Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/ADA0FA1E727D11ED960E9650C4F9AE02.roa
File: ADA0FA1E727D11ED960E9650C4F9AE02.roa (raw, json)
Hash identifier: l3xOUFJms8fcqAlceaRgBF+IkClvuT14JgFYr0+IZCs=
Subject key identifier: 8B:20:02:BD:D3:B7:25:D1:A6:92:7D:D6:D2:14:FE:F2:82:7B:22:FF
Certificate issuer: /CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Certificate serial: 028F
Authority key identifier: E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/ADA0FA1E727D11ED960E9650C4F9AE02.roa
Signing time: Fri 02 Dec 2022 20:12:43 +0000
ROA not before: Fri 02 Dec 2022 20:12:43 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 146990
IP address blocks: 103.172.138.0/24 maxlen: 24
103.172.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 655 (0x28f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Validity
Not Before: Dec 2 20:12:43 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=638a5c3b-e87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3a:5f:eb:7d:ec:57:23:1f:e1:57:d7:bf:57:
cf:d7:68:01:fb:b1:3d:71:8f:2e:07:56:60:9e:27:
df:78:72:c9:8b:c9:bc:68:7a:f8:f8:d4:c2:78:5d:
92:fe:43:3f:1a:c4:96:01:32:f4:3d:3c:7d:5e:f6:
fc:7b:47:02:bf:4a:58:e3:92:6b:37:9b:59:33:b1:
54:ea:bf:21:22:10:a0:e3:00:25:f3:c2:1d:e9:1e:
96:e8:38:ee:d5:b1:15:86:8d:64:27:40:2b:c0:30:
7e:b1:24:28:a0:93:36:cd:94:47:3d:7c:2e:cf:20:
ec:01:0b:7a:6d:96:f7:f5:8d:40:89:cf:1a:92:97:
b5:8e:fd:cb:0a:90:96:72:53:9e:86:c6:74:ee:cd:
da:21:d5:26:30:d9:96:b3:55:4c:c9:ab:8c:85:65:
52:fb:22:32:29:94:76:42:dd:94:9b:3f:d1:8a:f6:
63:81:db:20:4f:17:84:d7:fe:68:60:c9:96:de:db:
8a:dc:dc:6d:74:3b:c8:39:9b:f5:2a:90:51:95:a0:
d8:8c:c6:eb:ad:a7:6c:be:9e:10:d6:f3:eb:4b:09:
0d:40:bc:be:ee:fd:b6:9a:bd:2d:c2:5d:25:4d:ce:
fd:b5:4b:95:39:3f:79:47:67:c9:eb:f4:6a:c4:8e:
77:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:20:02:BD:D3:B7:25:D1:A6:92:7D:D6:D2:14:FE:F2:82:7B:22:FF
X509v3 Authority Key Identifier:
keyid:E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/ADA0FA1E727D11ED960E9650C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.138.0/23
Signature Algorithm: sha256WithRSAEncryption
23:3a:d1:d7:05:60:f1:bb:3d:81:33:49:c3:ec:6a:b1:a3:fb:
4c:24:70:23:ae:53:a4:5e:86:1a:6e:9a:d6:2b:a8:07:a3:19:
6b:ac:80:25:2b:6b:c5:31:d1:9f:59:62:24:95:78:13:f6:37:
57:bc:c4:5b:d4:cb:20:12:a5:a4:a2:99:2a:da:20:d6:6f:33:
e8:b9:5c:d9:bb:0b:96:6c:24:bf:b0:af:6d:64:53:04:e3:6d:
6a:e3:8e:40:12:58:dc:57:59:ad:83:cd:3f:16:f3:5e:ff:60:
dd:0f:16:f7:31:85:5e:52:b7:3a:f6:9e:a8:fb:7c:ac:45:67:
0b:83:7e:54:da:03:6b:90:63:36:68:f5:e8:89:ee:56:18:90:
e5:29:b5:5b:54:e3:bd:bc:82:2f:1e:f3:a1:95:d9:04:cc:39:
a8:04:1d:0a:bf:dc:d8:fe:d3:f6:6c:e8:5a:66:04:3e:3f:a5:
5f:7d:0c:18:68:16:03:cc:f2:9c:aa:f1:98:d0:31:71:1b:35:
88:0f:3b:38:ed:50:2f:64:bd:96:16:69:2e:f4:f8:c8:48:23:
7b:f9:70:cf:1a:81:02:e1:1e:0b:ca:f3:82:1e:39:fa:a8:10:
77:90:d6:04:4f:0c:60:69:6f:21:80:a7:85:0c:ba:6b:d6:51:
8c:dd:b5:37
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYzNUIxMTAvBgNVBAUTKEU0MDcyMEJBMjkzQkFGMjVCQzBBMTc3OEM2NUNGMEQy
RTBGMzUxNjAwHhcNMjIxMjAyMjAxMjQzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhNWMzYi1lODdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuDpf633sVyMf4VfXv1fP12gB+7E9cY8uB1ZgniffeHLJi8m8aHr4+NTCeF2S
/kM/GsSWATL0PTx9Xvb8e0cCv0pY45JrN5tZM7FU6r8hIhCg4wAl88Id6R6W6Dju
1bEVho1kJ0ArwDB+sSQooJM2zZRHPXwuzyDsAQt6bZb39Y1Aic8akpe1jv3LCpCW
clOehsZ07s3aIdUmMNmWs1VMyauMhWVS+yIyKZR2Qt2Umz/RivZjgdsgTxeE1/5o
YMmW3tuK3NxtdDvIOZv1KpBRlaDYjMbrradsvp4Q1vPrSwkNQLy+7v22mr0twl0l
Tc79tUuVOT95R2fJ6/RqxI53TwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIsgAr3T
tyXRppJ91tIU/vKCeyL/MB8GA1UdIwQYMBaAFOQHILopO68lvAoXeMZc8NLg81Fg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjM1Qi9FMDEwMTU4QTU2
NEUxMUVDODU4ODU5MTRDNEY5QUUwMi81QWNndWlrN3J5VzhDaGQ0eGx6dzB1RHpV
V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVBY2d1aWs3cnlXOENoZDR4bHp3MHVEelVXQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYzNUIvRTAxMDE1OEE1NjRFMTFFQzg1ODg1OTE0QzRGOUFFMDIvQURBMEZBMUU3
MjdEMTFFRDk2MEU5NjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrIowDQYJKoZIhvcNAQELBQADggEBACM60dcFYPG7PYEz
ScPsarGj+0wkcCOuU6RehhpumtYrqAejGWusgCUra8Ux0Z9ZYiSVeBP2N1e8xFvU
yyASpaSimSraINZvM+i5XNm7C5ZsJL+wr21kUwTjbWrjjkASWNxXWa2DzT8W817/
YN0PFvcxhV5Stzr2nqj7fKxFZwuDflTaA2uQYzZo9eiJ7lYYkOUptVtU4728gi8e
86GV2QTMOagEHQq/3Nj+0/Zs6FpmBD4/pV99DBhoFgPM8pyq8ZjQMXEbNYgPOzjt
UC9kvZYWaS70+MhII3v5cM8agQLhHgvK84IeOfqoEHeQ1gRPDGBpbyGAp4UMumvW
UYzdtTc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org