Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6CB6/2A4F575EFE1411E981C26559C4F9AE02/AB5AE8BCCCEA11EBAB17776BC4F9AE02.roa
File: AB5AE8BCCCEA11EBAB17776BC4F9AE02.roa (raw, json)
Hash identifier: CdedoHVG8n75HT5PGYYAalwQQZcfS4kBQGdrnDKCb0Q=
Subject key identifier: DE:95:89:CF:75:40:77:89:FF:B4:F1:92:8F:CB:B7:94:B0:94:DD:8E
Certificate issuer: /CN=A91C6CB6/serialNumber=523370A81A6E514618AE7CA9795FDD110B350E37
Certificate serial: 0B1B
Authority key identifier: 52:33:70:A8:1A:6E:51:46:18:AE:7C:A9:79:5F:DD:11:0B:35:0E:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjNwqBpuUUYYrnypeV_dEQs1Djc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6CB6/2A4F575EFE1411E981C26559C4F9AE02/AB5AE8BCCCEA11EBAB17776BC4F9AE02.roa
Signing time: Fri 21 Jul 2023 04:31:40 +0000
ROA not before: Fri 21 Jul 2023 04:31:40 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 137482
IP address blocks: 103.110.56.0/24 maxlen: 24
103.110.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2843 (0xb1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6CB6/serialNumber=523370A81A6E514618AE7CA9795FDD110B350E37
Validity
Not Before: Jul 21 04:31:40 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64ba0a2c-7ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a7:0e:9c:35:66:b1:8a:06:56:8e:48:1f:f0:
6e:b4:1b:04:d4:08:67:4e:56:5c:9f:7f:f3:86:c8:
c3:d1:29:5e:c1:44:69:91:7d:17:97:47:94:ae:38:
94:75:8e:a0:7c:b8:a8:91:5c:58:b4:da:b2:2e:93:
1a:3e:b3:02:80:65:31:cf:2b:2e:3c:61:c2:61:06:
ec:68:12:99:0d:da:e0:17:3b:29:fc:89:d4:c3:e8:
12:c3:fb:2a:e8:7a:db:ed:4f:0e:de:79:58:dc:32:
c9:e7:0c:3b:13:ef:d6:7c:7f:8f:5f:af:c9:65:fa:
f5:7f:a6:1b:bb:de:e3:13:12:7f:55:53:14:ea:70:
ce:22:dc:c6:99:7a:22:30:0a:4b:d3:ac:b5:e1:82:
ab:13:7e:72:ae:1d:51:7d:9c:a6:e1:05:bd:8e:cf:
85:d2:cd:1d:0e:b5:e2:6e:00:97:0b:45:7b:6f:1c:
ef:df:4e:e1:23:07:fe:5c:37:6d:e0:62:06:84:c6:
d5:c1:21:35:3e:74:ff:c6:ae:0e:18:05:7e:80:15:
0a:b8:dd:12:1e:bb:e8:9f:a2:9a:25:6b:e5:a3:84:
bd:de:57:7d:f3:ca:80:a1:f9:45:d9:c6:77:ac:b9:
1d:ef:a3:83:3f:9e:db:75:95:41:bc:bb:4b:e8:47:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:95:89:CF:75:40:77:89:FF:B4:F1:92:8F:CB:B7:94:B0:94:DD:8E
X509v3 Authority Key Identifier:
keyid:52:33:70:A8:1A:6E:51:46:18:AE:7C:A9:79:5F:DD:11:0B:35:0E:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6CB6/2A4F575EFE1411E981C26559C4F9AE02/UjNwqBpuUUYYrnypeV_dEQs1Djc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjNwqBpuUUYYrnypeV_dEQs1Djc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6CB6/2A4F575EFE1411E981C26559C4F9AE02/AB5AE8BCCCEA11EBAB17776BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.56.0/24
