Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/39866D560A5511EEBCBC9A6CC4F9AE02.roa
File: 39866D560A5511EEBCBC9A6CC4F9AE02.roa (raw, json)
Hash identifier: tFOdcGMSbC+995tLnoI12cFF1PDorUuUP3qDOb9r7Oc=
Subject key identifier: 50:9E:78:F7:A3:BE:DE:FD:C8:40:08:80:03:6B:0C:5F:47:DD:31:96
Certificate issuer: /CN=A915912F/serialNumber=A98B4D753A84DFD49DA7E2307E3192A8C4FF9895
Certificate serial: 02
Authority key identifier: A9:8B:4D:75:3A:84:DF:D4:9D:A7:E2:30:7E:31:92:A8:C4:FF:98:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/39866D560A5511EEBCBC9A6CC4F9AE02.roa
Signing time: Wed 14 Jun 2023 01:46:05 +0000
ROA not before: Wed 14 Jun 2023 01:46:05 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 211256
IP address blocks: 103.92.145.0/24 maxlen: 24
103.92.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915912F/serialNumber=A98B4D753A84DFD49DA7E2307E3192A8C4FF9895
Validity
Not Before: Jun 14 01:46:05 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=64891bdd-08a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:42:2f:20:a7:a0:8a:6f:92:37:c3:88:83:3c:
56:a1:cb:16:f1:61:0a:e0:45:c0:6f:81:53:61:5d:
25:05:ec:bf:69:39:fa:59:1e:2e:90:4e:84:42:c2:
1b:11:c3:a7:a1:ef:fd:eb:8b:da:b4:1c:62:0e:46:
25:60:ab:eb:69:9d:65:bf:74:2a:9e:32:cc:18:27:
a1:e1:2e:ca:2a:0a:45:38:9d:89:4c:a3:b9:a1:72:
d2:41:40:fb:6b:c7:0e:fe:52:bf:73:6a:31:83:4b:
d4:68:8c:05:9e:74:24:58:a4:f7:5d:3f:7a:4d:16:
e0:27:d8:60:c0:96:28:37:ae:69:bb:be:36:ac:28:
b9:28:de:6a:fb:df:03:c2:0b:da:df:85:80:ea:99:
7d:ce:cc:50:37:0e:9a:49:f9:35:cb:d1:26:0c:53:
30:17:ca:65:97:09:cf:4c:f4:1f:94:77:85:ca:5d:
dc:fc:ce:78:6c:c4:c7:90:4e:2d:d0:39:02:6e:5d:
3a:6c:97:02:77:d4:c8:63:37:1e:71:c6:49:3b:4a:
b1:6a:99:23:5c:ec:a1:d9:df:3c:a4:20:84:b8:cf:
f6:19:82:e4:0a:e8:a7:7f:bc:c4:6e:84:df:24:22:
bf:95:db:fc:3f:8b:74:8f:71:52:7c:43:1c:24:4c:
76:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9E:78:F7:A3:BE:DE:FD:C8:40:08:80:03:6B:0C:5F:47:DD:31:96
X509v3 Authority Key Identifier:
keyid:A9:8B:4D:75:3A:84:DF:D4:9D:A7:E2:30:7E:31:92:A8:C4:FF:98:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/qYtNdTqE39Sdp-IwfjGSqMT_mJU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/39866D560A5511EEBCBC9A6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.92.145.0-103.92.146.255
Signature Algorithm: sha256WithRSAEncryption
58:bd:dc:e7:6b:23:ed:30:42:ee:16:ab:51:31:13:0c:e0:6c:
