Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/492281BA567311EC8E039884C4F9AE02.roa
File: 492281BA567311EC8E039884C4F9AE02.roa (raw, json)
Hash identifier: N0jinhK2vE6kaLtS2iKYLBsD1fweiLuwKzibZxPULwc=
Subject key identifier: EE:89:F4:CB:A6:E3:F3:31:90:B3:97:DB:E3:4C:98:C8:E8:2A:B8:26
Certificate issuer: /CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Certificate serial: 028C
Authority key identifier: E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/492281BA567311EC8E039884C4F9AE02.roa
Signing time: Fri 02 Dec 2022 16:32:34 +0000
ROA not before: Fri 02 Dec 2022 16:32:34 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 146990
IP address blocks: 103.172.138.0/23 maxlen: 23
103.172.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 652 (0x28c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Validity
Not Before: Dec 2 16:32:34 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=638a28a2-0063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e3:ca:8d:47:fa:68:73:2e:fc:2c:c5:e7:0b:
69:30:5a:26:49:f9:2c:2b:10:31:74:4a:ae:cf:ff:
07:58:39:66:b1:20:1c:cc:d7:3a:e4:b5:3f:21:b3:
12:38:50:f5:d4:dd:7b:77:d4:3a:2b:1d:13:3f:60:
83:21:83:11:28:4d:17:48:9a:e0:4b:5e:5d:3c:b7:
28:e2:2a:3d:72:b8:95:cb:55:b6:1e:cc:43:37:bc:
66:70:c3:5e:b3:55:e0:83:b8:8f:eb:21:5f:58:72:
44:98:44:39:3a:d5:28:1c:e4:04:44:18:d4:90:f4:
93:1c:5b:55:df:d4:c3:05:71:45:12:97:60:2f:a2:
55:6a:1a:b5:b1:8e:07:b5:09:bc:fd:a4:d8:d3:90:
e4:db:d9:36:87:88:83:46:4b:86:26:b7:7a:a9:e3:
63:76:be:e2:bf:39:e3:be:2e:bc:8a:4a:29:ec:69:
ee:78:62:9f:20:26:44:f4:cd:ed:b4:4b:4d:32:a0:
94:04:21:3b:98:79:08:61:51:55:70:45:f3:ee:cc:
5c:c2:c0:0c:d5:e4:f6:e9:08:53:73:2f:04:77:f9:
85:fc:3b:78:d0:74:76:c4:86:f6:4d:64:67:88:5a:
fa:3b:14:69:49:72:cd:6f:6f:82:df:ca:39:8f:35:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:89:F4:CB:A6:E3:F3:31:90:B3:97:DB:E3:4C:98:C8:E8:2A:B8:26
X509v3 Authority Key Identifier:
keyid:E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/492281BA567311EC8E039884C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.138.0/23
Signature Algorithm: sha256WithRSAEncryption
53:dd:48:0a:a4:58:ed:f1:89:09:cc:65:bf:67:0d:aa:d2:70:
37:db:80:ee:67:07:55:e1:a6:6f:a5:f8:00:8f:06:8d:9c:26:
69:85:5e:cf:c8:45:c0:40:9a:23:58:31:e8:14:89:af:84:32:
0d:5a:41:fb:e1:de:af:97:5f:cf:43:32:9d:b4:88:0c:21:07:
ac:ed:2b:72:dc:ff:0c:16:5b:10:da:4f:31:a0:ed:0e:5c:1f:
d4:ee:11:18:cc:8d:31:93:8b:e0:15:78:68:90:22:1c:dd:bd:
eb:cd:0a:d4:e0:0e:56:55:50:b9:61:0f:3c:d3:3b:14:58:fd:
99:eb:6d:9f:01:fa:16:a8:74:4e:37:16:03:b3:d7:e5:f9:05:
c2:da:6d:61:e1:a2:5b:64:9a:bb:ef:0e:33:e7:2d:47:ff:f5:
9b:05:5c:20:5e:43:1c:c0:ce:aa:23:38:df:f1:15:e5:b9:9b:
72:5a:ec:3b:16:80:78:fc:ca:6e:af:e0:f2:6e:ed:4c:96:be:
bc:ae:17:f0:2d:13:6d:c0:b9:ec:15:10:fc:74:03:cc:47:af:
ea:70:f5:ed:04:14:08:18:9f:69:05:78:ac:5a:39:90:39:80:
19:69:54:2c:02:23:fa:d6:3e:8a:bd:12:20:d4:6a:56:78:45:
22:e2:25:0b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYzNUIxMTAvBgNVBAUTKEU0MDcyMEJBMjkzQkFGMjVCQzBBMTc3OEM2NUNGMEQy
RTBGMzUxNjAwHhcNMjIxMjAyMTYzMjM0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhMjhhMi0wMDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3+PKjUf6aHMu/CzF5wtpMFomSfksKxAxdEquz/8HWDlmsSAczNc65LU/IbMS
OFD11N17d9Q6Kx0TP2CDIYMRKE0XSJrgS15dPLco4io9criVy1W2HsxDN7xmcMNe
s1Xgg7iP6yFfWHJEmEQ5OtUoHOQERBjUkPSTHFtV39TDBXFFEpdgL6JVahq1sY4H
tQm8/aTY05Dk29k2h4iDRkuGJrd6qeNjdr7ivznjvi68ikop7GnueGKfICZE9M3t
tEtNMqCUBCE7mHkIYVFVcEXz7sxcwsAM1eT26QhTcy8Ed/mF/Dt40HR2xIb2TWRn
iFr6OxRpSXLNb2+C38o5jzVHFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFO6J9Mum
4/MxkLOX2+NMmMjoKrgmMB8GA1UdIwQYMBaAFOQHILopO68lvAoXeMZc8NLg81Fg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjM1Qi9FMDEwMTU4QTU2
NEUxMUVDODU4ODU5MTRDNEY5QUUwMi81QWNndWlrN3J5VzhDaGQ0eGx6dzB1RHpV
V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVBY2d1aWs3cnlXOENoZDR4bHp3MHVEelVXQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYzNUIvRTAxMDE1OEE1NjRFMTFFQzg1ODg1OTE0QzRGOUFFMDIvNDkyMjgxQkE1
NjczMTFFQzhFMDM5ODg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrIowDQYJKoZIhvcNAQELBQADggEBAFPdSAqkWO3xiQnM
Zb9nDarScDfbgO5nB1Xhpm+l+ACPBo2cJmmFXs/IRcBAmiNYMegUia+EMg1aQfvh
3q+XX89DMp20iAwhB6ztK3Lc/wwWWxDaTzGg7Q5cH9TuERjMjTGTi+AVeGiQIhzd
vevNCtTgDlZVULlhDzzTOxRY/ZnrbZ8B+haodE43FgOz1+X5BcLabWHholtkmrvv
DjPnLUf/9ZsFXCBeQxzAzqojON/xFeW5m3Ja7DsWgHj8ym6v4PJu7UyWvryuF/At
E23AuewVEPx0A8xHr+pw9e0EFAgYn2kFeKxaOZA5gBlpVCwCI/rWPoq9EiDUalZ4
RSLiJQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org