Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/4B888814E4E311ED90315A7AC4F9AE02.roa
File: 4B888814E4E311ED90315A7AC4F9AE02.roa (raw, json)
Hash identifier: p7upMc4PtiVFuLTG5yQjr0YdYvp+VvPgpnjv3OP1nxQ=
Subject key identifier: 1E:35:DF:F7:C9:4E:F0:3F:7C:FA:93:5A:52:2A:29:D7:47:B3:32:80
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 5D
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/4B888814E4E311ED90315A7AC4F9AE02.roa
Signing time: Thu 27 Apr 2023 10:07:20 +0000
ROA not before: Thu 27 Apr 2023 10:07:20 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 133499
IP address blocks: 103.240.164.0/22 maxlen: 22
103.241.52.0/22 maxlen: 22
103.241.52.0/24 maxlen: 24
103.241.53.0/24 maxlen: 24
103.241.54.0/24 maxlen: 24
103.241.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93 (0x5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Apr 27 10:07:20 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=644a4957-f797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dd:3e:96:b3:24:c2:13:11:62:b6:8e:c0:99:
e1:0e:da:db:4b:62:e9:d0:27:aa:47:46:94:70:96:
0e:0e:d0:89:41:45:ff:92:73:9a:2a:f2:69:a0:81:
f9:d3:bd:77:6e:e9:0a:d4:09:c2:f5:8b:09:5a:7c:
c8:aa:9c:66:1f:39:a8:af:0f:c2:7c:95:98:59:33:
7c:42:e4:3f:18:a5:39:fa:75:29:25:b7:2c:20:a5:
7f:0c:2e:3f:90:80:b3:f6:97:f2:f5:81:eb:e7:50:
90:16:cf:4f:7d:8c:fd:5c:a5:ae:6d:e2:88:f6:a1:
e8:12:54:d5:13:c3:ad:2c:36:7d:a2:d1:e6:13:60:
90:71:fe:3b:46:67:33:b1:60:cb:29:7a:e2:4b:29:
8e:b6:1e:d7:f3:59:14:12:ba:db:4b:a0:ac:ef:0c:
26:b1:51:fa:67:b0:b2:76:d9:28:d7:b3:74:20:4b:
c8:ee:49:cc:53:a1:f6:b4:22:0a:0d:8e:99:34:41:
59:7f:9b:bb:c6:33:c1:78:25:f8:2a:c8:5d:5c:35:
fd:6e:5c:e7:a8:ea:4d:b0:51:aa:82:78:18:b4:7d:
ca:cb:30:fd:29:31:f7:f6:ae:25:f9:65:65:bd:9b:
4f:51:e0:f6:e0:b5:66:51:aa:78:61:5c:6e:32:0a:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:35:DF:F7:C9:4E:F0:3F:7C:FA:93:5A:52:2A:29:D7:47:B3:32:80
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/4B888814E4E311ED90315A7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.240.164.0/22
103.241.52.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:36:f6:cc:00:4e:69:c0:dc:38:9b:20:53:d2:a8:7e:0e:9d:
f3:d6:90:38:0b:da:8b:8d:48:e4:81:25:70:06:54:0f:5c:68:
ae:1a:9a:53:ec:37:fa:b1:69:fe:1c:9e:95:2e:11:d1:2d:89:
02:68:17:46:d5:d3:9b:ea:d8:a0:96:27:3b:86:69:6c:44:4f:
db:f5:5f:ac:29:d3:78:2b:63:e4:7c:d7:b3:75:49:df:f5:75:
04:ad:02:69:96:82:f0:50:60:b9:6c:fe:e2:fb:48:c4:3b:72:
e0:a2:bb:b7:33:83:0f:c7:bf:be:83:d8:27:a7:b5:4a:f2:d3:
87:42:d7:77:86:55:61:b9:43:8f:2c:91:1c:78:b7:12:a2:61:
9e:14:63:27:ce:c9:d3:08:48:c9:dc:38:74:8f:d1:95:98:cd:
5d:e0:c2:b1:94:98:8f:6b:ec:c1:42:75:e1:83:b1:91:56:b7:
dd:8b:93:51:6a:6f:a7:9b:67:97:bb:97:1e:fd:22:95:60:a3:
87:63:46:2b:27:d3:1f:c3:ba:6b:d0:4a:fd:f9:d5:3a:f4:98:
eb:24:0f:18:e7:ea:ef:ca:0d:f1:25:b4:17:94:01:7a:33:f7:
20:50:38:60:8a:c2:02:e7:42:40:54:0c:14:06:a9:c8:ea:44:
91:5b:98:f2
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NjU4NzExMC8GA1UEBRMoMkQ2MzQwNzdDQzg0N0I1OUQ0MDQ4RDQzRTA0QjMzMDk2
OThGRTYzODAeFw0yMzA0MjcxMDA3MjBaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NGE0OTU3LWY3OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDG3T6WsyTCExFito7AmeEO2ttLYunQJ6pHRpRwlg4O0IlBRf+Sc5oq8mmggfnT
vXdu6QrUCcL1iwlafMiqnGYfOaivD8J8lZhZM3xC5D8YpTn6dSkltywgpX8MLj+Q
gLP2l/L1gevnUJAWz099jP1cpa5t4oj2oegSVNUTw60sNn2i0eYTYJBx/jtGZzOx
YMspeuJLKY62HtfzWRQSuttLoKzvDCaxUfpnsLJ22SjXs3QgS8juScxTofa0IgoN
jpk0QVl/m7vGM8F4JfgqyF1cNf1uXOeo6k2wUaqCeBi0fcrLMP0pMff2riX5ZWW9
m09R4PbgtWZRqnhhXG4yCof5AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUHjXf98lO
8D98+pNaUiop10ezMoAwHwYDVR0jBBgwFoAULWNAd8yEe1nUBI1D4EszCWmP5jgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2NTg3LzQxN0Q3MUI0OTE4
NjExRURBODRBMTI0REM0RjlBRTAyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVq
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTFdOQWQ4eUVlMW5VQkkxRDRFc3pDV21QNWpnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjU4Ny80MTdENzFCNDkxODYxMUVEQTg0QTEyNERDNEY5QUUwMi80Qjg4ODgxNEU0
RTMxMUVEOTAzMTVBN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmfwpAMEAmfxNDANBgkqhkiG9w0BAQsFAAOCAQEAKzb2zABO
acDcOJsgU9Kofg6d89aQOAvai41I5IElcAZUD1xorhqaU+w3+rFp/hyelS4R0S2J
AmgXRtXTm+rYoJYnO4ZpbERP2/VfrCnTeCtj5HzXs3VJ3/V1BK0CaZaC8FBguWz+
4vtIxDty4KK7tzODD8e/voPYJ6e1SvLTh0LXd4ZVYblDjyyRHHi3EqJhnhRjJ87J
0whIydw4dI/RlZjNXeDCsZSYj2vswUJ14YOxkVa33YuTUWpvp5tnl7uXHv0ilWCj
h2NGKyfTH8O6a9BK/fnVOvSY6yQPGOfq78oN8SW0F5QBejP3IFA4YIrCAudCQFQM
FAapyOpEkVuY8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org