Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/9AC4BC4CEB3F11EDB3F54D3AC4F9AE02.roa
File: 9AC4BC4CEB3F11EDB3F54D3AC4F9AE02.roa (raw, json)
Hash identifier: TwMv591GoyHHm/2F1fxj3VfdnvtGvT2VQ+7ydeFeH3Q=
Subject key identifier: 31:D9:48:C6:2B:80:F0:72:F3:45:46:F9:C3:3C:D7:B4:D5:12:DC:61
Certificate issuer: /CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Certificate serial: 038F
Authority key identifier: 79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/9AC4BC4CEB3F11EDB3F54D3AC4F9AE02.roa
Signing time: Fri 05 May 2023 12:23:13 +0000
ROA not before: Fri 05 May 2023 12:23:13 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 142127
IP address blocks: 103.151.236.0/24 maxlen: 24
103.151.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911 (0x38f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Validity
Not Before: May 5 12:23:13 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6454f531-5aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d5:f3:ab:e9:86:66:b8:cb:71:c1:fb:54:3b:
e7:f6:4f:07:58:2e:50:a2:8d:d2:59:71:69:8f:3c:
2f:37:9f:d0:10:18:a0:2f:78:f6:41:d4:ef:01:a2:
2d:0c:69:d9:64:ef:f1:f6:ae:0f:e4:e3:b7:88:a7:
de:e9:b6:b0:e3:45:3c:bc:84:2a:4b:5d:37:c5:95:
b8:8d:d2:df:c8:d9:53:f7:77:df:e9:4c:a1:7d:a3:
20:6f:39:a4:92:09:fa:f1:75:d7:68:f5:64:55:41:
b1:f1:da:99:9c:a3:2a:f5:73:d7:82:15:20:73:05:
1f:d0:e0:66:25:c5:82:e3:60:0b:99:25:8f:99:f4:
0e:74:f0:48:db:55:1f:25:e3:83:ff:14:e6:ec:99:
01:6b:b4:b7:fa:41:1c:e3:79:15:e3:5a:f1:08:ef:
b2:cd:b9:6e:20:43:6e:7d:79:c6:c2:67:cb:e9:9b:
e6:e9:88:0c:d8:b5:74:00:d5:2f:a0:df:8f:a8:b6:
be:4c:68:cc:c9:ad:6a:ae:9c:03:4b:7d:d2:ed:3c:
94:d0:0e:25:ce:72:00:d6:01:c1:15:db:3e:71:05:
ef:9d:86:17:ec:89:d1:11:ac:fb:b4:c9:3d:6f:93:
87:fd:06:bb:f8:65:76:82:2b:88:ef:3b:a6:c7:ee:
61:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D9:48:C6:2B:80:F0:72:F3:45:46:F9:C3:3C:D7:B4:D5:12:DC:61
X509v3 Authority Key Identifier:
keyid:79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/9AC4BC4CEB3F11EDB3F54D3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.236.0/23
Signature Algorithm: sha256WithRSAEncryption
68:d1:9a:9b:23:ec:41:ad:13:fe:66:0f:ec:a9:df:15:84:41:
14:10:38:38:41:ae:01:eb:14:a7:f6:bc:8a:4c:b6:80:5e:e9:
73:b7:2a:c1:e2:33:26:4b:be:74:78:da:86:9f:47:36:03:a6:
7b:68:6e:5c:30:c0:a8:ad:fe:93:90:cd:77:d5:d3:2d:9e:d7:
e6:fb:1c:70:d0:a5:22:cf:c2:96:9c:50:11:f0:ec:3a:1c:37:
21:19:83:87:98:3c:86:fe:1c:2e:94:17:45:dc:13:e0:2a:92:
ac:15:0d:36:2e:5f:f9:24:d8:78:54:e8:42:7a:8f:65:f1:22:
a5:ba:59:22:64:3f:6e:41:e9:04:cc:b7:f7:42:8d:f6:f6:dd:
fd:6c:42:18:3e:a6:83:a7:37:45:cf:84:33:7c:6f:25:24:7c:
2c:e9:3a:87:0c:84:90:94:19:30:20:d1:ba:f8:ea:4a:9c:8b:
38:c7:70:54:e6:17:d7:12:24:c8:f5:5d:9e:72:73:eb:39:e3:
5e:95:2f:78:53:9a:fa:3f:07:d0:de:ec:34:64:27:94:21:b3:
8b:a5:2f:2a:91:9b:b4:55:1e:89:f8:d8:de:b1:f7:2e:18:40:
b7:d3:5e:e2:89:f8:40:3b:e0:23:ce:e7:a4:14:45:f2:72:31:
d0:b9:6a:54
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlDNTIxMTAvBgNVBAUTKDc5MDU1NTNGRUNBNTkwMzBENTE5MTgzNzJGMUVFMTcy
NzQ5NDlGQjUwHhcNMjMwNTA1MTIyMzEzWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU0ZjUzMS01YWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0dXzq+mGZrjLccH7VDvn9k8HWC5Qoo3SWXFpjzwvN5/QEBigL3j2QdTvAaIt
DGnZZO/x9q4P5OO3iKfe6baw40U8vIQqS103xZW4jdLfyNlT93ff6UyhfaMgbzmk
kgn68XXXaPVkVUGx8dqZnKMq9XPXghUgcwUf0OBmJcWC42ALmSWPmfQOdPBI21Uf
JeOD/xTm7JkBa7S3+kEc43kV41rxCO+yzbluIENufXnGwmfL6Zvm6YgM2LV0ANUv
oN+PqLa+TGjMya1qrpwDS33S7TyU0A4lznIA1gHBFds+cQXvnYYX7InREaz7tMk9
b5OH/Qa7+GV2giuI7zumx+5hOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDHZSMYr
gPBy80VG+cM817TVEtxhMB8GA1UdIwQYMBaAFHkFVT/spZAw1RkYNy8e4XJ0lJ+1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUM1Mi82QjcxNTE2MjBE
N0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9lUVZWUC15bGtERFZHUmczTHg3aGNuU1Vu
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRVlZQLXlsa0REVkdSZzNMeDdoY25TVW43VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlDNTIvNkI3MTUxNjIwRDdFMTFFQzlDMEI1Rjc1QzRGOUFFMDIvOUFDNEJDNENF
QjNGMTFFREIzRjU0RDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnl+wwDQYJKoZIhvcNAQELBQADggEBAGjRmpsj7EGtE/5m
D+yp3xWEQRQQODhBrgHrFKf2vIpMtoBe6XO3KsHiMyZLvnR42oafRzYDpntoblww
wKit/pOQzXfV0y2e1+b7HHDQpSLPwpacUBHw7DocNyEZg4eYPIb+HC6UF0XcE+Aq
kqwVDTYuX/kk2HhU6EJ6j2XxIqW6WSJkP25B6QTMt/dCjfb23f1sQhg+poOnN0XP
hDN8byUkfCzpOocMhJCUGTAg0br46kqcizjHcFTmF9cSJMj1XZ5yc+s5416VL3hT
mvo/B9De7DRkJ5Qhs4ulLyqRm7RVHon42N6x9y4YQLfTXuKJ+EA74CPO56QURfJy
MdC5alQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org