Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/535D75D6375111ECA2A92612C4F9AE02.roa
File: 535D75D6375111ECA2A92612C4F9AE02.roa (raw, json)
Hash identifier: +bnlzz++XZn0P6Y7+vOHcXGK15gT9JfMcFJYeK4zGQY=
Subject key identifier: B4:D2:33:54:FC:10:A8:79:08:09:4C:FA:C9:95:87:68:E1:69:6B:85
Certificate issuer: /CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Certificate serial: 02E9
Authority key identifier: 98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/535D75D6375111ECA2A92612C4F9AE02.roa
Signing time: Sat 03 Dec 2022 03:32:23 +0000
ROA not before: Sat 03 Dec 2022 03:32:23 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 139660
IP address blocks: 103.174.96.0/24 maxlen: 24
103.174.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 745 (0x2e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91623B9/serialNumber=98E1ECBD45D7879F9BC9439F4C6C2F2714AD36F5
Validity
Not Before: Dec 3 03:32:23 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=638ac346-8a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8f:a0:61:3f:5a:4a:a6:fa:7e:6e:e2:ff:d4:
e2:46:4c:76:6d:fc:d7:27:43:9a:2e:4e:74:97:ca:
51:a4:70:6b:31:17:6a:40:57:60:77:fb:96:0c:d9:
a8:49:52:e6:58:33:77:4c:8e:19:b0:43:c6:5a:ec:
82:8b:18:35:20:9e:42:12:5f:d4:5f:80:14:3d:67:
84:d0:91:29:e9:2e:d0:fb:d2:cb:98:60:4a:45:72:
2c:af:71:b6:27:10:8a:4e:a8:1c:88:ff:fb:38:3c:
d2:8c:ca:2f:a2:ca:1f:d1:85:15:26:73:e9:40:e7:
56:1d:50:95:50:50:70:90:cb:f5:bf:52:49:c7:c3:
c0:f0:ed:4a:54:ef:f4:58:90:d5:46:cb:e1:70:a9:
8c:02:c7:a9:8f:61:ed:0e:41:21:f0:85:a0:49:f7:
2f:07:db:8e:8d:ff:43:b2:54:76:63:45:3a:02:da:
fe:3d:69:ee:32:97:c1:71:78:cf:a5:39:2d:c7:72:
44:62:05:5c:69:32:f3:9c:c1:25:29:6b:45:e0:04:
c4:6c:f2:bf:3a:0e:27:bc:11:1a:ec:c5:28:f8:d6:
86:41:81:4c:6c:f3:c8:9b:7c:f2:50:db:99:e8:e3:
a5:3a:b2:78:83:b1:bc:f2:1c:71:06:57:34:e6:78:
da:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D2:33:54:FC:10:A8:79:08:09:4C:FA:C9:95:87:68:E1:69:6B:85
X509v3 Authority Key Identifier:
keyid:98:E1:EC:BD:45:D7:87:9F:9B:C9:43:9F:4C:6C:2F:27:14:AD:36:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/mOHsvUXXh5-byUOfTGwvJxStNvU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mOHsvUXXh5-byUOfTGwvJxStNvU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91623B9/78CEACBC2B3611ECAD595B7CC4F9AE02/535D75D6375111ECA2A92612C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.96.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:db:75:5a:86:d8:ce:95:74:ce:6e:03:37:9f:20:8e:c4:8e:
7e:d9:69:f9:1f:c1:45:26:dd:ac:30:3a:ab:64:e8:49:6e:d9:
c1:4b:4e:b5:ac:97:36:2d:26:cd:a7:5c:43:ce:ac:a5:c3:51:
0f:5a:5f:f5:8d:8b:ab:8a:32:f8:80:6a:4f:21:be:64:c7:a0:
31:3f:1e:8e:79:2a:af:16:6f:f0:e7:f3:5a:47:11:29:f9:bd:
a0:f4:12:89:9f:3c:2e:b8:a7:c8:37:7e:3f:4a:a7:66:68:f3:
44:15:1b:a0:8f:3a:ee:17:49:be:1e:f2:73:72:dd:24:48:e1:
a0:f3:21:20:c4:1e:e1:c8:f2:8c:86:69:72:34:2f:82:a8:3e:
be:7b:8f:a3:16:c5:df:05:8c:e8:96:81:ed:51:27:11:14:79:
2a:65:51:3b:73:0a:97:60:34:d3:94:5b:f1:bf:3d:31:93:b9:
78:d4:55:83:bc:57:47:fe:43:fa:e9:74:75:47:d7:53:8c:e7:
3c:6b:a7:80:c1:46:44:91:86:7b:b1:9f:88:04:95:c5:23:74:
78:31:28:a5:c3:87:79:f8:81:f2:58:e6:05:cc:d0:09:bf:01:
f1:88:29:3d:bf:0f:85:9d:80:b3:10:c9:c3:5d:b8:01:80:23:
f7:86:40:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAukwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIzQjkxMTAvBgNVBAUTKDk4RTFFQ0JENDVENzg3OUY5QkM5NDM5RjRDNkMyRjI3
MTRBRDM2RjUwHhcNMjIxMjAzMDMzMjIzWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhYzM0Ni04YTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1o+gYT9aSqb6fm7i/9TiRkx2bfzXJ0OaLk50l8pRpHBrMRdqQFdgd/uWDNmo
SVLmWDN3TI4ZsEPGWuyCixg1IJ5CEl/UX4AUPWeE0JEp6S7Q+9LLmGBKRXIsr3G2
JxCKTqgciP/7ODzSjMovosof0YUVJnPpQOdWHVCVUFBwkMv1v1JJx8PA8O1KVO/0
WJDVRsvhcKmMAsepj2HtDkEh8IWgSfcvB9uOjf9DslR2Y0U6Atr+PWnuMpfBcXjP
pTktx3JEYgVcaTLznMElKWtF4ATEbPK/Og4nvBEa7MUo+NaGQYFMbPPIm3zyUNuZ
6OOlOrJ4g7G88hxxBlc05njaSwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLTSM1T8
EKh5CAlM+smVh2jhaWuFMB8GA1UdIwQYMBaAFJjh7L1F14efm8lDn0xsLycUrTb1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjNCOS83OENFQUNCQzJC
MzYxMUVDQUQ1OTVCN0NDNEY5QUUwMi9tT0hzdlVYWGg1LWJ5VU9mVEd3dkp4U3RO
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21PSHN2VVhYaDUtYnlVT2ZUR3d2SnhTdE52VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIzQjkvNzhDRUFDQkMyQjM2MTFFQ0FENTk1QjdDQzRGOUFFMDIvNTM1RDc1RDYz
NzUxMTFFQ0EyQTkyNjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrmAwDQYJKoZIhvcNAQELBQADggEBAG3bdVqG2M6VdM5u
AzefII7Ejn7ZafkfwUUm3awwOqtk6Elu2cFLTrWslzYtJs2nXEPOrKXDUQ9aX/WN
i6uKMviAak8hvmTHoDE/Ho55Kq8Wb/Dn81pHESn5vaD0EomfPC64p8g3fj9Kp2Zo
80QVG6CPOu4XSb4e8nNy3SRI4aDzISDEHuHI8oyGaXI0L4KoPr57j6MWxd8FjOiW
ge1RJxEUeSplUTtzCpdgNNOUW/G/PTGTuXjUVYO8V0f+Q/rpdHVH11OM5zxrp4DB
RkSRhnuxn4gElcUjdHgxKKXDh3n4gfJY5gXM0Am/AfGIKT2/D4WdgLMQycNduAGA
I/eGQFs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org