Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/466B6512771611EDB65FBF71C4F9AE02.roa
File: 466B6512771611EDB65FBF71C4F9AE02.roa (raw, json)
Hash identifier: mU0XfCemkCr6/K5GuRMfVL0mlmEOxpr5tYEOzOgxgkw=
Subject key identifier: C1:C7:80:55:30:98:B0:52:4E:E6:66:9C:A4:59:10:B1:82:15:F6:60
Certificate issuer: /CN=A9161DF8/serialNumber=3FBC3AF43102CEDA4FA0F7FA9BD91B2D65346D6E
Certificate serial: 28
Authority key identifier: 3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/466B6512771611EDB65FBF71C4F9AE02.roa
Signing time: Thu 08 Dec 2022 16:35:07 +0000
ROA not before: Thu 08 Dec 2022 16:35:07 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 150311
IP address blocks: 103.250.28.0/23 maxlen: 23
2001:df1:4540::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161DF8/serialNumber=3FBC3AF43102CEDA4FA0F7FA9BD91B2D65346D6E
Validity
Not Before: Dec 8 16:35:07 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6392123b-5d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:21:76:f1:f7:23:df:fc:41:a7:3f:c9:0c:
66:02:44:53:8a:02:6d:f5:42:3d:06:e8:cf:52:ed:
4e:b1:f1:b9:be:ad:95:11:d5:8b:59:53:29:c5:d2:
71:b7:9b:68:71:59:3f:9e:f4:e9:05:6a:96:73:f6:
6c:5a:16:e6:f0:44:dd:7f:30:42:a4:c1:4c:f4:0e:
29:40:47:73:f1:4d:c8:10:22:24:5c:fd:e2:a7:ab:
f2:3d:01:a7:ff:b7:eb:6f:52:88:6e:8f:a8:ab:be:
6a:60:01:f9:40:1c:4d:1a:ed:b2:bf:cf:88:67:9b:
72:7a:6f:2b:3e:81:1a:4c:98:e2:38:a1:40:28:76:
36:22:c2:3f:c8:c9:6e:1d:fe:de:b9:0e:84:6b:dd:
c7:44:fc:ac:63:1f:f3:2e:1d:04:80:07:0a:58:6d:
1a:1b:a1:d5:fa:10:ab:87:43:ca:1a:b9:1b:14:a9:
99:b8:83:14:72:8a:e2:24:45:d5:da:a0:9d:da:e9:
62:b2:b8:d2:8b:9c:77:8b:98:cc:2e:1b:9e:0a:68:
80:a7:5e:ce:3b:26:fb:3d:9b:1c:0e:30:c9:f5:6f:
37:cb:4c:28:b3:5b:cb:02:a8:a3:1f:d0:dc:8d:9a:
e7:e4:5a:d1:27:52:04:f9:3f:7b:bb:3a:55:d7:40:
1f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C7:80:55:30:98:B0:52:4E:E6:66:9C:A4:59:10:B1:82:15:F6:60
X509v3 Authority Key Identifier:
keyid:3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/P7w69DECztpPoPf6m9kbLWU0bW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/466B6512771611EDB65FBF71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.250.28.0/23
IPv6:
2001:df1:4540::/48
Signature Algorithm: sha256WithRSAEncryption
c3:ae:90:e4:24:39:83:25:6b:ac:d3:66:71:f4:92:09:a6:f4:
04:28:6e:d3:2f:a1:04:77:b3:f2:49:ba:cf:cd:ab:a6:dd:4b:
37:33:72:60:2d:d8:9c:90:4f:6c:50:38:dc:3e:b3:f4:86:2c:
74:1c:20:43:4a:13:8e:50:3d:a3:1e:81:07:2b:44:41:f0:d5:
62:fd:91:76:fa:c2:27:f5:02:13:27:00:cc:1c:95:df:a4:a4:
f2:a4:7a:c1:e6:15:c7:6d:d5:61:43:61:65:c6:10:c6:37:bd:
e8:16:40:f2:f1:19:29:48:9c:78:65:a4:82:97:f3:01:3f:9b:
b9:bc:76:9f:e4:8d:97:f4:1f:36:86:d0:be:b0:e9:4f:02:47:
59:88:c5:9b:45:76:c0:ac:23:e0:7e:cd:5a:37:d0:75:ec:0c:
70:6e:0d:41:9d:48:68:3b:cc:0a:70:da:26:e9:b8:3b:3b:dc:
4a:dc:e3:48:2c:71:55:67:52:a3:1b:42:9e:10:c1:9d:e2:fa:
67:1b:3b:94:5d:62:e1:6f:41:61:6b:d2:99:a2:fb:1b:da:85:
41:97:52:d1:ec:84:c3:73:02:5e:8b:9c:78:20:06:25:ce:e8:
d9:f2:46:2f:1b:a7:0b:95:47:ec:23:7e:10:61:08:59:33:ee:
5b:14:b7:78
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MURGODExMC8GA1UEBRMoM0ZCQzNBRjQzMTAyQ0VEQTRGQTBGN0ZBOUJEOTFCMkQ2
NTM0NkQ2RTAeFw0yMjEyMDgxNjM1MDdaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTIxMjNiLTVkMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxciF28fcj3/xBpz/JDGYCRFOKAm31Qj0G6M9S7U6x8bm+rZUR1YtZUynF0nG3
m2hxWT+e9OkFapZz9mxaFubwRN1/MEKkwUz0DilAR3PxTcgQIiRc/eKnq/I9Aaf/
t+tvUohuj6irvmpgAflAHE0a7bK/z4hnm3J6bys+gRpMmOI4oUAodjYiwj/IyW4d
/t65DoRr3cdE/KxjH/MuHQSABwpYbRobodX6EKuHQ8oauRsUqZm4gxRyiuIkRdXa
oJ3a6WKyuNKLnHeLmMwuG54KaICnXs47Jvs9mxwOMMn1bzfLTCizW8sCqKMf0NyN
mufkWtEnUgT5P3u7OlXXQB/hAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUwceAVTCY
sFJO5macpFkQsYIV9mAwHwYDVR0jBBgwFoAUP7w69DECztpPoPf6m9kbLWU0bW4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxREY4LzI2RTUzMTE0NTUw
NjExRUQ5NTA2QzA0NUM0RjlBRTAyL1A3dzY5REVDenRwUG9QZjZtOWtiTFdVMGJX
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUDd3NjlERUN6dHBQb1BmNm05a2JMV1UwYlc0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MURGOC8yNkU1MzExNDU1MDYxMUVEOTUwNkMwNDVDNEY5QUUwMi80NjZCNjUxMjc3
MTYxMUVEQjY1RkJGNzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWf6HDAPBAIAAjAJAwcAIAEN8UVAMA0GCSqGSIb3DQEBCwUA
A4IBAQDDrpDkJDmDJWus02Zx9JIJpvQEKG7TL6EEd7PySbrPzaum3Us3M3JgLdic
kE9sUDjcPrP0hix0HCBDShOOUD2jHoEHK0RB8NVi/ZF2+sIn9QITJwDMHJXfpKTy
pHrB5hXHbdVhQ2FlxhDGN73oFkDy8RkpSJx4ZaSCl/MBP5u5vHaf5I2X9B82htC+
sOlPAkdZiMWbRXbArCPgfs1aN9B17Axwbg1BnUhoO8wKcNom6bg7O9xK3ONILHFV
Z1KjG0KeEMGd4vpnGzuUXWLhb0Fha9KZovsb2oVBl1LR7ITDcwJei5x4IAYlzujZ
8kYvG6cLlUfsI34QYQhZM+5bFLd4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org