Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/D6531D903C4311ED87CC3D0EC4F9AE02.roa
File: D6531D903C4311ED87CC3D0EC4F9AE02.roa (raw, json)
Hash identifier: NwacJVxQZSwZ+BhY53MvbXMkDq5sagqxc0k90iPL1c8=
Subject key identifier: 49:DB:4F:A5:BB:3D:FB:1B:14:73:82:EF:80:5B:0F:B8:8A:4D:EC:82
Certificate issuer: /CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Certificate serial: 030A
Authority key identifier: 79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/D6531D903C4311ED87CC3D0EC4F9AE02.roa
Signing time: Sat 24 Sep 2022 20:02:38 +0000
ROA not before: Sat 24 Sep 2022 20:02:37 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 55714
IP address blocks: 103.151.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 778 (0x30a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9C52/serialNumber=7905553FECA59030D51918372F1EE17274949FB5
Validity
Not Before: Sep 24 20:02:37 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=632f625d-4e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:49:5a:07:38:8e:32:67:1e:61:a6:4e:b6:40:
72:46:a0:90:ed:26:67:ac:42:cb:90:1c:0a:fc:3c:
dd:3d:b8:b4:e4:88:ac:8e:d7:3d:4b:b3:b8:85:e5:
d1:88:ca:10:2f:d2:af:ad:93:f9:b4:00:57:97:f2:
94:cc:27:ae:f7:00:d6:0f:bc:5a:18:8b:6c:f5:d8:
c0:7a:09:fa:d0:97:bd:87:05:47:0c:49:0d:60:99:
04:be:23:9c:cc:26:ff:81:b8:44:99:a4:c2:2c:3d:
f1:3f:59:ce:65:94:91:a8:97:86:27:6c:be:ed:da:
e8:8f:cd:42:58:74:f2:36:16:7c:ef:6a:7c:5e:fd:
42:32:40:18:20:d5:f1:e7:72:b0:55:28:6f:47:6e:
1d:53:bd:17:4a:cb:80:d2:41:6a:17:d4:27:df:53:
6e:f4:58:c4:43:c5:16:54:fe:40:8c:52:47:69:ad:
ea:21:d3:7a:78:6b:cf:7d:2f:42:63:c9:09:f8:d1:
68:59:61:17:c7:b5:5a:9e:b2:f0:72:dc:b1:bf:c7:
e2:50:bc:19:37:d9:03:a1:6f:81:50:0d:e2:b6:18:
51:05:9b:7f:8b:e9:a4:5f:5b:33:4e:9c:20:65:a5:
e9:50:aa:f6:e9:bf:54:28:34:29:44:70:11:38:58:
be:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DB:4F:A5:BB:3D:FB:1B:14:73:82:EF:80:5B:0F:B8:8A:4D:EC:82
X509v3 Authority Key Identifier:
keyid:79:05:55:3F:EC:A5:90:30:D5:19:18:37:2F:1E:E1:72:74:94:9F:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eQVVP-ylkDDVGRg3Lx7hcnSUn7U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/D6531D903C4311ED87CC3D0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.236.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f8:ae:a9:ee:ac:7b:1b:c1:f8:dc:bc:a5:34:3b:c0:35:db:
11:de:3a:85:47:5c:4b:70:23:46:e5:a9:65:90:b2:db:e0:65:
3b:79:d3:df:1e:72:c3:71:15:e0:a2:49:c8:20:c4:0e:50:91:
28:f2:a5:cc:7c:8d:4e:e5:8d:57:71:d1:f6:4e:24:53:7b:76:
7e:a5:3a:60:31:cb:6f:49:03:37:7b:4e:74:f9:23:96:ee:cf:
0c:45:71:57:50:0f:64:59:b3:d1:25:56:da:1d:df:2e:bb:72:
b2:86:47:80:49:56:7c:aa:ec:d2:33:2e:f0:1c:8e:f7:db:d6:
26:c6:c7:e0:e2:fa:0a:93:ba:f8:1e:77:d7:40:2e:9d:cc:f5:
1e:df:a6:1e:8a:ed:4d:7c:ea:94:a9:ff:e8:30:7d:00:ef:77:
67:20:ec:0f:21:f8:53:fc:64:6d:85:98:50:a8:5e:d6:a9:6d:
ed:81:32:c4:3c:aa:9b:98:18:d0:a3:8d:f7:c8:07:c6:82:e4:
1f:fa:34:fb:5f:41:95:d0:93:cf:f8:e2:ea:e7:b3:a4:71:8f:
e7:6d:8f:da:ee:50:12:41:83:3c:43:fd:fd:06:d3:ed:c7:4f:
3f:55:c1:e7:5c:ea:20:b2:12:06:08:16:47:64:8b:c5:66:9e:
b4:12:2b:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlDNTIxMTAvBgNVBAUTKDc5MDU1NTNGRUNBNTkwMzBENTE5MTgzNzJGMUVFMTcy
NzQ5NDlGQjUwHhcNMjIwOTI0MjAwMjM3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJmNjI1ZC00ZTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtElaBziOMmceYaZOtkByRqCQ7SZnrELLkBwK/DzdPbi05Iisjtc9S7O4heXR
iMoQL9KvrZP5tABXl/KUzCeu9wDWD7xaGIts9djAegn60Je9hwVHDEkNYJkEviOc
zCb/gbhEmaTCLD3xP1nOZZSRqJeGJ2y+7droj81CWHTyNhZ872p8Xv1CMkAYINXx
53KwVShvR24dU70XSsuA0kFqF9Qn31Nu9FjEQ8UWVP5AjFJHaa3qIdN6eGvPfS9C
Y8kJ+NFoWWEXx7VanrLwctyxv8fiULwZN9kDoW+BUA3ithhRBZt/i+mkX1szTpwg
ZaXpUKr26b9UKDQpRHAROFi+lwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEnbT6W7
PfsbFHOC74BbD7iKTeyCMB8GA1UdIwQYMBaAFHkFVT/spZAw1RkYNy8e4XJ0lJ+1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUM1Mi82QjcxNTE2MjBE
N0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9lUVZWUC15bGtERFZHUmczTHg3aGNuU1Vu
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VRVlZQLXlsa0REVkdSZzNMeDdoY25TVW43VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlDNTIvNkI3MTUxNjIwRDdFMTFFQzlDMEI1Rjc1QzRGOUFFMDIvRDY1MzFEOTAz
QzQzMTFFRDg3Q0MzRDBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnl+wwDQYJKoZIhvcNAQELBQADggEBAHr4rqnurHsbwfjc
vKU0O8A12xHeOoVHXEtwI0blqWWQstvgZTt5098ecsNxFeCiScggxA5QkSjypcx8
jU7ljVdx0fZOJFN7dn6lOmAxy29JAzd7TnT5I5buzwxFcVdQD2RZs9ElVtod3y67
crKGR4BJVnyq7NIzLvAcjvfb1ibGx+Di+gqTuvged9dALp3M9R7fph6K7U186pSp
/+gwfQDvd2cg7A8h+FP8ZG2FmFCoXtapbe2BMsQ8qpuYGNCjjffIB8aC5B/6NPtf
QZXQk8/44urns6Rxj+dtj9ruUBJBgzxD/f0G0+3HTz9Vwedc6iCyEgYIFkdki8Vm
nrQSK78=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org