Signing time: Tue 01 Mar 2022 11:49:07 +0000
ROA not before: Tue 01 Mar 2022 11:49:07 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 132299
IP address blocks: 103.247.236.0/24 maxlen: 24
103.247.237.0/24 maxlen: 24
203.5.16.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1133 (0x46d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6744/serialNumber=963C20B7D3804DB801CAE2574C31D760D53D3344
Validity
Not Before: Mar 1 11:49:07 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=621e0833-074d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:84:cc:e5:55:ff:83:a7:c5:6d:62:6f:bf:84:
60:42:10:ce:a9:fe:28:26:98:af:09:71:42:45:e8:
8f:9e:30:51:a6:6b:a2:33:0b:62:93:d4:00:dc:d1:
95:42:20:1b:52:c6:b5:b0:03:be:07:a0:b0:9f:f6:
7b:da:62:3a:11:09:12:00:c9:28:73:1e:d2:d6:8f:
a1:9e:a3:fc:25:c0:75:1d:51:fe:ed:aa:27:c1:e4:
11:f1:ed:cb:9d:ee:f3:45:ca:75:be:5f:a8:a0:28:
dd:4c:7f:d9:39:76:23:92:d4:33:21:11:85:b2:b6:
44:ce:b1:77:89:af:f6:9f:31:91:c6:c1:12:cf:63:
92:1e:46:4a:f9:c7:cf:1f:ab:ce:f5:46:c6:62:d7:
b9:c5:45:d6:db:97:ab:b1:ca:9e:c4:7d:11:4b:c3:
a2:f7:f1:39:e3:39:78:21:3c:e2:2a:92:37:8b:c9:
1b:68:0f:b2:41:61:ca:84:cc:bb:eb:86:ed:d4:26:
90:6d:cf:6e:2e:76:f5:d3:a7:16:c5:71:f9:7f:97:
a5:ff:3c:83:e5:41:a9:45:f2:f0:34:47:55:46:0d:
59:6a:de:c9:a6:11:cd:56:fe:55:8f:62:8a:59:e0:
b6:bf:fd:58:38:62:ed:fa:92:5d:3b:09:a1:a2:91:
bc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:42:E2:F0:52:8B:41:26:91:CD:20:54:61:00:69:61:C1:38:69:60
X509v3 Authority Key Identifier:
keyid:96:3C:20:B7:D3:80:4D:B8:01:CA:E2:57:4C:31:D7:60:D5:3D:33:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6744/33E78FACDBAE11EAAD966723C4F9AE02/ljwgt9OATbgByuJXTDHXYNU9M0Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ljwgt9OATbgByuJXTDHXYNU9M0Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6744/33E78FACDBAE11EAAD966723C4F9AE02/023BA3CADBAF11EAB44F9123C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.247.236.0/23
203.5.16.0/23
Signature Algorithm: sha256WithRSAEncryption
47:71:60:b0:24:33:da:a2:a2:39:f5:48:68:2d:7a:11:d2:42:
bc:90:d4:fe:cd:5b:d6:5f:f0:8f:01:6a:2a:a7:19:21:5a:f7:
89:c8:66:1c:bf:ac:3f:51:13:a8:78:7c:10:b4:66:e0:04:fd:
75:2b:10:8f:27:8d:40:e4:1f:88:ed:54:69:26:26:f5:7c:55:
6d:c4:90:c6:2f:68:3d:b7:14:5b:e9:35:6e:75:b3:99:ed:c0:
9f:62:c9:76:26:38:ec:62:56:5a:f3:d8:09:5c:8b:5d:03:e7:
ff:2d:c5:10:48:56:35:40:3f:4d:4d:63:ee:af:f2:bd:74:3d:
0e:60:d5:a5:7c:ec:81:e1:94:cd:6b:68:86:3f:68:f6:98:ec:
30:05:00:47:e2:16:79:6d:b8:65:5e:c2:11:51:70:f1:d5:21:
71:13:7e:64:95:a7:48:c3:a7:fc:95:bc:ee:36:dc:b3:80:52:
38:bb:64:f3:77:e8:39:4b:60:95:be:a9:5f:54:d3:5f:95:2f:
59:9b:f4:8d:45:4c:95:26:a2:6a:c5:70:1b:00:10:12:c4:ce:
c2:54:ca:88:54:12:2e:52:22:3f:28:5d:24:c1:b5:58:32:52:
b3:1f:d0:de:a5:9c:cc:d7:c4:8c:5c:8f:8e:41:fa:9d:7e:3e:
6f:bc:32:c7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY3NDQxMTAvBgNVBAUTKDk2M0MyMEI3RDM4MDREQjgwMUNBRTI1NzRDMzFENzYw
RDUzRDMzNDQwHhcNMjIwMzAxMTE0OTA3WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFlMDgzMy0wNzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApITM5VX/g6fFbWJvv4RgQhDOqf4oJpivCXFCReiPnjBRpmuiMwtik9QA3NGV
QiAbUsa1sAO+B6Cwn/Z72mI6EQkSAMkocx7S1o+hnqP8JcB1HVH+7aonweQR8e3L
ne7zRcp1vl+ooCjdTH/ZOXYjktQzIRGFsrZEzrF3ia/2nzGRxsESz2OSHkZK+cfP
H6vO9UbGYte5xUXW25erscqexH0RS8Oi9/E54zl4ITziKpI3i8kbaA+yQWHKhMy7
64bt1CaQbc9uLnb106cWxXH5f5el/zyD5UGpRfLwNEdVRg1Zat7JphHNVv5Vj2KK
WeC2v/1YOGLt+pJdOwmhopG8PQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC1C4vBS
i0Emkc0gVGEAaWHBOGlgMB8GA1UdIwQYMBaAFJY8ILfTgE24AcriV0wx12DVPTNE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjc0NC8zM0U3OEZBQ0RC
QUUxMUVBQUQ5NjY3MjNDNEY5QUUwMi9sandndDlPQVRiZ0J5dUpYVERIWFlOVTlN
MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xqd2d0OU9BVGJnQnl1SlhUREhYWU5VOU0wUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY3NDQvMzNFNzhGQUNEQkFFMTFFQUFEOTY2NzIzQzRGOUFFMDIvMDIzQkEzQ0FE
QkFGMTFFQUI0NEY5MTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFn9+wDBAHLBRAwDQYJKoZIhvcNAQELBQADggEBAEdxYLAk
M9qiojn1SGgtehHSQryQ1P7NW9Zf8I8BaiqnGSFa94nIZhy/rD9RE6h4fBC0ZuAE
/XUrEI8njUDkH4jtVGkmJvV8VW3EkMYvaD23FFvpNW51s5ntwJ9iyXYmOOxiVlrz
2Alci10D5/8txRBIVjVAP01NY+6v8r10PQ5g1aV87IHhlM1raIY/aPaY7DAFAEfi
FnltuGVewhFRcPHVIXETfmSVp0jDp/yVvO423LOAUji7ZPN36DlLYJW+qV9U01+V
L1mb9I1FTJUmomrFcBsAEBLEzsJUyohUEi5SIj8oXSTBtVgyUrMf0N6lnMzXxIxc
j45B+p1+Pm+8Msc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org