Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/3009CA54658F11EDAF4D1976C4F9AE02.roa
File: 3009CA54658F11EDAF4D1976C4F9AE02.roa (raw, json)
Hash identifier: A55GygX/OW8tbTI80NN/GbuSzH1KNPz0r8OWPoxQwd8=
Subject key identifier: 4F:B9:B9:39:8A:5D:D1:8E:0B:0C:0C:96:5D:58:AF:30:C5:31:47:AF
Certificate issuer: /CN=A91689B7/serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2
Certificate serial: 0C
Authority key identifier: 88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/3009CA54658F11EDAF4D1976C4F9AE02.roa
Signing time: Wed 16 Nov 2022 09:15:18 +0000
ROA not before: Wed 16 Nov 2022 09:15:18 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 150387
IP address blocks: 103.26.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91689B7/serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2
Validity
Not Before: Nov 16 09:15:18 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6374aa26-c9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:85:90:0e:20:08:c5:11:0a:a6:61:e3:02:a4:
70:60:d9:3b:09:99:5f:d7:ef:9b:c6:20:ec:79:b6:
85:fd:cd:90:e5:9f:f2:ce:59:b0:3c:47:54:92:a2:
e8:cf:03:e9:21:fa:1f:8a:3c:50:72:f7:48:dd:01:
fc:cb:7d:60:5c:b0:00:82:da:81:89:82:0a:ed:ab:
f9:9e:9a:ef:5e:bf:7f:bd:f8:27:00:43:dd:4a:51:
92:00:d6:43:78:67:37:4b:bd:e9:b7:fe:9f:85:6e:
2f:42:98:c9:af:24:9e:01:f4:3b:8d:eb:b8:3c:b8:
c3:74:5f:2e:3e:dc:f6:da:c4:d6:da:a3:a2:5d:89:
82:6e:d8:06:46:9d:ae:76:a5:71:07:03:53:d0:a3:
22:41:bc:65:44:8e:b5:4c:73:6c:8a:f2:34:a4:21:
e7:9b:d7:90:22:53:7d:f3:f3:81:90:dc:8c:a9:ad:
46:6e:bc:7b:d9:08:1c:0d:7e:95:ff:bf:93:19:1a:
fb:fe:01:b7:e6:80:cf:77:0d:06:39:24:ad:16:22:
56:28:be:5e:69:da:dd:08:02:0c:ac:53:7c:91:11:
7e:04:0e:0f:b9:65:62:58:38:8b:d2:93:d6:9f:a9:
78:c7:ef:b2:48:c7:06:23:bf:b2:c2:23:5a:65:57:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B9:B9:39:8A:5D:D1:8E:0B:0C:0C:96:5D:58:AF:30:C5:31:47:AF
X509v3 Authority Key Identifier:
keyid:88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/3009CA54658F11EDAF4D1976C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.238.0/24
Signature Algorithm: sha256WithRSAEncryption
22:3f:37:84:62:08:24:98:e2:c9:6e:45:77:3b:fe:be:70:ad:
63:a8:90:7c:e8:51:76:f1:34:59:6f:31:0f:36:c0:fc:64:30:
14:93:f9:5c:46:92:bc:e5:7c:c8:ea:ae:05:18:27:0c:47:96:
00:0a:89:28:25:c1:05:0d:21:b6:9f:87:b3:bf:32:01:9b:a5:
bf:6b:c8:2e:9e:38:1e:d4:7c:95:a1:5a:a9:de:54:87:9c:f2:
55:54:76:f3:5c:6f:90:f4:e4:9e:ec:0d:df:b6:a3:ce:61:18:
95:29:f4:2c:9d:e7:4b:82:bc:9b:50:0e:ad:3d:27:f3:9f:64:
8c:3c:01:41:bd:88:88:7c:3e:8f:6c:d3:f9:3c:40:8a:c5:ab:
b5:46:65:7c:ed:ea:d2:d0:c8:2a:3b:8e:f8:69:d8:e0:c4:6a:
43:b3:6f:3e:a0:aa:96:4d:d9:67:a1:4e:6a:17:75:90:da:b4:
c9:89:cc:54:bf:c4:16:b4:b4:f2:d5:d3:14:b3:66:ac:38:b1:
26:39:0a:4a:fe:38:83:f6:e9:e0:b0:0f:bf:e1:36:e3:d3:76:
65:29:fb:14:f2:38:26:d0:bc:94:64:44:c7:19:89:8d:3c:d6:
4b:e2:a7:73:6b:1c:85:e8:bb:2c:40:69:06:bb:6e:f0:28:2a:
1f:cc:9b:0f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODlCNzExMC8GA1UEBRMoODgyMjQ3ODU1NzRDMUYyM0NBOUM0MzlFRDhGNTUzODhG
NkE2OENFMjAeFw0yMjExMTYwOTE1MThaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNzRhYTI2LWM5YmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5hZAOIAjFEQqmYeMCpHBg2TsJmV/X75vGIOx5toX9zZDln/LOWbA8R1SSoujP
A+kh+h+KPFBy90jdAfzLfWBcsACC2oGJggrtq/memu9ev3+9+CcAQ91KUZIA1kN4
ZzdLvem3/p+Fbi9CmMmvJJ4B9DuN67g8uMN0Xy4+3PbaxNbao6JdiYJu2AZGna52
pXEHA1PQoyJBvGVEjrVMc2yK8jSkIeeb15AiU33z84GQ3IyprUZuvHvZCBwNfpX/
v5MZGvv+AbfmgM93DQY5JK0WIlYovl5p2t0IAgysU3yREX4EDg+5ZWJYOIvSk9af
qXjH77JIxwYjv7LCI1plV17hAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUT7m5OYpd
0Y4LDAyWXVivMMUxR68wHwYDVR0jBBgwFoAUiCJHhVdMHyPKnEOe2PVTiPamjOIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4OUI3L0IxRTU0QUI4NTZB
MjExRURCNEExQjIyNUM0RjlBRTAyL2lDSkhoVmRNSHlQS25FT2UyUFZUaVBhbWpP
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaUNKSGhWZE1IeVBLbkVPZTJQVlRpUGFtak9JLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODlCNy9CMUU1NEFCODU2QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi8zMDA5Q0E1NDY1
OEYxMUVEQUY0RDE5NzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGca7jANBgkqhkiG9w0BAQsFAAOCAQEAIj83hGIIJJjiyW5F
dzv+vnCtY6iQfOhRdvE0WW8xDzbA/GQwFJP5XEaSvOV8yOquBRgnDEeWAAqJKCXB
BQ0htp+Hs78yAZulv2vILp44HtR8laFaqd5Uh5zyVVR281xvkPTknuwN37ajzmEY
lSn0LJ3nS4K8m1AOrT0n859kjDwBQb2IiHw+j2zT+TxAisWrtUZlfO3q0tDIKjuO
+GnY4MRqQ7NvPqCqlk3ZZ6FOahd1kNq0yYnMVL/EFrS08tXTFLNmrDixJjkKSv44
g/bp4LAPv+E249N2ZSn7FPI4JtC8lGRExxmJjTzWS+Knc2schei7LEBpBrtu8Cgq
H8ybDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org