Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/532FF1DE97DF11ED895CBD84C4F9AE02.roa
File: 532FF1DE97DF11ED895CBD84C4F9AE02.roa (raw, json)
Hash identifier: wXnOsLysHeqGOk9LhrISiKf493VEE6yhvM1R+1Ujbv8=
Subject key identifier: 25:A4:60:ED:1A:9B:C7:21:0C:E1:7E:E3:D6:0B:AF:98:39:47:31:3D
Certificate issuer: /CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Certificate serial: 27
Authority key identifier: 02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/532FF1DE97DF11ED895CBD84C4F9AE02.roa
Signing time: Thu 19 Jan 2023 09:54:55 +0000
ROA not before: Thu 19 Jan 2023 09:54:55 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 150671
IP address blocks: 103.52.34.0/24 maxlen: 24
103.52.35.0/24 maxlen: 24
2001:df1:ac40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0848/serialNumber=024229C81AC3535A21D60E2DC32A9B88BD6AD81F
Validity
Not Before: Jan 19 09:54:55 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63c9136f-56f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2e:0b:12:d3:ac:bc:8a:a9:64:8f:34:ed:26:
88:ff:19:93:3c:98:f0:00:79:c7:8f:48:d9:4d:62:
e2:e1:bc:97:0d:6d:3a:c2:55:d1:4e:e2:34:00:31:
c9:d2:7c:7a:31:cc:ba:cf:40:0b:e9:6f:4c:34:71:
7d:b6:30:a5:d0:23:45:d3:28:7d:0a:6b:d2:3a:37:
ee:44:61:3a:ce:c2:ed:16:1c:0e:ff:21:ce:ea:ba:
79:02:4c:26:4e:5a:8c:14:54:bd:36:94:55:64:7c:
d3:dc:d7:e1:33:fb:b3:1d:69:53:4b:ed:be:a0:e6:
8e:44:86:0e:bf:34:79:a6:66:cc:93:88:47:65:3e:
a1:b6:60:0a:3e:b0:77:45:d9:1a:12:72:81:d6:58:
65:ff:b4:84:bb:1b:e5:49:24:4b:11:10:65:d3:90:
05:b5:ec:23:c9:e7:5b:8b:b5:f3:49:b1:61:7e:2e:
ae:f5:51:c2:cd:13:7c:4c:54:22:28:75:03:25:f5:
35:02:14:b7:85:f5:2f:bf:dc:a4:a8:80:26:eb:50:
54:17:5c:58:86:f1:8a:66:ef:51:9a:87:f2:a2:00:
ce:de:48:1a:3a:54:f0:d8:5c:61:6f:05:fc:f4:04:
f9:be:88:ca:41:29:3b:69:6d:9e:81:ab:68:3b:8d:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A4:60:ED:1A:9B:C7:21:0C:E1:7E:E3:D6:0B:AF:98:39:47:31:3D
X509v3 Authority Key Identifier:
keyid:02:42:29:C8:1A:C3:53:5A:21:D6:0E:2D:C3:2A:9B:88:BD:6A:D8:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/AkIpyBrDU1oh1g4twyqbiL1q2B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AkIpyBrDU1oh1g4twyqbiL1q2B8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0848/64D8B1DE77E411ED97F5934DC4F9AE02/532FF1DE97DF11ED895CBD84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.52.34.0/23
IPv6:
2001:df1:ac40::/48
Signature Algorithm: sha256WithRSAEncryption