103.110.59.0/24
Signature Algorithm: sha256WithRSAEncryption
65:22:bb:fc:32:61:92:7f:b2:c9:e7:87:0e:00:80:4d:a2:24:
97:15:1f:53:6f:82:57:82:16:24:48:f3:c5:f1:60:51:6d:a5:
13:67:4f:5f:f8:cc:9d:09:97:ab:c2:cc:09:8c:74:fb:9a:cb:
f1:d9:3f:65:f8:8c:84:23:a8:b7:00:41:9d:cd:58:0e:23:fc:
21:0e:01:1c:db:9e:82:35:ea:ef:8d:84:2f:c7:02:3d:5f:9f:
43:7f:35:cd:a5:50:42:21:f6:29:53:fe:49:27:ab:b6:06:29:
0e:f8:60:0a:0c:fe:51:95:82:d9:d3:1d:42:25:c6:bd:f4:bf:
35:54:35:6b:bf:d9:b9:3d:d3:20:ac:c0:f1:05:77:f5:2f:b5:
59:d3:8f:84:0d:c4:24:22:f8:a0:62:8d:6c:c4:17:56:69:63:
1f:86:0d:4d:a2:92:2b:1a:ed:1d:68:78:65:3e:c6:20:9d:12:
c6:58:51:14:e3:74:81:8e:22:8c:dd:c0:df:15:38:86:e4:dc:
33:1c:61:75:08:c2:97:72:89:71:58:10:c7:15:e5:40:e0:30:
ce:d6:b7:be:2d:22:4f:64:4c:fc:74:1b:8a:89:f0:e7:86:ae:
85:9b:7d:b1:b9:36:f3:d9:30:fd:86:34:8b:f5:67:83:56:21:
18:13:22:16
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCxswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZDQjYxMTAvBgNVBAUTKDUyMzM3MEE4MUE2RTUxNDYxOEFFN0NBOTc5NUZERDEx
MEIzNTBFMzcwHhcNMjMwNzIxMDQzMTQwWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NGJhMGEyYy03ZWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlKcOnDVmsYoGVo5IH/ButBsE1AhnTlZcn3/zhsjD0SlewURpkX0Xl0eUrjiU
dY6gfLiokVxYtNqyLpMaPrMCgGUxzysuPGHCYQbsaBKZDdrgFzsp/InUw+gSw/sq
6Hrb7U8O3nlY3DLJ5ww7E+/WfH+PX6/JZfr1f6Ybu97jExJ/VVMU6nDOItzGmXoi
MApL06y14YKrE35yrh1RfZym4QW9js+F0s0dDrXibgCXC0V7bxzv307hIwf+XDdt
4GIGhMbVwSE1PnT/xq4OGAV+gBUKuN0SHrvon6KaJWvlo4S93ld988qAoflF2cZ3
rLkd76ODP57bdZVBvLtL6EcK2QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN6Vic91
QHeJ/7Txko/Lt5SwlN2OMB8GA1UdIwQYMBaAFFIzcKgablFGGK58qXlf3RELNQ43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkNCNi8yQTRGNTc1RUZF
MTQxMUU5ODFDMjY1NTlDNEY5QUUwMi9Vak53cUJwdVVVWVlybnlwZVZfZEVRczFE
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VqTndxQnB1VVVZWXJueXBlVl9kRVFzMURqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZDQjYvMkE0RjU3NUVGRTE0MTFFOTgxQzI2NTU5QzRGOUFFMDIvQUI1QUU4QkND
Q0VBMTFFQkFCMTc3NzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnbjgDBABnbjswDQYJKoZIhvcNAQELBQADggEBAGUiu/wy
YZJ/ssnnhw4AgE2iJJcVH1NvgleCFiRI88XxYFFtpRNnT1/4zJ0Jl6vCzAmMdPua
y/HZP2X4jIQjqLcAQZ3NWA4j/CEOARzbnoI16u+NhC/HAj1fn0N/Nc2lUEIh9ilT
/kknq7YGKQ74YAoM/lGVgtnTHUIlxr30vzVUNWu/2bk90yCswPEFd/UvtVnTj4QN
xCQi+KBijWzEF1ZpYx+GDU2ikisa7R1oeGU+xiCdEsZYURTjdIGOIozdwN8VOIbk
3DMcYXUIwpdyiXFYEMcV5UDgMM7Wt74tIk9kTPx0G4qJ8OeGroWbfbG5NvPZMP2G
NIv1Z4NWIRgTIhY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org