Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/14CDD77ACF8111EC90D9434BC4F9AE02.roa
File: 14CDD77ACF8111EC90D9434BC4F9AE02.roa (raw, json)
Hash identifier: vHy/0anorML3/3OE87bU6Jv5i8uO1s363rfb+xMVobY=
Subject key identifier: 8B:83:90:34:F0:7B:A8:5D:D8:4A:E4:98:EF:58:A6:2C:63:D7:1B:28
Certificate issuer: /CN=A91DED5A/serialNumber=0D98418F84C22CE351395E1E5C4D5D91AE60FE1F
Certificate serial: 02
Authority key identifier: 0D:98:41:8F:84:C2:2C:E3:51:39:5E:1E:5C:4D:5D:91:AE:60:FE:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DZhBj4TCLONROV4eXE1dka5g_h8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/14CDD77ACF8111EC90D9434BC4F9AE02.roa
Signing time: Mon 09 May 2022 10:16:25 +0000
ROA not before: Mon 09 May 2022 10:16:25 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 149826
IP address blocks: 103.187.38.0/23 maxlen: 23
103.187.38.0/24 maxlen: 24
103.187.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DED5A/serialNumber=0D98418F84C22CE351395E1E5C4D5D91AE60FE1F
Validity
Not Before: May 9 10:16:25 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6278e9f9-cc0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:08:dd:41:12:98:61:00:b3:65:0b:c2:d5:29:
ab:47:5e:98:dd:5a:b2:88:93:78:8d:02:a6:27:a3:
fb:8f:33:2e:88:cc:60:76:ce:cc:96:7b:51:44:a0:
04:15:d6:3b:36:a7:ac:94:ed:d0:09:24:f0:ae:f2:
38:33:d2:4b:7d:14:2e:6a:56:10:47:49:d5:ba:9a:
30:7d:10:91:20:7b:61:7a:a7:a9:75:dd:16:49:a8:
a1:85:ac:5c:c0:73:94:a6:0d:d3:ba:32:bc:69:b5:
c6:47:42:94:27:9d:73:34:ae:2b:77:c0:fa:22:79:
a6:5c:22:50:ca:ec:df:07:cf:b2:26:3b:b8:57:03:
e2:88:09:cb:62:8d:36:01:fa:28:5a:25:2a:1e:fc:
db:1b:78:de:02:cb:8c:68:f5:ab:9e:ca:bb:13:69:
48:55:41:40:c4:39:6b:f1:b0:72:41:08:dd:ce:c2:
c5:92:46:f4:0d:d0:97:d6:0d:66:69:7b:93:ba:1e:
49:80:d6:75:d6:96:21:2f:4c:58:03:1e:cd:3d:fa:
2d:3a:e4:19:32:dd:45:9a:03:27:10:0d:ca:09:70:
4f:47:25:d7:33:e3:78:43:49:5f:aa:8f:29:87:b5:
9d:07:ef:49:17:c2:10:c1:4a:91:e0:b9:fb:af:ce:
c1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:83:90:34:F0:7B:A8:5D:D8:4A:E4:98:EF:58:A6:2C:63:D7:1B:28
X509v3 Authority Key Identifier:
keyid:0D:98:41:8F:84:C2:2C:E3:51:39:5E:1E:5C:4D:5D:91:AE:60:FE:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/DZhBj4TCLONROV4eXE1dka5g_h8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DZhBj4TCLONROV4eXE1dka5g_h8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DED5A/5DEDA028CF7E11EC932E024AC4F9AE02/14CDD77ACF8111EC90D9434BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.187.38.0/23