41:e9:01:f4:eb:cc:c6:02:ac:f8:62:70:11:59:fc:1b:31:21:
c7:de:4e:db:90:2c:11:e8:e7:1f:74:46:55:c8:b7:9e:08:56:
56:60:d1:09:13:3a:fa:99:fc:0b:32:4e:65:4e:24:14:37:5a:
88:3e:68:cb:84:3d:06:bb:c6:aa:ea:c9:23:87:4c:f2:e4:b6:
c4:25:19:df:ed:b1:b0:3a:0c:f4:f7:6b:c7:51:10:9e:77:9b:
cb:21:d2:9e:ab:be:86:c5:fe:e8:bf:ef:e1:42:08:ad:4e:02:
8f:17:18:c9:bd:5d:f1:22:30:ac:c6:1a:d4:d4:bd:3a:a7:92:
79:b7:37:b6:ea:b6:8c:b0:f6:5f:65:b9:09:e5:66:a2:3c:e4:
fe:bd:9b:54:16:12:25:f6:f8:60:82:1e:f5:2a:6b:06:b0:c9:
09:89:ec:d0:2b:f4:c5:79:77:e6:26:53:05:1b:73:60:1c:5a:
10:70:d7:f4:2f:d8:47:58:30:ed:07:e1:11:72:4b:cd:0b:c6:
99:46:1d:93:b9:8a:9c:34:46:59:fe:d4:e7:7f:60:87:8b:9d:
96:61:93:b8:3f:fe:ff:4e:53:62:9f:5f:c6:45:f6:a8:6d:8c:
00:c7:3b:a4:54:c1:2b:b6:20:58:f7:30:ec:b1:4f:b0:df:a2:
63:f6:b1:eb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MDg0ODExMC8GA1UEBRMoMDI0MjI5QzgxQUMzNTM1QTIxRDYwRTJEQzMyQTlCODhC
RDZBRDgxRjAeFw0yMzAxMTkwOTU0NTVaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYzkxMzZmLTU2ZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNLgsS06y8iqlkjzTtJoj/GZM8mPAAecePSNlNYuLhvJcNbTrCVdFO4jQAMcnS
fHoxzLrPQAvpb0w0cX22MKXQI0XTKH0Ka9I6N+5EYTrOwu0WHA7/Ic7qunkCTCZO
WowUVL02lFVkfNPc1+Ez+7MdaVNL7b6g5o5Ehg6/NHmmZsyTiEdlPqG2YAo+sHdF
2RoScoHWWGX/tIS7G+VJJEsREGXTkAW17CPJ51uLtfNJsWF+Lq71UcLNE3xMVCIo
dQMl9TUCFLeF9S+/3KSogCbrUFQXXFiG8Ypm71Gah/KiAM7eSBo6VPDYXGFvBfz0
BPm+iMpBKTtpbZ6Bq2g7jcxjAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUJaRg7Rqb
xyEM4X7j1guvmDlHMT0wHwYDVR0jBBgwFoAUAkIpyBrDU1oh1g4twyqbiL1q2B8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwODQ4LzY0RDhCMURFNzdF
NDExRUQ5N0Y1OTM0REM0RjlBRTAyL0FrSXB5QnJEVTFvaDFnNHR3eXFiaUwxcTJC
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQWtJcHlCckRVMW9oMWc0dHd5cWJpTDFxMkI4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MDg0OC82NEQ4QjFERTc3RTQxMUVEOTdGNTkzNERDNEY5QUUwMi81MzJGRjFERTk3
REYxMUVEODk1Q0JEODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWc0IjAPBAIAAjAJAwcAIAEN8axAMA0GCSqGSIb3DQEBCwUA
A4IBAQBB6QH068zGAqz4YnARWfwbMSHH3k7bkCwR6OcfdEZVyLeeCFZWYNEJEzr6
mfwLMk5lTiQUN1qIPmjLhD0Gu8aq6skjh0zy5LbEJRnf7bGwOgz092vHURCed5vL
IdKeq76Gxf7ov+/hQgitTgKPFxjJvV3xIjCsxhrU1L06p5J5tze26raMsPZfZbkJ
5WaiPOT+vZtUFhIl9vhggh71KmsGsMkJiezQK/TFeXfmJlMFG3NgHFoQcNf0L9hH
WDDtB+ERckvNC8aZRh2TuYqcNEZZ/tTnf2CHi52WYZO4P/7/TlNin1/GRfaobYwA
xzukVMErtiBY9zDssU+w36Jj9rHr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org