Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/BAB30D00527111EC8D29B519C4F9AE02.roa
File: BAB30D00527111EC8D29B519C4F9AE02.roa (raw, json)
Hash identifier: RbQPGcR5LzJXoFr4FfZz2frGcT3fo26aFvaP03H+b7Y=
Subject key identifier: 6A:2B:BD:35:2F:E4:DF:11:F5:49:8D:E6:BE:93:39:90:F8:CB:03:8E
Certificate issuer: /CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845
Certificate serial: 7D
Authority key identifier: 52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/BAB30D00527111EC8D29B519C4F9AE02.roa
Signing time: Mon 31 Jan 2022 10:33:00 +0000
ROA not before: Mon 31 Jan 2022 10:33:00 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 56224
IP address blocks: 103.150.152.0/24 maxlen: 24
103.150.153.0/24 maxlen: 24
202.12.80.0/24 maxlen: 24
202.12.81.0/24 maxlen: 24
202.12.82.0/24 maxlen: 24
202.12.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125 (0x7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845
Validity
Not Before: Jan 31 10:33:00 2022 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=61f7badc-2c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:c4:ae:79:c3:d3:2a:20:41:80:fc:31:0f:
2a:b3:3b:97:ce:3e:db:d0:21:ea:84:f8:87:d3:2e:
f4:1c:2d:bd:d9:81:be:a5:67:83:f0:84:fb:2a:00:
16:5b:62:45:8e:0a:71:06:36:19:93:17:7b:28:ad:
11:56:53:5b:a8:45:7a:60:75:c6:15:8b:4c:c0:42:
f7:4f:a1:c3:9e:ed:54:7a:8b:b6:3d:cf:e0:58:c6:
43:57:2f:41:a3:5a:76:e5:7d:b6:62:96:33:65:43:
74:1f:41:6c:0a:c7:74:b3:77:2c:6a:6a:53:b2:ab:
8a:80:1d:77:9d:f3:dc:b8:ec:8e:f2:fc:27:4d:5c:
dd:23:06:7b:b1:e5:1a:b9:cf:99:c8:5a:73:f6:35:
b7:b1:b7:c5:ee:ed:45:1f:a2:5f:fa:86:5b:bc:91:
db:a3:96:f7:6b:3e:c2:df:a6:2b:65:90:c4:ee:60:
23:fe:e9:de:d0:aa:e5:fa:7b:ef:71:64:ef:ab:37:
43:48:83:e1:c8:de:60:06:d8:f6:da:5a:00:16:ac:
38:e9:ea:44:e2:69:9d:5b:b3:0b:fb:cc:b0:96:3f:
a8:f9:2c:40:49:2c:1e:97:87:87:4f:1b:e5:86:c8:
b1:60:12:cc:80:16:37:d9:3c:7a:9f:2f:e2:c9:96:
5f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2B:BD:35:2F:E4:DF:11:F5:49:8D:E6:BE:93:39:90:F8:CB:03:8E
X509v3 Authority Key Identifier:
keyid:52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/BAB30D00527111EC8D29B519C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.152.0/23
202.12.80.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:cd:5f:ed:8d:21:eb:01:42:3e:28:a5:72:7d:a5:e1:e8:e7:
a9:02:38:83:3e:2f:e5:17:a5:c1:ce:87:eb:e3:a5:47:fa:98:
63:5d:d6:72:49:23:54:66:3b:c9:2f:9b:dd:85:e9:1c:f7:a6:
e9:6e:1f:52:21:3b:de:fd:df:77:b4:f6:5b:62:10:b5:bd:07:
ee:81:62:15:ad:59:e8:ab:d3:a7:99:63:a1:76:e5:1d:ce:82:
e8:e8:be:96:06:85:41:62:42:62:68:a3:88:a8:a5:af:08:9f:
22:5d:59:89:0c:d0:a6:f1:a2:c2:52:57:db:d1:e6:7c:ea:99:
a3:50:55:e7:27:a9:06:ed:4c:32:e5:cd:10:ea:d6:e0:16:98:
e6:7d:b9:b7:ed:c0:ec:32:4a:82:a8:00:d3:0b:d6:10:52:30:
a7:1f:d7:c1:21:07:f9:a6:59:e1:01:ae:fc:99:3a:5a:3a:e1:
14:fd:25:98:49:34:e8:1b:33:f5:c9:14:72:6b:9d:13:72:35:
a5:84:92:fb:63:60:e6:5f:23:36:e9:c8:22:b3:10:88:f2:e0:
be:04:cd:c8:14:20:ec:b0:70:b6:dd:13:c4:f3:7d:31:cd:cf:
8d:e9:d3:41:89:d6:30:f4:58:9d:f5:25:f4:3b:e0:33:e3:04:
d5:b3:e1:f8
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OTQ2NzExMC8GA1UEBRMoNTJCRTlEREU5NTY4RkU0QURDQTBGMzQ1QjM2MTdBNjND
MzA3NTg0NTAeFw0yMjAxMzExMDMzMDBaFw0yMjA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxZjdiYWRjLTJjMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/tcSuecPTKiBBgPwxDyqzO5fOPtvQIeqE+IfTLvQcLb3Zgb6lZ4PwhPsqABZb
YkWOCnEGNhmTF3sorRFWU1uoRXpgdcYVi0zAQvdPocOe7VR6i7Y9z+BYxkNXL0Gj
WnblfbZiljNlQ3QfQWwKx3SzdyxqalOyq4qAHXed89y47I7y/CdNXN0jBnux5Rq5
z5nIWnP2Nbext8Xu7UUfol/6hlu8kdujlvdrPsLfpitlkMTuYCP+6d7QquX6e+9x
ZO+rN0NIg+HI3mAG2PbaWgAWrDjp6kTiaZ1bswv7zLCWP6j5LEBJLB6Xh4dPG+WG
yLFgEsyAFjfZPHqfL+LJll83AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUaiu9NS/k
3xH1SY3mvpM5kPjLA44wHwYDVR0jBBgwFoAUUr6d3pVo/krcoPNFs2F6Y8MHWEUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5NDY3Lzc3MEI0RjFBNTI2
RjExRUNCQzUwRUIxN0M0RjlBRTAyL1VyNmQzcFZvX2tyY29QTkZzMkY2WThNSFdF
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVXI2ZDNwVm9fa3Jjb1BORnMyRjZZOE1IV0VVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OTQ2Ny83NzBCNEYxQTUyNkYxMUVDQkM1MEVCMTdDNEY5QUUwMi9CQUIzMEQwMDUy
NzExMUVDOEQyOUI1MTlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAWeWmAMEAsoMUDANBgkqhkiG9w0BAQsFAAOCAQEAHM1f7Y0h
6wFCPiilcn2l4ejnqQI4gz4v5Relwc6H6+OlR/qYY13WckkjVGY7yS+b3YXpHPem
6W4fUiE73v3fd7T2W2IQtb0H7oFiFa1Z6KvTp5ljoXblHc6C6Oi+lgaFQWJCYmij
iKilrwifIl1ZiQzQpvGiwlJX29HmfOqZo1BV5yepBu1MMuXNEOrW4BaY5n25t+3A
7DJKgqgA0wvWEFIwpx/XwSEH+aZZ4QGu/Jk6WjrhFP0lmEk06Bsz9ckUcmudE3I1
pYSS+2Ng5l8jNunIIrMQiPLgvgTNyBQg7LBwtt0TxPN9Mc3PjenTQYnWMPRYnfUl
9DvgM+ME1bPh+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org