Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/E1A2CE76FE9111EA8332731CC4F9AE02.roa
File: E1A2CE76FE9111EA8332731CC4F9AE02.roa (raw, json)
Hash identifier: 2cK+vrelnHTJROv4ImZqdVT9VD9S3iETx7hAz2z3Wo8=
Subject key identifier: 14:12:3C:3B:CA:30:A2:7B:71:2D:5F:1C:0B:B1:BF:54:C4:6B:9B:89
Certificate issuer: /CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Certificate serial: 04D2
Authority key identifier: 49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/E1A2CE76FE9111EA8332731CC4F9AE02.roa
Signing time: Wed 11 May 2022 11:51:16 +0000
ROA not before: Wed 11 May 2022 11:51:16 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 18013
IP address blocks: 103.213.246.0/24 maxlen: 24
144.48.6.0/24 maxlen: 24
144.48.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1234 (0x4d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Validity
Not Before: May 11 11:51:16 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=627ba334-113b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:46:df:33:c5:d8:75:0a:ae:1b:25:1b:7c:07:
02:9b:66:d8:b3:6d:95:fb:7d:ed:21:f7:68:99:3d:
09:d8:8b:0e:70:c9:ed:01:2d:a6:c3:84:4c:eb:0c:
d1:ce:ce:bf:1e:e8:53:ce:aa:09:3b:ee:72:c8:83:
04:3d:1a:2e:9c:78:3e:17:28:cf:0e:b3:11:d1:fb:
73:c7:c9:00:52:dc:3b:48:b9:1a:d5:0d:58:1a:22:
88:2a:1c:f3:4c:d7:12:d0:af:f0:26:60:35:a3:53:
55:55:2c:96:6d:12:91:c1:01:10:39:b6:12:3c:77:
f4:c4:0b:0b:1b:82:e1:ff:2a:7d:13:47:99:94:39:
01:79:02:41:61:a7:01:fd:4e:0a:1f:8b:c6:c4:25:
b2:e4:8c:51:8a:6c:a7:09:a5:00:a7:0d:9a:48:df:
08:25:f1:9c:f2:74:6a:27:05:0f:11:ee:8e:12:f8:
55:74:c7:27:84:56:85:61:73:f5:98:c9:99:0a:81:
b8:cc:79:be:21:63:db:56:67:d2:aa:76:4d:a0:97:
8c:2c:28:35:8f:d6:5c:a1:14:04:24:60:16:5c:a7:
41:7e:35:a9:b1:23:5e:3c:62:1e:25:96:4e:1d:c3:
4b:4d:db:bd:5a:49:21:a4:4f:f3:53:b4:35:7b:27:
67:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:12:3C:3B:CA:30:A2:7B:71:2D:5F:1C:0B:B1:BF:54:C4:6B:9B:89
X509v3 Authority Key Identifier:
keyid:49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/SbWkZGPjorcKM0RgFOv0Dlye_nQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/E1A2CE76FE9111EA8332731CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.246.0/24
144.48.6.0/23
Signature Algorithm: sha256WithRSAEncryption
03:bf:ab:81:c8:3f:61:08:86:b1:5f:b0:3c:ab:aa:99:a8:9e:
70:27:a9:ca:28:e2:65:f5:25:a4:34:0d:36:25:e2:fc:ab:8c:
75:9e:7f:53:b8:9e:85:dc:31:2f:32:32:9d:1e:d5:1e:52:d6:
9d:ab:51:f3:db:99:5c:f1:2b:3e:e7:6a:8b:d4:71:0d:cd:f3:
4e:5b:71:9a:84:8a:a4:95:ef:ba:3a:60:07:ca:db:eb:81:e6:
72:24:f0:f5:6f:a4:b1:9e:de:79:f2:15:75:41:4c:a2:b0:81:
77:10:a5:c5:80:cd:92:6e:21:44:ea:98:6d:a7:e5:c8:97:1d:
93:cd:d1:e7:18:0c:d8:ba:29:ec:9d:3c:90:f3:24:5c:e4:6b:
08:8c:ec:ac:1d:5d:05:04:52:92:d4:14:9d:40:ff:16:61:5f:
93:7d:1f:57:e1:28:d9:34:35:b6:94:85:6d:fc:0e:fc:dc:6a:
65:df:fa:12:0c:0f:e4:2d:a3:09:c7:8a:2a:f6:59:8d:6c:cf:
1c:fa:e8:d1:d9:2e:9a:dc:0a:1c:1e:7e:5e:f5:b5:bf:f8:9d:
4c:5a:aa:62:90:20:fb:0f:45:a9:54:c0:42:c1:29:d4:51:03:
b9:3d:31:aa:2e:28:dd:c6:fc:a0:c9:4c:50:57:28:b5:db:33:
11:58:5d:db
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REExMEExMTAvBgNVBAUTKDQ5QjVBNDY0NjNFM0EyQjcwQTMzNDQ2MDE0RUJGNDBF
NUM5RUZFNzQwHhcNMjIwNTExMTE1MTE2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdiYTMzNC0xMTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxEbfM8XYdQquGyUbfAcCm2bYs22V+33tIfdomT0J2IsOcMntAS2mw4RM6wzR
zs6/HuhTzqoJO+5yyIMEPRounHg+FyjPDrMR0ftzx8kAUtw7SLka1Q1YGiKIKhzz
TNcS0K/wJmA1o1NVVSyWbRKRwQEQObYSPHf0xAsLG4Lh/yp9E0eZlDkBeQJBYacB
/U4KH4vGxCWy5IxRimynCaUApw2aSN8IJfGc8nRqJwUPEe6OEvhVdMcnhFaFYXP1
mMmZCoG4zHm+IWPbVmfSqnZNoJeMLCg1j9ZcoRQEJGAWXKdBfjWpsSNePGIeJZZO
HcNLTdu9WkkhpE/zU7Q1eydnaQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBQSPDvK
MKJ7cS1fHAuxv1TEa5uJMB8GA1UdIwQYMBaAFEm1pGRj46K3CjNEYBTr9A5cnv50
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTEwQS9FMzQwMjA0Q0Yx
ODcxMUVBQjk3MzRCMUNDNEY5QUUwMi9TYldrWkdQam9yY0tNMFJnRk92MERseWVf
blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NiV2taR1Bqb3JjS00wUmdGT3YwRGx5ZV9uUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REExMEEvRTM0MDIwNENGMTg3MTFFQUI5NzM0QjFDQzRGOUFFMDIvRTFBMkNFNzZG
RTkxMTFFQTgzMzI3MzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn1fYDBAGQMAYwDQYJKoZIhvcNAQELBQADggEBAAO/q4HI
P2EIhrFfsDyrqpmonnAnqcoo4mX1JaQ0DTYl4vyrjHWef1O4noXcMS8yMp0e1R5S
1p2rUfPbmVzxKz7naovUcQ3N805bcZqEiqSV77o6YAfK2+uB5nIk8PVvpLGe3nny
FXVBTKKwgXcQpcWAzZJuIUTqmG2n5ciXHZPN0ecYDNi6KeydPJDzJFzkawiM7Kwd
XQUEUpLUFJ1A/xZhX5N9H1fhKNk0NbaUhW38DvzcamXf+hIMD+QtownHiir2WY1s
zxz66NHZLprcChwefl71tb/4nUxaqmKQIPsPRalUwELBKdRRA7k9MaouKN3G/KDJ
TFBXKLXbMxFYXds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org