Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/9D2582BCB1D511EDBF3FCF85C4F9AE02.roa
File: 9D2582BCB1D511EDBF3FCF85C4F9AE02.roa (raw, json)
Hash identifier: ZSnRg9XbN7b3YFp85Q0J/KOfmB1POO+4rgiekHl3v1c=
Subject key identifier: 78:50:5D:DC:D7:19:8E:49:A7:26:7C:7F:8B:AE:0B:3E:B6:83:51:39
Certificate issuer: /CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Certificate serial: 0651
Authority key identifier: 49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/9D2582BCB1D511EDBF3FCF85C4F9AE02.roa
Signing time: Tue 21 Feb 2023 11:11:32 +0000
ROA not before: Tue 21 Feb 2023 11:11:32 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 12854
IP address blocks: 103.213.246.0/23 maxlen: 24
144.48.6.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1617 (0x651)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Validity
Not Before: Feb 21 11:11:32 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63f4a6e4-b9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:10:c8:7e:18:6e:18:7c:69:df:a6:8f:cf:
20:89:22:da:14:0c:b3:67:13:94:87:30:f7:5e:c7:
ad:85:6a:fb:57:4b:c0:81:a5:18:9f:63:d0:fa:a1:
66:b1:cf:78:1a:94:77:e1:97:3f:2a:6e:7c:d8:0f:
59:b5:73:e1:5c:a3:60:90:08:d1:12:c6:0e:b3:4b:
6c:7c:05:36:35:e4:bf:39:a9:d6:2f:1c:29:b4:2a:
29:bf:f5:5f:fd:ef:9a:0e:86:74:68:b9:42:80:0e:
ef:3e:3d:ef:ee:e7:6f:4a:dc:77:1b:cd:86:46:b1:
f8:0f:9e:6f:40:c8:73:19:81:cc:b8:fa:b2:50:36:
01:63:a9:dd:21:b9:dd:1a:ca:cf:0f:49:95:37:51:
b9:94:9b:9b:a1:35:70:72:b6:22:52:67:9e:85:3b:
c9:5a:4f:49:be:2e:7d:38:08:98:b8:c2:64:c6:14:
63:e9:91:89:97:cc:32:a1:a0:dc:fc:40:86:7c:86:
fe:d6:e1:59:f7:d9:2a:42:bc:0a:8f:46:32:3f:b2:
35:b0:38:1b:f2:9c:e5:2d:92:8c:c2:70:a6:32:51:
7b:f1:77:52:1d:f0:ca:a9:12:c0:4b:cf:f4:31:83:
fb:b3:db:45:c6:c4:1f:e8:03:68:e0:95:83:04:7b:
1f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:50:5D:DC:D7:19:8E:49:A7:26:7C:7F:8B:AE:0B:3E:B6:83:51:39
X509v3 Authority Key Identifier:
keyid:49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/SbWkZGPjorcKM0RgFOv0Dlye_nQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/9D2582BCB1D511EDBF3FCF85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.246.0/23
144.48.6.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:81:5a:3f:11:c8:95:bc:c8:26:89:14:e7:1b:74:4f:3e:15:
4a:48:a8:e3:55:a3:71:42:f4:66:0f:70:fd:1d:1f:07:75:ac:
e8:21:1a:61:51:6b:d7:4e:ca:ae:9a:ad:88:57:50:ca:93:11:
15:98:51:76:d7:73:38:d0:0e:7a:f0:c7:fd:89:1f:bf:f2:6e:
ff:48:bb:28:3b:ee:77:e9:01:9f:51:9d:b1:2c:60:7b:ad:39:
00:d0:83:f9:e5:fa:94:ee:ea:47:2c:df:9f:8f:ea:cc:c9:6a:
9a:a9:ef:c8:9f:d8:4c:51:91:16:cd:db:4d:9f:03:1a:4f:d3:
a9:1b:dd:5a:e6:c8:57:a0:b2:e0:a7:cb:25:80:72:f3:29:b1:
0e:f2:30:4c:fb:17:3a:29:79:ac:b9:34:68:fe:3e:72:82:35:
d7:2b:5b:d7:a7:f7:d0:94:ff:24:33:3a:54:d3:f3:13:40:c1:
24:0f:0a:fb:51:cf:f9:10:30:cf:30:be:c5:f4:d3:91:09:80:
5c:79:6d:a4:4e:57:4a:84:28:61:9e:f0:f0:49:87:80:db:db:
a2:32:63:7f:af:22:0a:8e:c2:76:73:0b:42:a8:13:57:26:7b:
1e:ff:6e:dd:f1:ad:0e:ce:67:05:32:5c:94:aa:c2:07:7d:c4:
7a:f3:09:81
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBlEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REExMEExMTAvBgNVBAUTKDQ5QjVBNDY0NjNFM0EyQjcwQTMzNDQ2MDE0RUJGNDBF
NUM5RUZFNzQwHhcNMjMwMjIxMTExMTMyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y0YTZlNC1iOWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhMQyH4Ybhh8ad+mj88giSLaFAyzZxOUhzD3XsethWr7V0vAgaUYn2PQ+qFm
sc94GpR34Zc/Km582A9ZtXPhXKNgkAjREsYOs0tsfAU2NeS/OanWLxwptCopv/Vf
/e+aDoZ0aLlCgA7vPj3v7udvStx3G82GRrH4D55vQMhzGYHMuPqyUDYBY6ndIbnd
GsrPD0mVN1G5lJuboTVwcrYiUmeehTvJWk9Jvi59OAiYuMJkxhRj6ZGJl8wyoaDc
/ECGfIb+1uFZ99kqQrwKj0YyP7I1sDgb8pzlLZKMwnCmMlF78XdSHfDKqRLAS8/0
MYP7s9tFxsQf6ANo4JWDBHsf9wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHhQXdzX
GY5JpyZ8f4uuCz62g1E5MB8GA1UdIwQYMBaAFEm1pGRj46K3CjNEYBTr9A5cnv50
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTEwQS9FMzQwMjA0Q0Yx
ODcxMUVBQjk3MzRCMUNDNEY5QUUwMi9TYldrWkdQam9yY0tNMFJnRk92MERseWVf
blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NiV2taR1Bqb3JjS00wUmdGT3YwRGx5ZV9uUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REExMEEvRTM0MDIwNENGMTg3MTFFQUI5NzM0QjFDQzRGOUFFMDIvOUQyNTgyQkNC
MUQ1MTFFREJGM0ZDRjg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFn1fYDBAGQMAYwDQYJKoZIhvcNAQELBQADggEBAHqBWj8R
yJW8yCaJFOcbdE8+FUpIqONVo3FC9GYPcP0dHwd1rOghGmFRa9dOyq6arYhXUMqT
ERWYUXbXczjQDnrwx/2JH7/ybv9Iuyg77nfpAZ9RnbEsYHutOQDQg/nl+pTu6kcs
35+P6szJapqp78if2ExRkRbN202fAxpP06kb3VrmyFegsuCnyyWAcvMpsQ7yMEz7
Fzopeay5NGj+PnKCNdcrW9en99CU/yQzOlTT8xNAwSQPCvtRz/kQMM8wvsX005EJ
gFx5baROV0qEKGGe8PBJh4Db26IyY3+vIgqOwnZzC0KoE1cmex7/bt3xrQ7OZwUy
XJSqwgd9xHrzCYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org