Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911F5B7/71E7A222519511EA8464BA78C4F9AE02/2AD76950519811EA96A2C280C4F9AE02.roa
File: 2AD76950519811EA96A2C280C4F9AE02.roa (raw, json)
Hash identifier: D/uQ+FcKIIsuQgVFT6BPV6bwPllTtyxTD6xnwRsD2eQ=
Subject key identifier: 1A:E8:D9:96:A5:0B:F7:DB:44:D6:F6:99:80:74:F6:D1:B3:6F:7B:AC
Certificate issuer: /CN=A911F5B7/serialNumber=835B0567D93EAC0AE324EA1F16B3C39CB1B3388E
Certificate serial: 0934
Authority key identifier: 83:5B:05:67:D9:3E:AC:0A:E3:24:EA:1F:16:B3:C3:9C:B1:B3:38:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1sFZ9k-rArjJOofFrPDnLGzOI4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911F5B7/71E7A222519511EA8464BA78C4F9AE02/2AD76950519811EA96A2C280C4F9AE02.roa
Signing time: Fri 14 Apr 2023 21:38:17 +0000
ROA not before: Fri 14 Apr 2023 21:38:17 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 135817
IP address blocks: 103.148.152.0/23 maxlen: 23
103.148.152.0/24 maxlen: 24
103.148.153.0/24 maxlen: 24
2001:df2:da80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2356 (0x934)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911F5B7/serialNumber=835B0567D93EAC0AE324EA1F16B3C39CB1B3388E
Validity
Not Before: Apr 14 21:38:17 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6439c7c9-8bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:29:b5:e9:ad:f8:8a:a6:89:59:88:2d:2c:15:
97:03:a7:cf:2d:1f:4c:5e:be:61:70:6c:e6:77:3e:
d4:cf:6a:32:42:9a:37:c6:14:ab:3c:23:89:dd:12:
82:94:43:5b:8b:82:8b:2a:a5:b5:ee:b9:45:a3:aa:
3a:65:43:fd:e4:e6:9e:25:ca:dc:80:1e:0f:3b:a7:
7b:5c:58:48:48:44:dd:b5:a2:63:a5:1b:8d:90:2c:
7d:ed:02:0d:76:cc:bc:32:b9:d7:66:3d:3b:ff:7c:
aa:26:f8:79:ca:f5:18:4e:fe:d4:b3:9c:8a:5e:27:
f4:1d:f8:55:71:01:f7:be:0d:ee:43:6e:33:01:1e:
2d:54:07:20:73:94:9f:94:06:00:98:c2:38:1e:83:
5a:80:5e:8d:ac:5e:62:78:59:ed:3e:56:83:7a:7d:
1e:28:58:78:fa:ec:00:e0:3d:ee:63:69:34:a7:6b:
14:3c:cf:a2:8c:50:aa:0c:cf:a0:0d:ed:1a:a4:bf:
d8:e0:a9:70:2f:d4:eb:9c:bc:a3:5f:7b:87:6a:a5:
a0:48:3d:87:3e:b8:7f:2f:75:89:fe:76:5f:e2:b4:
18:a9:6c:6f:af:8d:ce:f6:06:34:dd:77:8e:ed:48:
8b:61:ee:60:f7:5d:43:24:a4:6f:6e:cc:b4:f9:78:
60:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E8:D9:96:A5:0B:F7:DB:44:D6:F6:99:80:74:F6:D1:B3:6F:7B:AC
X509v3 Authority Key Identifier:
keyid:83:5B:05:67:D9:3E:AC:0A:E3:24:EA:1F:16:B3:C3:9C:B1:B3:38:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911F5B7/71E7A222519511EA8464BA78C4F9AE02/g1sFZ9k-rArjJOofFrPDnLGzOI4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1sFZ9k-rArjJOofFrPDnLGzOI4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F5B7/71E7A222519511EA8464BA78C4F9AE02/2AD76950519811EA96A2C280C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.152.0/23