Signature Algorithm: sha256WithRSAEncryption
23:78:53:e1:b9:b8:01:94:88:5f:08:e8:bf:e8:35:f2:34:36:
ae:4d:1f:3a:e7:1a:8f:41:42:81:de:e7:df:1b:10:42:8e:d8:
42:75:71:cd:9a:d5:38:89:73:85:ed:f5:60:13:6a:28:a3:6e:
25:0a:04:d4:35:38:02:81:71:b6:98:b3:8f:1f:23:6a:b4:a6:
ac:01:74:65:e9:73:7b:9d:82:5b:9d:9c:3b:e1:2e:f7:e6:e0:
84:2a:5e:f2:3f:3c:91:c6:20:34:c4:b1:94:56:a6:d7:49:0f:
75:60:a8:7c:88:88:00:45:e7:6f:d9:e8:b8:50:62:df:74:ae:
84:f4:55:0d:dc:92:9f:17:f3:e8:73:80:b7:0d:fc:e1:a0:0c:
9d:8c:1f:3c:a6:91:e7:0b:e2:04:69:b6:29:1e:4c:ae:fb:c2:
c9:62:b4:b2:2c:84:76:0a:6d:0b:4f:de:d3:b4:5b:e7:ea:e0:
9e:85:6d:64:99:b3:ab:c0:d4:d6:37:43:96:99:cf:5c:ab:6a:
9d:50:2c:c9:ff:32:ee:ab:d6:5e:a8:e1:ab:a3:d5:df:48:e7:
c0:7f:be:8d:ba:9c:37:c0:5d:83:bc:3b:40:ae:46:ee:78:2a:
97:44:17:47:1b:96:e6:c1:cf:a0:66:5d:49:43:c1:00:a8:e7:
5f:d6:1a:7b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RUQ1QTExMC8GA1UEBRMoMEQ5ODQxOEY4NEMyMkNFMzUxMzk1RTFFNUM0RDVEOTFB
RTYwRkUxRjAeFw0yMjA1MDkxMDE2MjVaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNzhlOWY5LWNjMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJCN1BEphhALNlC8LVKatHXpjdWrKIk3iNAqYno/uPMy6IzGB2zsyWe1FEoAQV
1js2p6yU7dAJJPCu8jgz0kt9FC5qVhBHSdW6mjB9EJEge2F6p6l13RZJqKGFrFzA
c5SmDdO6MrxptcZHQpQnnXM0rit3wPoieaZcIlDK7N8Hz7ImO7hXA+KICctijTYB
+ihaJSoe/NsbeN4Cy4xo9aueyrsTaUhVQUDEOWvxsHJBCN3OwsWSRvQN0JfWDWZp
e5O6HkmA1nXWliEvTFgDHs09+i065Bky3UWaAycQDcoJcE9HJdcz43hDSV+qjymH
tZ0H70kXwhDBSpHgufuvzsF1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUi4OQNPB7
qF3YSuSY71imLGPXGygwHwYDVR0jBBgwFoAUDZhBj4TCLONROV4eXE1dka5g/h8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURFRDVBLzVERURBMDI4Q0Y3
RTExRUM5MzJFMDI0QUM0RjlBRTAyL0RaaEJqNFRDTE9OUk9WNGVYRTFka2E1Z19o
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRFpoQmo0VENMT05ST1Y0ZVhFMWRrYTVnX2g4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RUQ1QS81REVEQTAyOENGN0UxMUVDOTMyRTAyNEFDNEY5QUUwMi8xNENERDc3QUNG
ODExMUVDOTBEOTQzNEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe7JjANBgkqhkiG9w0BAQsFAAOCAQEAI3hT4bm4AZSIXwjo
v+g18jQ2rk0fOucaj0FCgd7n3xsQQo7YQnVxzZrVOIlzhe31YBNqKKNuJQoE1DU4
AoFxtpizjx8jarSmrAF0Zelze52CW52cO+Eu9+bghCpe8j88kcYgNMSxlFam10kP
dWCofIiIAEXnb9nouFBi33SuhPRVDdySnxfz6HOAtw384aAMnYwfPKaR5wviBGm2
KR5MrvvCyWK0siyEdgptC0/e07Rb5+rgnoVtZJmzq8DU1jdDlpnPXKtqnVAsyf8y
7qvWXqjhq6PV30jnwH++jbqcN8Bdg7w7QK5G7ngql0QXRxuW5sHPoGZdSUPBAKjn
X9Yaew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org