Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/468CCCB86FAD11ED99881F82C4F9AE02.roa
File: 468CCCB86FAD11ED99881F82C4F9AE02.roa (raw, json)
Hash identifier: 7EsZqbFRtpVX/3hjSJhi8OmI+peH7NTGqTzTXtSTQzg=
Subject key identifier: 98:F0:36:52:D3:90:C7:BA:96:6D:2F:6F:4A:EF:57:53:13:C5:F4:DC
Certificate issuer: /CN=A9161DF8/serialNumber=3FBC3AF43102CEDA4FA0F7FA9BD91B2D65346D6E
Certificate serial: 1D
Authority key identifier: 3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/468CCCB86FAD11ED99881F82C4F9AE02.roa
Signing time: Tue 29 Nov 2022 06:15:52 +0000
ROA not before: Tue 29 Nov 2022 06:15:52 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 150311
IP address blocks: 103.250.28.0/23 maxlen: 23
2001:df1:4540::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161DF8/serialNumber=3FBC3AF43102CEDA4FA0F7FA9BD91B2D65346D6E
Validity
Not Before: Nov 29 06:15:52 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6385a398-e3d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d9:96:6a:1f:56:14:d8:0e:b9:a1:00:78:0f:
6a:60:ad:62:c5:27:da:b4:cf:0d:cd:97:86:ea:a3:
d3:12:0f:c6:18:45:17:00:0f:13:7f:d8:f8:c2:6c:
b4:ee:a4:c4:46:5a:ca:7f:ae:6d:2f:42:e1:41:32:
12:04:a3:3f:8c:31:b0:06:52:5c:44:0b:51:1a:15:
8e:39:1d:17:dd:3f:ef:e9:36:23:1d:1b:94:08:7d:
ae:ea:3a:13:5b:df:13:16:77:59:97:7f:9f:74:7b:
d5:5b:8e:4b:a6:88:f6:d3:ba:cd:e9:f3:5e:0f:2b:
87:99:38:aa:5a:a4:13:d7:e1:9a:21:4f:7f:6d:39:
68:65:12:62:34:99:49:71:d6:7e:72:7b:97:65:f7:
22:57:bc:6d:ef:b6:56:c3:e1:db:7d:fd:a8:cb:a6:
f0:db:fe:fb:7a:c3:4f:06:67:d0:2d:f9:26:f7:b8:
53:95:9c:14:95:d6:9f:54:bf:d7:14:d3:85:77:28:
01:39:bf:4e:1a:2a:28:cb:7c:51:70:cc:f2:60:38:
98:c1:6d:61:77:1c:3c:62:d2:3d:bd:aa:f2:7b:cc:
7e:50:5b:90:d6:d4:e6:6d:b5:56:09:15:04:ce:e5:
c4:c8:97:02:42:7c:fb:94:25:68:c7:33:2f:97:0b:
33:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F0:36:52:D3:90:C7:BA:96:6D:2F:6F:4A:EF:57:53:13:C5:F4:DC
X509v3 Authority Key Identifier:
keyid:3F:BC:3A:F4:31:02:CE:DA:4F:A0:F7:FA:9B:D9:1B:2D:65:34:6D:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/P7w69DECztpPoPf6m9kbLWU0bW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7w69DECztpPoPf6m9kbLWU0bW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161DF8/26E53114550611ED9506C045C4F9AE02/468CCCB86FAD11ED99881F82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.250.28.0/23
IPv6:
2001:df1:4540::/48
Signature Algorithm: sha256WithRSAEncryption
