Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/509B26E446DD11ED929D941EC4F9AE02.roa
File: 509B26E446DD11ED929D941EC4F9AE02.roa (raw, json)
Hash identifier: OYTCAEdWTfuJkUGn8sFJoOjXkZ2Pk2LhqGctzCYoCrs=
Subject key identifier: 67:2E:C8:C4:1A:5A:99:B3:CB:23:AE:13:47:42:5A:76:A2:B2:7D:CC
Certificate issuer: /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
Certificate serial: 0AA8
Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/509B26E446DD11ED929D941EC4F9AE02.roa
Signing time: Wed 09 Nov 2022 10:06:41 +0000
ROA not before: Wed 09 Nov 2022 10:06:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141452
IP address blocks: 103.214.83.0/24 maxlen: 24
144.48.84.0/24 maxlen: 24
144.48.85.0/24 maxlen: 24
144.48.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2728 (0xaa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
Validity
Not Before: Nov 9 10:06:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=636b7bb1-04c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:97:09:6e:a9:65:cd:70:d9:e2:73:01:ce:c1:
6f:94:4b:99:17:41:7c:92:73:dd:72:8a:9b:2b:cd:
56:3f:b7:83:72:50:69:78:a2:ae:a1:f5:cf:f1:1b:
79:94:e4:6e:b0:c2:e1:15:94:cd:1b:57:91:43:82:
01:6e:b0:f7:d8:f1:f2:72:1a:f9:63:38:29:9e:4f:
33:9d:c9:96:a3:1b:4d:9f:bb:af:6a:a6:db:c6:09:
f6:15:73:79:47:0a:b0:32:ac:23:88:ff:a4:76:b8:
15:53:55:dc:db:9a:1a:c1:2f:eb:b5:1c:4a:d3:bb:
c5:9c:94:e1:98:d7:b1:bd:3d:49:1b:36:bc:12:36:
6b:63:e5:97:3d:bc:ad:59:54:4b:b5:78:9d:bc:88:
53:1e:7d:4d:0c:bc:9f:f3:81:18:b5:75:ea:bc:99:
34:9e:26:7e:85:83:7f:3e:13:3a:00:1f:82:f9:54:
d6:a7:2a:11:fd:c8:38:63:44:c8:b1:92:ea:09:dc:
b3:d4:13:0d:03:cd:0f:25:bc:aa:b2:60:de:bd:98:
70:91:cd:b1:94:ca:19:c1:8b:59:24:81:3f:b4:2e:
eb:8d:19:a4:63:82:57:59:c3:76:ea:63:62:32:13:
58:7b:93:28:82:52:cf:43:c1:2b:e1:5d:2d:1a:17:
5f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2E:C8:C4:1A:5A:99:B3:CB:23:AE:13:47:42:5A:76:A2:B2:7D:CC
X509v3 Authority Key Identifier:
keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/509B26E446DD11ED929D941EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.83.0/24
144.48.84.0-144.48.86.255
Signature Algorithm: sha256WithRSAEncryption
b3:a0:e0:ed:6d:61:a1:a7:d5:8f:39:9e:a7:a2:1f:db:5c:45:
d1:82:12:00:af:8d:05:0b:02:ab:2b:12:8e:c7:f7:b3:93:53:
60:8e:c7:26:26:ed:71:24:d6:cc:5c:77:80:bf:0a:fa:5b:fa:
c9:01:32:2d:b2:d2:e2:e2:00:c2:69:1f:af:37:4a:04:b5:e0:
96:ac:9b:99:cf:0a:26:64:8f:83:ae:c7:9b:75:5b:46:90:61:
37:36:75:c7:91:04:c4:c4:ea:29:14:d2:30:f5:77:7c:94:3a:
41:e4:c0:1e:5d:d1:aa:bc:fa:67:d2:b5:0b:17:d0:52:bd:2f:
cc:4f:a1:37:0e:20:45:8e:d0:ae:2d:6c:15:28:68:a8:8e:c7:
fd:bc:3c:49:b0:a3:30:31:ba:df:17:80:aa:a1:f2:7b:58:77:
ff:8a:43:fa:fc:bc:cb:15:1e:2f:6d:58:65:7d:34:ba:95:dc:
94:61:28:0e:79:67:75:01:2d:cc:e5:78:b0:71:c3:79:c5:59:
c4:35:0e:ef:b4:e4:b0:5d:3a:b5:db:0e:2b:46:a7:d6:5c:d5:
68:7d:b2:c7:e1:ed:e2:86:38:44:84:7c:6d:fe:d8:90:8b:71:
b8:36:77:c8:de:d9:62:2a:39:45:6d:9d:aa:32:a8:39:58:fc:
cb:19:c6:fa
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE
MTdGQTk2Q0QwHhcNMjIxMTA5MTAwNjQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZiN2JiMS0wNGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJcJbqllzXDZ4nMBzsFvlEuZF0F8knPdcoqbK81WP7eDclBpeKKuofXP8Rt5
lORusMLhFZTNG1eRQ4IBbrD32PHychr5Yzgpnk8zncmWoxtNn7uvaqbbxgn2FXN5
RwqwMqwjiP+kdrgVU1Xc25oawS/rtRxK07vFnJThmNexvT1JGza8EjZrY+WXPbyt
WVRLtXidvIhTHn1NDLyf84EYtXXqvJk0niZ+hYN/PhM6AB+C+VTWpyoR/cg4Y0TI
sZLqCdyz1BMNA80PJbyqsmDevZhwkc2xlMoZwYtZJIE/tC7rjRmkY4JXWcN26mNi
MhNYe5MoglLPQ8Er4V0tGhdfqwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFGcuyMQa
WpmzyyOuE0dCWnaisn3MMB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0
NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs
czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCRTMvODBBRTEwQzYwNDUwMTFFQUJBODJDNDE1QzRGOUFFMDIvNTA5QjI2RTQ0
NkREMTFFRDkyOUQ5NDFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBABn1lMwDAMEApAwVAMEAJAwVjANBgkqhkiG9w0BAQsFAAOC
AQEAs6Dg7W1hoafVjzmep6If21xF0YISAK+NBQsCqysSjsf3s5NTYI7HJibtcSTW
zFx3gL8K+lv6yQEyLbLS4uIAwmkfrzdKBLXglqybmc8KJmSPg67Hm3VbRpBhNzZ1
x5EExMTqKRTSMPV3fJQ6QeTAHl3Rqrz6Z9K1CxfQUr0vzE+hNw4gRY7Qri1sFSho
qI7H/bw8SbCjMDG63xeAqqHye1h3/4pD+vy8yxUeL21YZX00upXclGEoDnlndQEt
zOV4sHHDecVZxDUO77TksF06tdsOK0an1lzVaH2yx+Ht4oY4RIR8bf7YkItxuDZ3
yN7ZYio5RW2dqjKoOVj8yxnG+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org