Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/269F36FCC21B11EB9D1E4981C4F9AE02.roa
File: 269F36FCC21B11EB9D1E4981C4F9AE02.roa (raw, json)
Hash identifier: bYKHWh+CIOJ8YEKxfqG89pfLdsI6g89GM2U0CwbnH94=
Subject key identifier: CB:35:E9:EB:D7:DB:8F:B1:88:5A:99:B7:AC:37:C1:4D:D9:BF:D1:D1
Certificate issuer: /CN=A913C432/serialNumber=329DA03DB9944751498A5FCA53C85DAA60CB9A32
Certificate serial: 0CBE
Authority key identifier: 32:9D:A0:3D:B9:94:47:51:49:8A:5F:CA:53:C8:5D:AA:60:CB:9A:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mp2gPbmUR1FJil_KU8hdqmDLmjI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/269F36FCC21B11EB9D1E4981C4F9AE02.roa
Signing time: Wed 25 May 2022 18:47:31 +0000
ROA not before: Wed 25 May 2022 18:47:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137449
IP address blocks: 103.138.24.0/22 maxlen: 24
2404:bec0::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3262 (0xcbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C432/serialNumber=329DA03DB9944751498A5FCA53C85DAA60CB9A32
Validity
Not Before: May 25 18:47:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=628e79c3-00a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:52:37:3f:8b:fd:c2:4c:dd:ad:fa:e3:ba:06:
7e:ac:8a:81:31:a4:18:6c:7e:69:0d:6c:17:f1:f5:
ac:3e:f1:98:14:12:de:59:fd:20:ce:e2:3f:60:7e:
f9:bc:89:5a:53:09:cb:fd:05:e4:f8:d0:49:95:95:
ab:2f:a4:16:f8:77:9a:0c:f7:fd:22:c4:b1:95:0c:
10:7b:e2:19:a5:01:b1:4c:ea:57:e8:b9:81:0a:2d:
84:27:8b:89:90:d6:75:e6:82:59:9a:26:19:5c:eb:
96:50:d0:42:8f:03:17:0e:78:aa:9f:e1:69:d0:e9:
d7:a2:be:92:47:67:fa:3b:1b:67:dc:31:39:1c:4f:
d6:05:af:e5:a2:17:7c:4f:fa:77:6b:5c:28:0d:93:
ac:0c:2f:db:0a:b7:b1:0e:3a:73:e5:76:40:fb:60:
93:13:bb:d7:26:de:46:d7:fa:13:d7:0f:fe:39:a0:
eb:55:32:53:5b:6d:15:1d:a1:80:2c:57:c2:79:71:
ab:88:f1:d7:ac:a2:05:11:bc:c0:73:55:f9:62:1d:
df:9e:d9:3f:43:85:73:d5:4f:a9:3e:b2:83:68:7c:
b6:31:6f:97:db:0e:b1:63:2a:ad:12:43:37:45:22:
53:9b:90:b7:96:4c:ce:fc:8b:dd:50:53:3f:72:6a:
32:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:35:E9:EB:D7:DB:8F:B1:88:5A:99:B7:AC:37:C1:4D:D9:BF:D1:D1
X509v3 Authority Key Identifier:
keyid:32:9D:A0:3D:B9:94:47:51:49:8A:5F:CA:53:C8:5D:AA:60:CB:9A:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/Mp2gPbmUR1FJil_KU8hdqmDLmjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mp2gPbmUR1FJil_KU8hdqmDLmjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/269F36FCC21B11EB9D1E4981C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.24.0/22
