Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/CA528B38ACEC11ED8A117735C4F9AE02.roa
File: CA528B38ACEC11ED8A117735C4F9AE02.roa (raw, json)
Hash identifier: z+DNPzmn+hSbDXmGs9f19UBm/IWCgcwy3RcZmKhnJBA=
Subject key identifier: 19:01:5A:D7:A5:BB:A3:19:E4:50:EF:40:18:1E:8B:82:E1:03:8E:C6
Certificate issuer: /CN=A911DF8A/serialNumber=826007A4E3D14BB0B509BB969845D01EB809DD7A
Certificate serial: 01F8
Authority key identifier: 82:60:07:A4:E3:D1:4B:B0:B5:09:BB:96:98:45:D0:1E:B8:09:DD:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gmAHpOPRS7C1CbuWmEXQHrgJ3Xo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/CA528B38ACEC11ED8A117735C4F9AE02.roa
Signing time: Mon 03 Apr 2023 04:54:53 +0000
ROA not before: Mon 03 Apr 2023 04:54:53 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 9304
IP address blocks: 103.182.96.0/24 maxlen: 24
103.182.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 504 (0x1f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DF8A/serialNumber=826007A4E3D14BB0B509BB969845D01EB809DD7A
Validity
Not Before: Apr 3 04:54:53 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642a5c1d-5ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c0:6f:8b:e4:4a:21:be:5e:eb:fc:5f:ab:ce:
ed:23:d0:35:98:3c:32:0e:33:08:08:56:c8:ea:8a:
68:8b:bf:4c:0a:5b:21:38:56:69:f5:54:a8:3a:cd:
e3:0d:65:9a:91:33:1b:fa:c7:13:03:57:bc:94:98:
75:a7:fd:50:fe:de:e2:d4:8c:ca:71:4d:fa:1d:ca:
76:db:fa:ce:3d:fa:30:f6:89:32:f6:7b:85:70:fc:
b1:36:3c:8b:57:ac:2b:1c:4c:57:1c:9f:a9:b3:be:
80:74:47:59:8e:70:67:7b:05:e0:2a:88:eb:83:da:
b3:0e:20:8e:ed:7c:be:09:d4:0e:f4:da:5c:22:43:
0e:c9:2d:c8:4c:55:e3:b4:b7:3b:c0:9e:9f:f6:1c:
42:70:72:8f:30:2a:76:30:6c:16:9c:3c:f1:e9:4c:
53:0f:d1:ac:ca:c4:37:7c:30:50:5b:4d:bb:e4:63:
2e:55:0a:5f:3e:3e:ae:ed:ba:d0:f1:e2:d1:39:94:
d8:3e:29:54:9e:57:e4:b3:c9:08:ed:20:fc:b5:5c:
b3:85:27:74:96:af:04:d7:9b:8d:a2:42:dd:69:16:
a6:4b:a4:9d:60:6c:3f:49:f3:0a:07:5e:37:03:93:
5b:bb:96:d0:fb:e8:07:3d:d9:7b:ef:e1:b3:ff:fa:
8c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:01:5A:D7:A5:BB:A3:19:E4:50:EF:40:18:1E:8B:82:E1:03:8E:C6
X509v3 Authority Key Identifier:
keyid:82:60:07:A4:E3:D1:4B:B0:B5:09:BB:96:98:45:D0:1E:B8:09:DD:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/gmAHpOPRS7C1CbuWmEXQHrgJ3Xo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gmAHpOPRS7C1CbuWmEXQHrgJ3Xo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DF8A/3553CFAAA37F11EC92D6FA5EC4F9AE02/CA528B38ACEC11ED8A117735C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.182.96.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:f2:66:c2:cd:97:8b:43:72:5a:7c:c1:bb:66:b6:46:7e:d7:
2f:6b:3b:1f:53:1d:8a:8c:d3:47:3a:04:47:1f:98:da:fd:41:
2c:8b:0a:c0:04:2a:48:d1:50:78:72:db:07:82:8d:7f:1b:5d:
7f:da:bd:aa:ff:dc:d3:26:c9:fe:1d:8d:7f:99:a9:5f:e3:38:
37:71:4a:a1:1b:8e:c2:ba:6e:85:ef:f3:e4:5e:1b:89:df:a2:
cf:f4:ce:18:43:e2:1f:b2:ee:bc:b4:f4:43:cb:68:e8:de:0a:
98:f6:fb:51:20:20:1d:87:53:65:c0:34:63:68:0d:03:fd:cf:
f6:a9:38:ce:ed:d1:18:55:f0:f1:3e:34:c6:de:d0:16:66:90:
87:2f:65:c4:12:79:45:a0:24:b2:a9:fc:1f:04:2a:b1:15:6c:
0c:74:b4:4d:6c:76:8c:da:56:34:e9:26:da:34:19:39:ef:66:
ad:60:81:4a:36:c1:3d:26:34:4b:55:f9:c9:ce:9f:bf:8c:35:
63:95:4f:3b:bd:37:02:81:a4:3f:a8:76:55:29:1a:de:e1:48:
1d:7f:dc:53:73:c4:05:2e:b0:89:79:3c:a2:ad:b7:7b:9b:94:
c1:c1:8d:ed:16:4d:dc:8d:2d:72:7a:d7:e0:ca:ed:22:71:48:
25:2a:4d:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURGOEExMTAvBgNVBAUTKDgyNjAwN0E0RTNEMTRCQjBCNTA5QkI5Njk4NDVEMDFF
QjgwOUREN0EwHhcNMjMwNDAzMDQ1NDUzWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJhNWMxZC01Y2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArcBvi+RKIb5e6/xfq87tI9A1mDwyDjMICFbI6opoi79MClshOFZp9VSoOs3j
DWWakTMb+scTA1e8lJh1p/1Q/t7i1IzKcU36Hcp22/rOPfow9oky9nuFcPyxNjyL
V6wrHExXHJ+ps76AdEdZjnBnewXgKojrg9qzDiCO7Xy+CdQO9NpcIkMOyS3ITFXj
tLc7wJ6f9hxCcHKPMCp2MGwWnDzx6UxTD9GsysQ3fDBQW0275GMuVQpfPj6u7brQ
8eLROZTYPilUnlfks8kI7SD8tVyzhSd0lq8E15uNokLdaRamS6SdYGw/SfMKB143
A5Nbu5bQ++gHPdl77+Gz//qMAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBkBWtel
u6MZ5FDvQBgei4LhA47GMB8GA1UdIwQYMBaAFIJgB6Tj0UuwtQm7lphF0B64Cd16
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREY4QS8zNTUzQ0ZBQUEz
N0YxMUVDOTJENkZBNUVDNEY5QUUwMi9nbUFIcE9QUlM3QzFDYnVXbUVYUUhyZ0oz
WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dtQUhwT1BSUzdDMUNidVdtRVhRSHJnSjNYby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURGOEEvMzU1M0NGQUFBMzdGMTFFQzkyRDZGQTVFQzRGOUFFMDIvQ0E1MjhCMzhB
Q0VDMTFFRDhBMTE3NzM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFntmAwDQYJKoZIhvcNAQELBQADggEBAB/yZsLNl4tDclp8
wbtmtkZ+1y9rOx9THYqM00c6BEcfmNr9QSyLCsAEKkjRUHhy2weCjX8bXX/avar/
3NMmyf4djX+ZqV/jODdxSqEbjsK6boXv8+ReG4nfos/0zhhD4h+y7ry09EPLaOje
Cpj2+1EgIB2HU2XANGNoDQP9z/apOM7t0RhV8PE+NMbe0BZmkIcvZcQSeUWgJLKp
/B8EKrEVbAx0tE1sdozaVjTpJto0GTnvZq1ggUo2wT0mNEtV+cnOn7+MNWOVTzu9
NwKBpD+odlUpGt7hSB1/3FNzxAUusIl5PKKtt3ublMHBje0WTdyNLXJ61+DK7SJx
SCUqTak=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org