27:47:b3:1b:cf:b4:d0:ba:ab:bd:ab:e7:cb:30:91:73:5e:be:
fa:a6:a1:30:80:08:e4:07:41:ae:a1:cc:27:d6:cd:63:63:f0:
62:50:06:05:09:45:a9:b7:9c:6e:62:0c:1f:19:7c:8e:6f:cb:
c0:a2:a4:99:b7:b8:3c:e5:b4:61:4b:de:36:6a:f7:e3:cf:ed:
66:8c:38:1d:f4:65:aa:8b:85:9a:00:17:59:a7:47:9e:b4:7b:
5d:47:5b:c4:04:61:b1:6d:82:54:b9:c7:38:65:79:b8:8d:7f:
00:b7:af:ab:a5:64:62:1c:5e:d8:b5:61:36:63:84:16:3a:f3:
50:11:a0:36:0e:db:28:67:ce:3f:0a:f1:89:47:01:e6:c1:ca:
9d:13:c4:cc:fa:11:12:54:0d:a9:90:e3:c4:66:3d:50:36:3f:
2e:2e:85:ef:ca:2a:45:47:73:57:03:c6:a1:bd:37:32:a0:bf:
89:d7:1e:17:b1:fb:f0:38:c2:3f:1d:c0:7f:7d:6e:66:9b:25:
b1:bb:af:ad:36:56:bd:99:64:3c:dc:69:29:cb:80:bc:77:09:
19:e3:17:d1:4f:d9:a0:ca:c2:32:c0:6b:f8:12:4b:47:d1:21:
0e:98:35:2c:81:34:05:91:33:12:9e:12:52:c6:e1:95:ff:2c:
a2:93:12:2f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MURGODExMC8GA1UEBRMoM0ZCQzNBRjQzMTAyQ0VEQTRGQTBGN0ZBOUJEOTFCMkQ2
NTM0NkQ2RTAeFw0yMjExMjkwNjE1NTJaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzODVhMzk4LWUzZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC72ZZqH1YU2A65oQB4D2pgrWLFJ9q0zw3Nl4bqo9MSD8YYRRcADxN/2PjCbLTu
pMRGWsp/rm0vQuFBMhIEoz+MMbAGUlxEC1EaFY45HRfdP+/pNiMdG5QIfa7qOhNb
3xMWd1mXf590e9VbjkumiPbTus3p814PK4eZOKpapBPX4ZohT39tOWhlEmI0mUlx
1n5ye5dl9yJXvG3vtlbD4dt9/ajLpvDb/vt6w08GZ9At+Sb3uFOVnBSV1p9Uv9cU
04V3KAE5v04aKijLfFFwzPJgOJjBbWF3HDxi0j29qvJ7zH5QW5DW1OZttVYJFQTO
5cTIlwJCfPuUJWjHMy+XCzPDAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUmPA2UtOQ
x7qWbS9vSu9XUxPF9NwwHwYDVR0jBBgwFoAUP7w69DECztpPoPf6m9kbLWU0bW4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxREY4LzI2RTUzMTE0NTUw
NjExRUQ5NTA2QzA0NUM0RjlBRTAyL1A3dzY5REVDenRwUG9QZjZtOWtiTFdVMGJX
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUDd3NjlERUN6dHBQb1BmNm05a2JMV1UwYlc0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MURGOC8yNkU1MzExNDU1MDYxMUVEOTUwNkMwNDVDNEY5QUUwMi80NjhDQ0NCODZG
QUQxMUVEOTk4ODFGODJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWf6HDAPBAIAAjAJAwcAIAEN8UVAMA0GCSqGSIb3DQEBCwUA
A4IBAQAnR7Mbz7TQuqu9q+fLMJFzXr76pqEwgAjkB0Guocwn1s1jY/BiUAYFCUWp
t5xuYgwfGXyOb8vAoqSZt7g85bRhS942avfjz+1mjDgd9GWqi4WaABdZp0eetHtd
R1vEBGGxbYJUucc4ZXm4jX8At6+rpWRiHF7YtWE2Y4QWOvNQEaA2DtsoZ84/CvGJ
RwHmwcqdE8TM+hESVA2pkOPEZj1QNj8uLoXvyipFR3NXA8ahvTcyoL+J1x4Xsfvw
OMI/HcB/fW5mmyWxu6+tNla9mWQ83Gkpy4C8dwkZ4xfRT9mgysIywGv4EktH0SEO
mDUsgTQFkTMSnhJSxuGV/yyikxIv
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org