Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/7134D1C8CC8711EC85E73563C4F9AE02.roa
File: 7134D1C8CC8711EC85E73563C4F9AE02.roa (raw, json)
Hash identifier: SMxKsnB4Tu0mUN2yUflJWUy3YrLLAZqe/wFWp08XfRk=
Subject key identifier: C5:8F:A8:E5:C9:93:20:BD:4A:0C:6D:9F:BC:69:22:65:FF:EA:5D:24
Certificate issuer: /CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Certificate serial: 1537
Authority key identifier: 90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/7134D1C8CC8711EC85E73563C4F9AE02.roa
Signing time: Thu 05 May 2022 15:24:24 +0000
ROA not before: Thu 05 May 2022 15:24:24 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 136933
IP address blocks: 103.71.152.0/24 maxlen: 24
103.71.154.0/24 maxlen: 24
103.234.72.0/24 maxlen: 24
103.234.74.0/24 maxlen: 24
103.234.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5431 (0x1537)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Validity
Not Before: May 5 15:24:24 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6273ec27-10a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:a2:82:8a:95:b7:90:bf:30:01:3f:82:c3:
ec:72:e8:6b:fd:44:2d:28:e4:0a:5f:80:5c:d6:64:
1e:cb:ab:6c:f3:1b:6d:29:c0:8c:f2:48:e5:49:34:
3d:87:c9:29:00:cd:b9:c6:52:68:6b:52:71:4b:e3:
ff:27:f5:b5:67:44:94:e8:40:c5:5d:ac:13:e9:5b:
c2:0e:e8:18:3a:de:dc:13:fb:67:4f:f5:3d:63:76:
48:13:0c:4c:ff:28:28:bb:36:06:d5:40:38:8a:de:
a7:1c:c8:d6:0d:c6:4f:72:88:38:64:19:ed:11:d7:
53:4f:bc:c2:62:07:e2:bf:e3:94:37:09:f3:0a:55:
3d:b2:47:43:7a:7c:04:cb:cf:20:5f:9e:a2:6c:38:
6a:20:9a:0e:6f:cc:22:67:f6:e9:85:b5:45:5a:25:
4b:24:d6:b5:d8:2f:76:60:85:e9:45:d1:c9:05:68:
d3:f6:42:66:c3:6f:ff:a8:4e:4b:4a:91:88:d9:04:
eb:f2:0d:86:e2:cc:0f:ab:57:ab:43:4d:0f:39:8c:
91:f6:46:25:8a:86:4c:46:33:f0:d8:a0:22:6f:ed:
78:0e:5c:76:bd:0d:41:70:c9:71:16:25:07:ca:31:
fb:58:40:c1:95:02:bc:80:28:73:25:99:30:78:e6:
9e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8F:A8:E5:C9:93:20:BD:4A:0C:6D:9F:BC:69:22:65:FF:EA:5D:24
X509v3 Authority Key Identifier:
keyid:90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/kAuHDIDA6z-EaPU-dnL6dBdSxdU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/7134D1C8CC8711EC85E73563C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.152.0/24
103.71.154.0/24
103.234.72.0/24
103.234.74.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:13:40:b7:f8:0e:c7:a0:f2:16:b8:b3:19:16:67:be:ef:11:
00:93:01:bc:ed:ac:97:cd:ed:2d:9f:ed:c5:5b:35:85:1c:9e:
7d:e5:8c:33:cc:66:e5:cd:a2:0c:ae:d6:b3:9c:7a:cd:4c:28:
26:30:11:24:71:46:f6:47:80:66:ba:40:59:d8:4a:f1:3a:a0:
b7:11:14:b7:b4:01:12:6e:7d:05:3b:6f:b6:53:4d:f6:98:c4:
0b:41:40:27:ce:1c:f5:44:85:41:fb:09:5c:f9:1e:6a:3f:10:
a6:3a:ed:64:66:27:2c:dc:ff:23:9f:58:db:7e:67:c7:2a:95:
5d:f2:25:40:f3:75:01:00:d1:61:16:5b:3e:25:e0:be:fc:39:
8e:68:da:5e:45:1d:c7:c4:0b:4e:cc:e2:5c:4d:0a:0b:cd:f2:
47:fa:a8:67:2f:6c:bf:c3:93:8e:cd:b9:d4:1f:d8:e2:19:4e:
92:20:8a:ca:da:4a:57:b2:99:05:13:98:0e:3f:6f:9c:c5:9d:
83:24:f6:96:20:47:5b:f6:59:90:3f:74:dc:e1:b6:f9:33:d4:
94:b8:90:07:9c:68:75:5b:df:7c:ee:ea:74:32:66:c8:6b:da:
4a:32:9c:e5:2b:7b:c3:e0:a6:44:ea:17:fa:87:8f:15:a5:f7:
c9:dc:c2:7d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcxNjkxMTAvBgNVBAUTKDkwMEI4NzBDODBDMEVCM0Y4NDY4RjUzRTc2NzJGQTc0
MTc1MkM1RDUwHhcNMjIwNTA1MTUyNDI0WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjczZWMyNy0xMGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsM+igoqVt5C/MAE/gsPscuhr/UQtKOQKX4Bc1mQey6ts8xttKcCM8kjlSTQ9
h8kpAM25xlJoa1JxS+P/J/W1Z0SU6EDFXawT6VvCDugYOt7cE/tnT/U9Y3ZIEwxM
/ygouzYG1UA4it6nHMjWDcZPcog4ZBntEddTT7zCYgfiv+OUNwnzClU9skdDenwE
y88gX56ibDhqIJoOb8wiZ/bphbVFWiVLJNa12C92YIXpRdHJBWjT9kJmw2//qE5L
SpGI2QTr8g2G4swPq1erQ00POYyR9kYlioZMRjPw2KAib+14Dlx2vQ1BcMlxFiUH
yjH7WEDBlQK8gChzJZkweOaevQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFMWPqOXJ
kyC9Sgxtn7xpImX/6l0kMB8GA1UdIwQYMBaAFJALhwyAwOs/hGj1PnZy+nQXUsXV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzE2OS81MDI2MDhCNEFE
OTAxMUU3OTI2N0ZGMEZDNEY5QUUwMi9rQXVIRElEQTZ6LUVhUFUtZG5MNmRCZFN4
ZFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBdUhESURBNnotRWFQVS1kbkw2ZEJkU3hkVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNjkvNTAyNjA4QjRBRDkwMTFFNzkyNjdGRjBGQzRGOUFFMDIvNzEzNEQxQzhD
Qzg3MTFFQzg1RTczNTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnR5gDBABnR5oDBABn6kgDBAFn6kowDQYJKoZIhvcNAQEL
BQADggEBAA4TQLf4Dseg8ha4sxkWZ77vEQCTAbztrJfN7S2f7cVbNYUcnn3ljDPM
ZuXNogyu1rOces1MKCYwESRxRvZHgGa6QFnYSvE6oLcRFLe0ARJufQU7b7ZTTfaY
xAtBQCfOHPVEhUH7CVz5Hmo/EKY67WRmJyzc/yOfWNt+Z8cqlV3yJUDzdQEA0WEW
Wz4l4L78OY5o2l5FHcfEC07M4lxNCgvN8kf6qGcvbL/Dk47NudQf2OIZTpIgisra
SleymQUTmA4/b5zFnYMk9pYgR1v2WZA/dNzhtvkz1JS4kAecaHVb33zu6nQyZshr
2koynOUre8PgpkTqF/qHjxWl98ncwn0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org