Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/146A6AE0E96C11ED9FB50916C4F9AE02.roa
File: 146A6AE0E96C11ED9FB50916C4F9AE02.roa (raw, json)
Hash identifier: 5F5UEJKqVqZGp6IXJVEFEK2uFglz926t107/qyTEcZ4=
Subject key identifier: 95:B4:13:7E:C9:C4:FD:87:E3:66:2F:72:A4:B3:74:1F:38:B5:BA:96
Certificate issuer: /CN=A91C6BF0/serialNumber=7D23E75C10DF6571BEAC17F3555E1B9983814225
Certificate serial: 02
Authority key identifier: 7D:23:E7:5C:10:DF:65:71:BE:AC:17:F3:55:5E:1B:99:83:81:42:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fSPnXBDfZXG-rBfzVV4bmYOBQiU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/146A6AE0E96C11ED9FB50916C4F9AE02.roa
Signing time: Wed 03 May 2023 04:36:33 +0000
ROA not before: Wed 03 May 2023 04:36:33 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 63526
IP address blocks: 103.134.24.0/22 maxlen: 22
103.134.24.0/23 maxlen: 23
103.134.24.0/24 maxlen: 24
103.134.25.0/24 maxlen: 24
103.134.26.0/23 maxlen: 23
103.134.26.0/24 maxlen: 24
103.134.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6BF0/serialNumber=7D23E75C10DF6571BEAC17F3555E1B9983814225
Validity
Not Before: May 3 04:36:33 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6451e4d0-a6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4a:37:15:fa:fd:91:5a:cd:5d:59:2b:45:1e:
7b:c0:e7:31:11:be:f7:27:e5:ee:88:5e:03:f4:4b:
09:fa:d9:8f:c2:97:2c:17:91:3c:59:26:8b:7b:23:
16:f9:ee:20:06:67:63:3d:05:a5:02:f8:56:44:c8:
d7:98:ef:02:72:88:98:8a:1f:1a:5d:d1:a2:44:79:
96:bf:01:32:57:2b:c7:57:76:89:a8:8b:f0:42:80:
ed:05:e4:5d:af:ea:8e:fa:b0:97:81:27:79:60:a8:
f1:82:e3:4f:0c:3e:94:34:36:c0:b8:2f:a7:03:cf:
10:f4:95:a2:2c:fe:1b:44:fb:b5:df:fc:5c:96:3c:
d6:65:2b:40:6e:e2:8b:a6:28:f8:b1:88:87:21:01:
e7:0f:6c:fe:16:81:8b:30:5a:b6:36:47:ec:84:e9:
2f:56:04:65:37:72:72:2e:52:bb:b9:bb:fd:27:14:
6d:2c:31:91:95:b3:e5:66:94:42:ef:fc:f3:26:84:
13:a6:81:96:f5:41:bd:fb:3d:95:2a:23:95:85:4f:
9a:4b:35:75:f3:b8:89:ca:1a:e2:ce:e8:44:d0:bb:
77:8b:82:e7:ad:c8:57:6c:56:50:aa:6c:fd:f4:9e:
0b:c3:03:93:e7:35:46:ad:5f:ef:99:f5:5f:67:e1:
d9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B4:13:7E:C9:C4:FD:87:E3:66:2F:72:A4:B3:74:1F:38:B5:BA:96
X509v3 Authority Key Identifier:
keyid:7D:23:E7:5C:10:DF:65:71:BE:AC:17:F3:55:5E:1B:99:83:81:42:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/fSPnXBDfZXG-rBfzVV4bmYOBQiU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fSPnXBDfZXG-rBfzVV4bmYOBQiU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/146A6AE0E96C11ED9FB50916C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.24.0/22