IPv6:
2001:df2:da80::/48
Signature Algorithm: sha256WithRSAEncryption
1d:f5:0f:d9:95:62:79:d7:b6:56:3a:c7:25:fa:b4:60:76:fc:
01:8d:39:fa:08:c6:17:3f:c6:7f:3e:76:31:48:45:70:b2:be:
1f:86:9e:9d:29:fc:40:fd:30:3f:25:33:1c:d4:86:08:78:5b:
7f:d1:b9:93:10:62:dc:ea:a4:33:79:bc:06:d6:0d:eb:41:17:
d4:34:5d:97:40:a0:9b:24:3a:41:78:5a:11:d5:d4:50:77:66:
07:cb:bb:e8:4e:80:81:ec:01:f1:8b:46:dd:4d:52:88:8b:65:
3f:91:51:0f:5c:f4:2e:f8:04:98:ae:7d:02:d0:02:f9:13:00:
33:7d:5a:81:53:4a:a3:ea:fd:b4:4a:4b:4a:b5:20:2e:d3:13:
12:07:5d:bc:32:c6:3f:ba:21:98:43:b7:bc:9b:ca:79:7c:fc:
dc:6d:7f:99:c9:4a:88:c0:be:1c:e3:18:93:66:36:60:9b:c1:
78:4b:0e:45:32:a0:b9:be:0a:eb:68:5d:be:1a:17:7c:f4:80:
6c:a5:17:4d:19:4c:57:c7:08:e6:ca:0f:4d:ba:05:39:b8:8b:
9f:c3:e0:2f:5d:f0:56:39:be:9f:1c:dc:6e:e7:8c:ff:89:05:
26:8d:fc:25:54:c5:ab:ab:c9:4d:f1:36:76:87:a6:be:56:07:
dc:21:6f:b8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCTQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUY1QjcxMTAvBgNVBAUTKDgzNUIwNTY3RDkzRUFDMEFFMzI0RUExRjE2QjNDMzlD
QjFCMzM4OEUwHhcNMjMwNDE0MjEzODE3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM5YzdjOS04YmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Cm16a34iqaJWYgtLBWXA6fPLR9MXr5hcGzmdz7Uz2oyQpo3xhSrPCOJ3RKC
lENbi4KLKqW17rlFo6o6ZUP95OaeJcrcgB4PO6d7XFhISETdtaJjpRuNkCx97QIN
dsy8MrnXZj07/3yqJvh5yvUYTv7Us5yKXif0HfhVcQH3vg3uQ24zAR4tVAcgc5Sf
lAYAmMI4HoNagF6NrF5ieFntPlaDen0eKFh4+uwA4D3uY2k0p2sUPM+ijFCqDM+g
De0apL/Y4KlwL9TrnLyjX3uHaqWgSD2HPrh/L3WJ/nZf4rQYqWxvr43O9gY03XeO
7UiLYe5g911DJKRvbsy0+Xhg1QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBro2Zal
C/fbRNb2mYB09tGzb3usMB8GA1UdIwQYMBaAFINbBWfZPqwK4yTqHxazw5yxsziO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjVCNy83MUU3QTIyMjUx
OTUxMUVBODQ2NEJBNzhDNEY5QUUwMi9nMXNGWjlrLXJBcmpKT29mRnJQRG5MR3pP
STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2cxc0ZaOWstckFyakpPb2ZGclBEbkxHek9JNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUY1QjcvNzFFN0EyMjI1MTk1MTFFQTg0NjRCQTc4QzRGOUFFMDIvMkFENzY5NTA1
MTk4MTFFQTk2QTJDMjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlJgwDwQCAAIwCQMHACABDfLagDANBgkqhkiG9w0BAQsF
AAOCAQEAHfUP2ZViede2VjrHJfq0YHb8AY05+gjGFz/Gfz52MUhFcLK+H4aenSn8
QP0wPyUzHNSGCHhbf9G5kxBi3OqkM3m8BtYN60EX1DRdl0CgmyQ6QXhaEdXUUHdm
B8u76E6AgewB8YtG3U1SiItlP5FRD1z0LvgEmK59AtAC+RMAM31agVNKo+r9tEpL
SrUgLtMTEgddvDLGP7ohmEO3vJvKeXz83G1/mclKiMC+HOMYk2Y2YJvBeEsORTKg
ub4K62hdvhoXfPSAbKUXTRlMV8cI5soPTboFObiLn8PgL13wVjm+nxzcbueM/4kF
Jo38JVTFq6vJTfE2doemvlYH3CFvuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org