Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/618DAC32DB2C11ECB151B40BC4F9AE02.roa
File: 618DAC32DB2C11ECB151B40BC4F9AE02.roa (raw, json)
Hash identifier: nZ8hVRwEq6jMLBJLtDpaCjr/72peEQfg9KV9t+VpejE=
Subject key identifier: 34:A1:E3:91:69:2C:F3:F0:49:C5:80:3A:5C:E3:3F:42:DC:65:C0:F3
Certificate issuer: /CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Certificate serial: 1565
Authority key identifier: 90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/618DAC32DB2C11ECB151B40BC4F9AE02.roa
Signing time: Tue 24 May 2022 06:40:20 +0000
ROA not before: Tue 24 May 2022 06:40:20 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 136933
IP address blocks: 103.234.72.0/24 maxlen: 24
103.234.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5477 (0x1565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Validity
Not Before: May 24 06:40:20 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=628c7dd4-7bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:4b:09:0b:80:53:a8:63:5d:41:64:71:71:bc:
3b:4b:f5:4f:90:65:38:73:79:f1:33:ca:74:d9:bc:
92:77:de:5f:f6:9c:5d:eb:e5:a5:a5:51:11:ce:84:
a3:cc:01:55:dc:02:db:5b:a7:9b:c4:97:fa:93:56:
f5:21:d9:53:2e:68:a0:60:07:a9:e3:70:ba:92:59:
89:02:de:d4:d7:e6:45:13:77:f3:7c:45:92:96:55:
18:aa:ba:03:7b:6e:a5:0a:de:39:cf:a3:76:9d:f3:
a0:d2:32:78:53:f2:12:d2:68:51:05:e5:79:77:00:
6f:fd:24:55:66:a3:c5:92:e1:fa:b6:84:c8:98:fd:
0e:f1:bf:8a:c5:46:39:87:0d:19:ee:27:f5:87:fa:
80:9d:4c:44:73:1b:be:c2:5f:27:66:1e:c6:68:95:
7f:23:ce:aa:06:e7:c5:21:c0:e6:fa:c9:fc:36:5d:
60:52:6a:98:a8:b9:37:3c:7d:d0:aa:af:8e:9b:84:
0f:0e:ba:73:c3:1c:22:b7:6c:47:67:cf:47:a1:f2:
8b:d5:e0:5a:b8:23:8b:77:b5:3f:68:4f:07:bd:34:
06:be:47:64:6f:a0:c6:6c:87:3d:54:87:18:de:36:
f7:b6:a9:a2:7d:27:5d:03:af:72:c6:cc:cf:82:68:
1b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A1:E3:91:69:2C:F3:F0:49:C5:80:3A:5C:E3:3F:42:DC:65:C0:F3
X509v3 Authority Key Identifier:
keyid:90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/kAuHDIDA6z-EaPU-dnL6dBdSxdU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/618DAC32DB2C11ECB151B40BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.72.0/24
103.234.75.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:00:18:f2:38:2a:7c:58:6a:20:bd:78:96:4e:76:4f:17:85:
51:14:e6:13:81:18:07:02:c5:7a:4a:35:8a:89:90:eb:de:9b:
83:b9:dc:47:4b:8c:89:bc:75:e0:e2:d3:21:0b:32:f5:c1:46:
bc:19:1d:db:e8:bd:55:66:a0:fb:41:5a:af:3e:c2:1e:60:f2:
41:49:6a:19:24:b8:68:b4:5f:62:34:20:2f:85:7d:78:97:a5:
5b:d0:26:b9:46:ef:5f:f0:70:16:d1:90:d9:9c:92:52:7d:a0:
ff:0a:f2:d3:d9:81:18:64:7c:49:27:34:33:56:5e:d3:cd:55:
b9:46:b0:e2:90:1c:ef:8a:62:0c:fd:83:2a:8b:c2:54:10:b6:
48:18:60:42:67:95:f0:81:e7:6c:60:ee:29:4e:31:71:29:76:
c5:bf:a6:34:87:56:e1:94:f2:9b:ab:05:58:83:d1:1a:23:2e:
35:f3:20:7b:88:54:9c:db:6d:d1:0b:21:12:66:f9:d9:a8:cd:
9d:af:60:e1:41:3e:30:31:25:22:68:71:cb:72:8d:27:69:1d:
3d:dc:9d:a8:d9:0e:56:ee:f5:29:9b:94:ef:eb:67:0f:d5:e3:
80:06:99:97:48:b3:79:1e:95:4a:c3:ad:78:19:08:ae:12:e9:
25:01:7c:df
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcxNjkxMTAvBgNVBAUTKDkwMEI4NzBDODBDMEVCM0Y4NDY4RjUzRTc2NzJGQTc0
MTc1MkM1RDUwHhcNMjIwNTI0MDY0MDIwWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhjN2RkNC03YmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4EsJC4BTqGNdQWRxcbw7S/VPkGU4c3nxM8p02bySd95f9pxd6+WlpVERzoSj
zAFV3ALbW6ebxJf6k1b1IdlTLmigYAep43C6klmJAt7U1+ZFE3fzfEWSllUYqroD
e26lCt45z6N2nfOg0jJ4U/IS0mhRBeV5dwBv/SRVZqPFkuH6toTImP0O8b+KxUY5
hw0Z7if1h/qAnUxEcxu+wl8nZh7GaJV/I86qBufFIcDm+sn8Nl1gUmqYqLk3PH3Q
qq+Om4QPDrpzwxwit2xHZ89HofKL1eBauCOLd7U/aE8HvTQGvkdkb6DGbIc9VIcY
3jb3tqmifSddA69yxszPgmgbOwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDSh45Fp
LPPwScWAOlzjP0LcZcDzMB8GA1UdIwQYMBaAFJALhwyAwOs/hGj1PnZy+nQXUsXV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzE2OS81MDI2MDhCNEFE
OTAxMUU3OTI2N0ZGMEZDNEY5QUUwMi9rQXVIRElEQTZ6LUVhUFUtZG5MNmRCZFN4
ZFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBdUhESURBNnotRWFQVS1kbkw2ZEJkU3hkVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNjkvNTAyNjA4QjRBRDkwMTFFNzkyNjdGRjBGQzRGOUFFMDIvNjE4REFDMzJE
QjJDMTFFQ0IxNTFCNDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn6kgDBABn6kswDQYJKoZIhvcNAQELBQADggEBALEAGPI4
KnxYaiC9eJZOdk8XhVEU5hOBGAcCxXpKNYqJkOvem4O53EdLjIm8deDi0yELMvXB
RrwZHdvovVVmoPtBWq8+wh5g8kFJahkkuGi0X2I0IC+FfXiXpVvQJrlG71/wcBbR
kNmcklJ9oP8K8tPZgRhkfEknNDNWXtPNVblGsOKQHO+KYgz9gyqLwlQQtkgYYEJn
lfCB52xg7ilOMXEpdsW/pjSHVuGU8purBViD0RojLjXzIHuIVJzbbdELIRJm+dmo
zZ2vYOFBPjAxJSJocctyjSdpHT3cnajZDlbu9SmblO/rZw/V44AGmZdIs3kelUrD
rXgZCK4S6SUBfN8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org