Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/C1A1F0C8B11A11ED9D25347CC4F9AE02.roa
File: C1A1F0C8B11A11ED9D25347CC4F9AE02.roa (raw, json)
Hash identifier: N2+J1aIrQ13/huB3Glf/4ejbjdUDJbiXrKtIiWKfegw=
Subject key identifier: F6:4B:89:DB:D8:E8:9C:2C:79:B9:63:27:18:88:7A:2F:06:31:83:5E
Certificate issuer: /CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Certificate serial: 0372
Authority key identifier: 79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/C1A1F0C8B11A11ED9D25347CC4F9AE02.roa
Signing time: Thu 16 Mar 2023 10:12:54 +0000
ROA not before: Thu 16 Mar 2023 10:12:54 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 140697
IP address blocks: 103.151.236.0/24 maxlen: 24
103.151.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 882 (0x372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Validity
Not Before: Mar 16 10:12:54 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6412eba5-bb5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:12:e4:12:07:e5:6a:75:9d:65:12:55:3e:99:
c5:a9:62:66:60:41:b4:ed:6b:45:c1:ca:17:22:30:
63:0c:75:2c:fa:e9:a2:8c:e5:cf:d1:d0:25:f0:13:
d4:b8:ca:35:3b:d1:c0:9a:a6:59:41:b8:fd:35:3d:
be:f7:ad:9a:e3:ee:42:43:0e:ba:65:64:ac:a3:c9:
31:e4:aa:9a:e2:b5:65:0c:a9:5f:6a:75:65:f1:36:
a5:f5:34:fd:74:66:21:6c:6b:04:60:79:5b:9a:f3:
7b:22:d8:36:21:a6:22:c3:e2:92:18:fb:a6:e4:0f:
39:bc:6c:65:33:bd:3f:74:49:ff:7e:0c:6f:1d:a3:
a5:92:37:1e:ab:4d:55:a5:1c:7a:4a:5c:d1:db:4a:
3c:fa:c6:20:0a:e3:c1:42:ed:c8:08:47:05:44:9b:
2f:73:c7:0d:23:45:e8:ad:b8:e8:c5:53:3a:0a:43:
5c:33:82:74:c2:8a:f2:72:d4:92:c9:e8:e4:44:7c:
3c:23:cc:f1:b4:c0:fa:04:57:d5:ca:78:88:6c:d4:
c9:ab:e9:62:a6:6c:fb:85:7f:2f:da:9b:53:11:c5:
5d:b8:92:07:1a:f6:51:72:3b:bf:a0:e2:80:f1:e6:
c4:8d:6e:14:6d:a4:71:e5:eb:42:10:5c:00:9f:1d:
f4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4B:89:DB:D8:E8:9C:2C:79:B9:63:27:18:88:7A:2F:06:31:83:5E
X509v3 Authority Key Identifier:
keyid:79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/C1A1F0C8B11A11ED9D25347CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.236.0/23
Signature Algorithm: sha256WithRSAEncryption
38:71:15:82:a1:fc:00:bc:96:54:df:c5:c7:6f:2c:76:04:13:
55:fb:1f:cf:5e:5a:45:29:1b:88:6f:91:08:99:91:c2:68:3d:
96:4a:dd:29:45:66:e6:de:33:d7:97:7f:5d:f8:34:6f:b5:42:
72:c0:04:e7:ae:0e:3f:b7:d3:42:01:0a:b0:a8:00:57:76:6d:
8a:c4:fa:74:f6:f0:c7:62:31:a1:70:3e:7a:d0:29:56:4d:d7:
27:e9:d6:f9:92:56:68:20:b1:ce:1e:30:13:fa:69:51:b6:1f:
b7:97:5e:f8:37:17:1e:c9:11:a5:22:59:26:fd:e6:fa:23:d8:
5b:1f:23:f5:ae:de:56:f9:0a:99:62:58:8d:29:52:2b:0f:c5:
8a:b6:ee:e8:ff:85:32:ae:4c:2a:cc:cb:50:e2:77:af:f0:73:
5e:c2:4c:76:56:17:5f:d9:b4:8f:56:2e:01:18:72:05:66:b6:
bf:4d:bb:52:77:e5:da:1d:b2:02:51:c0:35:b5:7e:38:33:09:
05:35:ea:e2:30:d6:99:7f:c1:4c:d1:f2:7d:55:e5:79:10:f1:
e0:25:44:e3:e0:7f:21:57:6e:06:5f:ec:1a:ef:c5:07:9b:2c:
ce:cf:42:66:70:5e:1a:cf:5c:25:f7:07:3a:57:43:d3:2c:f2:
5c:69:c6:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlDNTIxMTAvBgNVBAUTKDc5MDU1NTNGRUNBNTkwMzBENTE5MTgzNzJGMUVFMTcy
NzQ5NDlGQjUwHhcNMjMwMzE2MTAxMjU0WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEyZWJhNS1iYjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1xLkEgflanWdZRJVPpnFqWJmYEG07WtFwcoXIjBjDHUs+umijOXP0dAl8BPU
uMo1O9HAmqZZQbj9NT2+962a4+5CQw66ZWSso8kx5Kqa4rVlDKlfanVl8Tal9TT9
dGYhbGsEYHlbmvN7Itg2IaYiw+KSGPum5A85vGxlM70/dEn/fgxvHaOlkjceq01V
pRx6SlzR20o8+sYgCuPBQu3ICEcFRJsvc8cNI0XorbjoxVM6CkNcM4J0woryctSS
yejkRHw8I8zxtMD6BFfVyniIbNTJq+lipmz7hX8v2ptTEcVduJIHGvZRcju/oOKA
8ebEjW4UbaRx5etCEFwAnx30KwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPZLidvY
6JwsebljJxiIei8GMYNeMB8GA1UdIwQYMBaAFHkFVT/spZAw1RkYNy8e4XJ0lJ+1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUM1Mi82QjcxNTE2MjBE
N0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9lUVZWUC15bGtERFZHUmczTHg3aGNuU1Vu
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRVlZQLXlsa0REVkdSZzNMeDdoY25TVW43VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlDNTIvNkI3MTUxNjIwRDdFMTFFQzlDMEI1Rjc1QzRGOUFFMDIvQzFBMUYwQzhC
MTFBMTFFRDlEMjUzNDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnl+wwDQYJKoZIhvcNAQELBQADggEBADhxFYKh/AC8llTf
xcdvLHYEE1X7H89eWkUpG4hvkQiZkcJoPZZK3SlFZubeM9eXf134NG+1QnLABOeu
Dj+300IBCrCoAFd2bYrE+nT28MdiMaFwPnrQKVZN1yfp1vmSVmggsc4eMBP6aVG2
H7eXXvg3Fx7JEaUiWSb95voj2FsfI/Wu3lb5CpliWI0pUisPxYq27uj/hTKuTCrM
y1Did6/wc17CTHZWF1/ZtI9WLgEYcgVmtr9Nu1J35dodsgJRwDW1fjgzCQU16uIw
1pl/wUzR8n1V5XkQ8eAlROPgfyFXbgZf7BrvxQebLM7PQmZwXhrPXCX3BzpXQ9Ms
8lxpxlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org