Signature Algorithm: sha256WithRSAEncryption
19:23:95:c6:b6:17:02:1a:d5:d0:18:ad:18:44:01:01:e5:7b:
4c:1b:1f:64:26:08:5c:6d:21:0f:23:96:8b:18:a5:d8:cc:ea:
a7:74:fb:a4:8b:ba:49:c1:d9:e8:57:1e:f4:26:45:68:da:b1:
9d:76:d1:52:d5:fc:7a:d0:32:c4:13:0e:f0:f1:23:56:33:12:
8b:a5:1b:be:12:db:1b:90:b1:b6:e1:c9:24:12:69:31:c3:35:
f4:1f:a1:72:f5:99:c6:a1:83:54:2e:44:86:ef:96:18:34:02:
8c:30:54:10:a7:5f:6b:7e:d5:30:19:38:a1:39:26:59:36:ee:
b9:70:41:07:12:50:f4:36:84:9a:f3:90:19:ca:e7:da:dd:1c:
04:f4:74:0d:29:3b:31:32:a2:bb:b8:d0:4e:be:3b:e4:a1:c2:
55:d5:82:46:71:91:3f:fc:fc:1a:4a:2b:0c:f5:58:45:c8:b1:
9a:7d:22:c0:45:55:22:e8:0e:df:dd:a8:fe:54:7e:9d:66:51:
a8:2f:62:09:13:40:d1:80:e4:65:04:b8:9f:26:e3:f9:3f:95:
33:ee:4c:cb:6a:5d:c5:13:42:85:bc:e7:ea:89:88:e0:7a:35:
13:23:db:92:c4:ac:24:95:70:9e:34:93:66:8a:31:d5:42:5a:
8b:56:73:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NkJGMDExMC8GA1UEBRMoN0QyM0U3NUMxMERGNjU3MUJFQUMxN0YzNTU1RTFCOTk4
MzgxNDIyNTAeFw0yMzA1MDMwNDM2MzNaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NTFlNGQwLWE2ZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDaSjcV+v2RWs1dWStFHnvA5zERvvcn5e6IXgP0Swn62Y/ClywXkTxZJot7Ixb5
7iAGZ2M9BaUC+FZEyNeY7wJyiJiKHxpd0aJEeZa/ATJXK8dXdomoi/BCgO0F5F2v
6o76sJeBJ3lgqPGC408MPpQ0NsC4L6cDzxD0laIs/htE+7Xf/FyWPNZlK0Bu4oum
KPixiIchAecPbP4WgYswWrY2R+yE6S9WBGU3cnIuUru5u/0nFG0sMZGVs+VmlELv
/PMmhBOmgZb1Qb37PZUqI5WFT5pLNXXzuInKGuLO6ETQu3eLguetyFdsVlCqbP30
ngvDA5PnNUatX++Z9V9n4dm7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUlbQTfsnE
/YfjZi9ypLN0Hzi1upYwHwYDVR0jBBgwFoAUfSPnXBDfZXG+rBfzVV4bmYOBQiUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2QkYwLzE0OTE5NzRBQUVC
QjExRTk4QTM5MEI1OUM0RjlBRTAyL2ZTUG5YQkRmWlhHLXJCZnpWVjRibVlPQlFp
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZlNQblhCRGZaWEctckJmelZWNGJtWU9CUWlVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NkJGMC8xNDkxOTc0QUFFQkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8xNDZBNkFFMEU5
NkMxMUVEOUZCNTA5MTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmeGGDANBgkqhkiG9w0BAQsFAAOCAQEAGSOVxrYXAhrV0Bit
GEQBAeV7TBsfZCYIXG0hDyOWixil2Mzqp3T7pIu6ScHZ6Fce9CZFaNqxnXbRUtX8
etAyxBMO8PEjVjMSi6UbvhLbG5CxtuHJJBJpMcM19B+hcvWZxqGDVC5Ehu+WGDQC
jDBUEKdfa37VMBk4oTkmWTbuuXBBBxJQ9DaEmvOQGcrn2t0cBPR0DSk7MTKiu7jQ
Tr475KHCVdWCRnGRP/z8GkorDPVYRcixmn0iwEVVIugO392o/lR+nWZRqC9iCRNA
0YDkZQS4nybj+T+VM+5My2pdxRNChbzn6omI4Ho1EyPbksSsJJVwnjSTZoox1UJa
i1ZztQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org