IPv6:
2404:bec0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:bd:32:a6:ab:e0:e0:7a:33:8e:97:6f:33:55:be:40:08:97:
ad:af:fd:a6:cc:74:1b:21:fe:4b:7e:da:7e:bf:9c:f2:b9:91:
1a:57:13:03:9f:7b:02:9e:4c:55:ac:52:2a:8a:cb:1f:19:d4:
a6:3b:ec:d1:96:d8:ee:a0:fd:37:78:e3:af:cc:5f:eb:76:18:
a2:2c:1d:9c:24:48:c1:9b:ff:12:4d:fb:cf:31:f3:44:7b:a0:
67:2c:e9:62:45:5a:e5:89:95:69:20:98:28:e6:65:28:0f:97:
b1:80:c4:f1:5f:5f:9a:f5:dc:3e:7f:e4:99:78:8d:50:d3:ab:
e2:8f:53:41:86:3f:58:b4:54:51:88:48:53:9f:8c:5c:ac:89:
6e:73:09:f7:7e:b5:c4:7c:e6:5a:1e:e7:a2:a4:90:9d:b6:59:
34:81:96:25:c9:f4:53:27:16:04:ef:57:6f:f7:36:c5:b9:a2:
e4:68:13:69:aa:7e:c4:94:e2:0b:a1:c2:cd:71:d2:6e:43:76:
bc:42:83:7f:c7:43:f7:d8:4f:28:c1:59:60:d1:7f:64:a5:f8:
1f:e8:6e:8c:5b:4e:39:c5:28:df:25:6d:3e:05:78:96:a9:a5:
71:36:ae:05:9d:43:c8:fa:d2:e2:8b:54:ac:35:39:87:03:ba:
49:f6:5a:9d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M0MzIxMTAvBgNVBAUTKDMyOURBMDNEQjk5NDQ3NTE0OThBNUZDQTUzQzg1REFB
NjBDQjlBMzIwHhcNMjIwNTI1MTg0NzMxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhlNzljMy0wMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyVI3P4v9wkzdrfrjugZ+rIqBMaQYbH5pDWwX8fWsPvGYFBLeWf0gzuI/YH75
vIlaUwnL/QXk+NBJlZWrL6QW+HeaDPf9IsSxlQwQe+IZpQGxTOpX6LmBCi2EJ4uJ
kNZ15oJZmiYZXOuWUNBCjwMXDniqn+Fp0OnXor6SR2f6Oxtn3DE5HE/WBa/lohd8
T/p3a1woDZOsDC/bCrexDjpz5XZA+2CTE7vXJt5G1/oT1w/+OaDrVTJTW20VHaGA
LFfCeXGriPHXrKIFEbzAc1X5Yh3fntk/Q4Vz1U+pPrKDaHy2MW+X2w6xYyqtEkM3
RSJTm5C3lkzO/IvdUFM/cmoymwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMs16evX
24+xiFqZt6w3wU3Zv9HRMB8GA1UdIwQYMBaAFDKdoD25lEdRSYpfylPIXapgy5oy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzQzMi8yRENBQkE2ODVD
RjIxMUU5ODQ5MzkyMjRDNEY5QUUwMi9NcDJnUGJtVVIxRkppbF9LVThoZHFtRExt
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01wMmdQYm1VUjFGSmlsX0tVOGhkcW1ETG1qSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M0MzIvMkRDQUJBNjg1Q0YyMTFFOTg0OTM5MjI0QzRGOUFFMDIvMjY5RjM2RkND
MjFCMTFFQjlEMUU0OTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnihgwDQQCAAIwBwMFACQEvsAwDQYJKoZIhvcNAQELBQAD
ggEBAFu9Mqar4OB6M46XbzNVvkAIl62v/abMdBsh/kt+2n6/nPK5kRpXEwOfewKe
TFWsUiqKyx8Z1KY77NGW2O6g/Td446/MX+t2GKIsHZwkSMGb/xJN+88x80R7oGcs
6WJFWuWJlWkgmCjmZSgPl7GAxPFfX5r13D5/5Jl4jVDTq+KPU0GGP1i0VFGISFOf
jFysiW5zCfd+tcR85loe56KkkJ22WTSBliXJ9FMnFgTvV2/3NsW5ouRoE2mqfsSU
4guhws1x0m5DdrxCg3/HQ/fYTyjBWWDRf2Sl+B/oboxbTjnFKN8lbT4FeJappXE2
rgWdQ8j60uKLVKw1OYcDukn2Wp0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org