b2:e8:3d:f9:5e:60:41:ed:c8:0b:86:9a:a8:73:01:69:b7:23:
62:5c:2a:7d:a3:16:c3:a3:a9:f0:29:dd:e4:e1:e3:94:e0:3e:
1f:9e:38:af:5e:1a:00:fc:84:86:f3:61:43:7f:5b:6d:01:5e:
b5:bb:64:09:24:57:39:bc:62:a1:fb:cb:29:ed:ea:b0:1e:56:
02:f9:30:0b:53:ac:f5:7b:5b:65:42:46:d4:37:09:06:d0:fb:
56:20:8a:99:dd:6d:b8:cf:9e:93:40:22:c6:18:86:b3:22:f6:
9b:57:6e:5d:0e:0d:8d:27:44:26:0f:c7:05:ad:1f:f1:ff:00:
5f:13:e4:6f:31:14:5c:8c:25:61:55:3a:8c:a2:2f:44:64:86:
81:6d:14:10:a0:08:1a:48:cc:e8:70:c0:b6:10:17:53:a8:ff:
89:17:9a:f8:1e:07:e9:13:75:92:88:61:96:74:f6:10:1d:de:
3b:47:c3:15:cb:70:d0:c2:1c:45:24:80:df:63:01:cf:ca:e4:
8b:7b:cd:97:40:3a:4c:cc:82:aa:70:99:8c:4a:e4:ed:e5:6b:
31:4b:2a:87:c2:09:be:d3:35:8e:44:44:c9:4b:ba:de:8d:18:
09:f4:7c:59
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
OTEyRjExMC8GA1UEBRMoQTk4QjRENzUzQTg0REZENDlEQTdFMjMwN0UzMTkyQThD
NEZGOTg5NTAeFw0yMzA2MTQwMTQ2MDVaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODkxYmRkLTA4YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRQi8gp6CKb5I3w4iDPFahyxbxYQrgRcBvgVNhXSUF7L9pOfpZHi6QToRCwhsR
w6eh7/3ri9q0HGIORiVgq+tpnWW/dCqeMswYJ6HhLsoqCkU4nYlMo7mhctJBQPtr
xw7+Ur9zajGDS9RojAWedCRYpPddP3pNFuAn2GDAlig3rmm7vjasKLko3mr73wPC
C9rfhYDqmX3OzFA3DppJ+TXL0SYMUzAXymWXCc9M9B+Ud4XKXdz8znhsxMeQTi3Q
OQJuXTpslwJ31MhjNx5xxkk7SrFqmSNc7KHZ3zykIIS4z/YZguQK6Kd/vMRuhN8k
Ir+V2/w/i3SPcVJ8QxwkTHbrAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUUJ5496O+
3v3IQAiAA2sMX0fdMZYwHwYDVR0jBBgwFoAUqYtNdTqE39Sdp+IwfjGSqMT/mJUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU5MTJGLzBBMDY3OTA4MEE1
MTExRUU4RDc1QjY2QkM0RjlBRTAyL3FZdE5kVHFFMzlTZHAtSXdmakdTcU1UX21K
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcVl0TmRUcUUzOVNkcC1Jd2ZqR1NxTVRfbUpVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
OTEyRi8wQTA2NzkwODBBNTExMUVFOEQ3NUI2NkJDNEY5QUUwMi8zOTg2NkQ1NjBB
NTUxMUVFQkNCQzlBNkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAZ1yRAwQAZ1ySMA0GCSqGSIb3DQEBCwUAA4IBAQBYvdzn
ayPtMELuFqtRMRMM4Gyy6D35XmBB7cgLhpqocwFptyNiXCp9oxbDo6nwKd3k4eOU
4D4fnjivXhoA/ISG82FDf1ttAV61u2QJJFc5vGKh+8sp7eqwHlYC+TALU6z1e1tl
QkbUNwkG0PtWIIqZ3W24z56TQCLGGIazIvabV25dDg2NJ0QmD8cFrR/x/wBfE+Rv
MRRcjCVhVTqMoi9EZIaBbRQQoAgaSMzocMC2EBdTqP+JF5r4HgfpE3WSiGGWdPYQ
Hd47R8MVy3DQwhxFJIDfYwHPyuSLe82XQDpMzIKqcJmMSuTt5WsxSyqHwgm+0zWO
RETJS7rejRgJ9HxZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org