Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/4059510E5B4911ED8862970DC4F9AE02.roa
File: 4059510E5B4911ED8862970DC4F9AE02.roa (raw, json)
Hash identifier: kpE8zVex6vbO+71FJdmIYhM+rovqvxH2jd1MyEc3GR4=
Subject key identifier: 90:72:19:40:28:18:26:4A:AA:C5:88:D4:5E:C5:1B:FE:0A:D9:1E:ED
Certificate issuer: /CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Certificate serial: 05FB
Authority key identifier: 9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/4059510E5B4911ED8862970DC4F9AE02.roa
Signing time: Thu 03 Nov 2022 07:29:29 +0000
ROA not before: Thu 03 Nov 2022 07:29:29 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 140224
IP address blocks: 103.40.100.0/24 maxlen: 24
103.40.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1531 (0x5fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Validity
Not Before: Nov 3 07:29:29 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63636dd9-453a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:50:68:d7:da:ee:91:38:39:c6:ae:5f:f1:0f:
f2:eb:71:cc:7c:6f:62:4e:27:73:aa:c5:71:38:34:
09:9b:6a:98:b0:79:72:94:3c:15:b2:fb:ba:bd:ec:
32:b7:31:5b:8a:60:05:fd:70:df:d3:21:d3:ed:82:
5c:2b:6c:18:e8:b0:a8:80:cf:53:84:b5:6d:1a:5b:
88:2a:f0:1d:83:57:72:db:af:8f:66:09:4d:e5:d2:
e0:f8:29:02:2c:3e:6c:4b:31:94:29:3e:5b:b9:cd:
fd:76:d0:67:4b:62:43:19:50:93:64:63:37:fb:2f:
8c:38:cd:3c:23:d1:74:c6:38:59:94:cc:77:d0:50:
eb:2b:7d:20:c9:cd:8c:3c:44:8b:39:eb:92:72:a8:
c7:57:99:71:d2:b3:fa:42:fb:d4:3d:5e:09:5d:7c:
94:13:04:0c:12:b3:16:4d:d4:3a:94:97:39:f1:e0:
43:23:a9:ef:41:46:38:a9:7d:b5:ae:bc:54:b5:88:
89:fa:40:9a:d2:dc:86:1e:1d:7e:e8:62:f5:89:3a:
77:67:63:25:30:1f:68:b8:a2:3a:e6:89:6b:b1:2f:
56:60:6d:3a:4f:4b:f2:24:d2:a6:61:5e:18:ee:b3:
ae:e7:e5:7a:50:57:e9:dd:c8:a7:00:0c:3a:cb:5f:
fd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:72:19:40:28:18:26:4A:AA:C5:88:D4:5E:C5:1B:FE:0A:D9:1E:ED
X509v3 Authority Key Identifier:
keyid:9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/nQdEbvmfPFfCnFgta3rKRzX05HA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/4059510E5B4911ED8862970DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.100.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:51:56:83:3e:fa:77:9e:cc:72:a8:1a:07:bc:45:69:ad:d1:
b7:0d:29:15:3c:65:90:0f:57:41:a7:28:7d:b0:22:4f:89:b0:
a7:2c:c5:79:1d:80:fd:7f:b6:b7:cf:c4:9b:e4:ae:8e:6b:5e:
c1:cd:32:a3:3d:a6:b0:0a:9d:84:49:ce:ae:8a:a9:ff:3a:1c:
07:83:db:ff:2a:66:fd:fd:bd:aa:55:4e:02:19:2c:43:99:44:
68:44:b6:6f:bc:61:46:75:03:86:f6:0f:f1:04:e3:f9:08:27:
8b:a2:8c:04:1b:4d:81:0a:7e:a3:ed:b9:b5:9e:96:59:a8:90:
92:1b:b8:7b:4e:63:b7:de:42:25:8a:2d:c0:51:1e:30:cf:37:
ff:6e:1f:5b:a7:5a:46:ff:a0:7e:78:34:2d:ab:aa:92:dc:67:
f4:43:4d:51:b9:8b:97:e0:5a:bb:cb:a9:76:3b:3e:4d:af:2b:
1c:75:5b:6e:aa:ef:d4:25:d4:fc:4b:ad:04:46:df:72:75:ea:
7a:2c:cd:a4:26:74:86:2a:f7:eb:2f:78:ae:98:b4:e2:97:59:
93:23:60:8d:fb:a8:f4:c6:39:6d:a4:30:8f:01:13:f6:07:78:
cc:d8:b8:51:4e:c9:bd:11:5f:32:46:37:82:82:8f:5a:4f:72:
d3:57:8a:03
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5MEYxMTAvBgNVBAUTKDlEMDc0NDZFRjk5RjNDNTdDMjlDNTgyRDZCN0FDQTQ3
MzVGNEU0NzAwHhcNMjIxMTAzMDcyOTI5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYzNmRkOS00NTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1Bo19rukTg5xq5f8Q/y63HMfG9iTidzqsVxODQJm2qYsHlylDwVsvu6vewy
tzFbimAF/XDf0yHT7YJcK2wY6LCogM9ThLVtGluIKvAdg1dy26+PZglN5dLg+CkC
LD5sSzGUKT5buc39dtBnS2JDGVCTZGM3+y+MOM08I9F0xjhZlMx30FDrK30gyc2M
PESLOeuScqjHV5lx0rP6QvvUPV4JXXyUEwQMErMWTdQ6lJc58eBDI6nvQUY4qX21
rrxUtYiJ+kCa0tyGHh1+6GL1iTp3Z2MlMB9ouKI65olrsS9WYG06T0vyJNKmYV4Y
7rOu5+V6UFfp3cinAAw6y1/9qQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJByGUAo
GCZKqsWI1F7FG/4K2R7tMB8GA1UdIwQYMBaAFJ0HRG75nzxXwpxYLWt6ykc19ORw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkwRi9CM0NBNzZDMEZB
MzExMUVBQkQyNDlFN0FDNEY5QUUwMi9uUWRFYnZtZlBGZkNuRmd0YTNyS1J6WDA1
SEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25RZEVidm1mUEZmQ25GZ3RhM3JLUnpYMDVIQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5MEYvQjNDQTc2QzBGQTMxMTFFQUJEMjQ5RTdBQzRGOUFFMDIvNDA1OTUxMEU1
QjQ5MTFFRDg4NjI5NzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnKGQwDQYJKoZIhvcNAQELBQADggEBACxRVoM++neezHKo
Gge8RWmt0bcNKRU8ZZAPV0GnKH2wIk+JsKcsxXkdgP1/trfPxJvkro5rXsHNMqM9
prAKnYRJzq6Kqf86HAeD2/8qZv39vapVTgIZLEOZRGhEtm+8YUZ1A4b2D/EE4/kI
J4uijAQbTYEKfqPtubWellmokJIbuHtOY7feQiWKLcBRHjDPN/9uH1unWkb/oH54
NC2rqpLcZ/RDTVG5i5fgWrvLqXY7Pk2vKxx1W26q79Ql1PxLrQRG33J16noszaQm
dIYq9+sveK6YtOKXWZMjYI37qPTGOW2kMI8BE/YHeMzYuFFOyb0RXzJGN4KCj1pP
ctNXigM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org