Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/5ABC02E689A511ED877C2543C4F9AE02.roa
File: 5ABC02E689A511ED877C2543C4F9AE02.roa (raw, json)
Hash identifier: nuzWayrdFY3J0JsBu9PzrrgTBxmoHLUyoGhfBmr7dEI=
Subject key identifier: 61:E8:44:9F:7B:D8:DF:41:66:40:5D:AB:96:63:9F:45:86:7A:A4:B8
Certificate issuer: /CN=A91BC2E3/serialNumber=C4710D48B4E4F2B735BE4B1B5C90EDB88D269B2C
Certificate serial: 02
Authority key identifier: C4:71:0D:48:B4:E4:F2:B7:35:BE:4B:1B:5C:90:ED:B8:8D:26:9B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/5ABC02E689A511ED877C2543C4F9AE02.roa
Signing time: Sun 01 Jan 2023 07:24:40 +0000
ROA not before: Sun 01 Jan 2023 07:24:40 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 14254
IP address blocks: 103.22.96.0/23 maxlen: 23
103.22.96.0/24 maxlen: 24
103.22.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC2E3/serialNumber=C4710D48B4E4F2B735BE4B1B5C90EDB88D269B2C
Validity
Not Before: Jan 1 07:24:40 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63b13538-0c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:51:d2:99:77:71:67:cf:35:1a:1d:46:94:26:
43:93:dc:2d:80:a3:c5:1f:98:bd:fd:e4:80:d3:24:
ef:60:a9:34:7f:87:ac:a7:e3:20:27:bb:76:53:30:
7a:de:83:e5:f1:72:91:0a:aa:18:78:84:fa:5f:e8:
7c:c2:43:bd:da:44:c6:97:d5:8b:85:a0:8c:e3:47:
d3:07:28:db:b5:8c:1f:df:c7:fd:c1:ab:0c:54:22:
b7:4a:7f:37:73:ab:da:91:df:0c:a6:2c:b5:9b:6f:
89:92:42:1f:c9:cf:03:cb:94:b2:c6:42:b1:7a:6c:
ae:05:15:84:c2:23:8c:5c:77:b9:08:29:64:85:99:
af:df:a1:8f:de:49:fd:2b:54:0e:0f:ec:2d:f9:b6:
17:c8:a9:28:ef:b7:d7:01:e6:55:fb:b8:3f:56:33:
e4:32:8b:f6:5a:89:25:c6:33:f5:91:5f:6a:f7:e7:
10:e3:38:ca:e9:07:a6:5d:79:20:87:6d:40:29:20:
09:c3:22:f9:bb:88:52:5c:b9:94:fe:2b:bf:69:4c:
41:09:d9:1e:86:dd:08:cc:07:60:22:fa:02:49:4a:
7b:03:b0:7d:28:ef:44:b7:5f:22:5d:35:cc:75:fe:
4d:6f:fd:5c:46:b5:fc:67:92:cb:3a:95:01:e0:86:
ea:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E8:44:9F:7B:D8:DF:41:66:40:5D:AB:96:63:9F:45:86:7A:A4:B8
X509v3 Authority Key Identifier:
keyid:C4:71:0D:48:B4:E4:F2:B7:35:BE:4B:1B:5C:90:ED:B8:8D:26:9B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/5ABC02E689A511ED877C2543C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.22.96.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:bc:82:5a:30:98:b2:d7:8e:14:e9:a6:f1:26:f0:14:30:49:
c6:b5:c1:ae:9b:62:18:2a:ca:83:b8:59:e5:56:45:8d:5c:ed:
6e:4c:e6:f7:7f:07:32:7b:e9:74:e3:10:38:4b:90:53:cd:c9:
f0:74:c8:0a:0c:9e:53:2a:4b:44:49:10:72:d2:0f:ca:97:02:
6f:2a:8c:2c:43:20:d9:1c:0d:5d:a3:32:d9:37:8d:3d:99:2c:
f6:e9:f9:22:d7:7c:06:e2:ec:0d:18:f0:a3:cd:4e:fe:b7:fb:
a0:a6:e8:c1:e6:bd:5d:53:01:f5:25:c6:2d:ee:0b:9c:2e:83:
42:49:40:1a:64:c2:18:63:c9:e5:66:fd:65:e1:04:59:a3:4d:
06:c9:7d:ce:fd:2d:fc:fb:91:50:f3:d7:5c:e7:17:b5:27:94:
d3:f3:f8:74:c5:2d:ad:01:eb:26:5f:a9:c5:8e:f2:ba:57:8b:
69:55:ba:f0:dc:77:49:70:da:28:92:74:26:95:87:67:11:b0:
bf:bb:ea:5a:39:39:2b:03:b2:3d:d4:b7:0c:d3:fb:f5:9f:ca:
4d:b6:f0:87:15:ca:98:a7:68:10:8d:b7:d4:72:de:56:50:15:
69:06:14:e8:0e:7e:a2:51:65:2c:8c:d9:d6:27:f5:66:4f:54:
f7:d3:e7:90
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QzJFMzExMC8GA1UEBRMoQzQ3MTBENDhCNEU0RjJCNzM1QkU0QjFCNUM5MEVEQjg4
RDI2OUIyQzAeFw0yMzAxMDEwNzI0NDBaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYjEzNTM4LTBjOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvUdKZd3FnzzUaHUaUJkOT3C2Ao8UfmL395IDTJO9gqTR/h6yn4yAnu3ZTMHre
g+XxcpEKqhh4hPpf6HzCQ73aRMaX1YuFoIzjR9MHKNu1jB/fx/3BqwxUIrdKfzdz
q9qR3wymLLWbb4mSQh/JzwPLlLLGQrF6bK4FFYTCI4xcd7kIKWSFma/foY/eSf0r
VA4P7C35thfIqSjvt9cB5lX7uD9WM+Qyi/ZaiSXGM/WRX2r35xDjOMrpB6ZdeSCH
bUApIAnDIvm7iFJcuZT+K79pTEEJ2R6G3QjMB2Ai+gJJSnsDsH0o70S3XyJdNcx1
/k1v/VxGtfxnkss6lQHghuorAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYehEn3vY
30FmQF2rlmOfRYZ6pLgwHwYDVR0jBBgwFoAUxHENSLTk8rc1vksbXJDtuI0mmyww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJDMkUzLzlCNEE0ODkwODlB
MDExRUQ4Mzc1OTM0NkM0RjlBRTAyL3hIRU5TTFRrOHJjMXZrc2JYSkR0dUkwbW15
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveEhFTlNMVGs4cmMxdmtzYlhKRHR1STBtbXl3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QzJFMy85QjRBNDg5MDg5QTAxMUVEODM3NTkzNDZDNEY5QUUwMi81QUJDMDJFNjg5
QTUxMUVEODc3QzI1NDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcWYDANBgkqhkiG9w0BAQsFAAOCAQEAXbyCWjCYsteOFOmm
8SbwFDBJxrXBrptiGCrKg7hZ5VZFjVztbkzm938HMnvpdOMQOEuQU83J8HTICgye
UypLREkQctIPypcCbyqMLEMg2RwNXaMy2TeNPZks9un5Itd8BuLsDRjwo81O/rf7
oKbowea9XVMB9SXGLe4LnC6DQklAGmTCGGPJ5Wb9ZeEEWaNNBsl9zv0t/PuRUPPX
XOcXtSeU0/P4dMUtrQHrJl+pxY7yuleLaVW68Nx3SXDaKJJ0JpWHZxGwv7vqWjk5
KwOyPdS3DNP79Z/KTbbwhxXKmKdoEI231HLeVlAVaQYU6A5+olFlLIzZ1if1Zk9U
99PnkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org