Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DEE0978AD46511ECA1A27035C4F9AE02.roa
File: DEE0978AD46511ECA1A27035C4F9AE02.roa (raw, json)
Hash identifier: VYcHbpTLj9xO5RtfD+WY+LYMjBRAOtimlv+nFGFGcLc=
Subject key identifier: 09:BF:55:EF:46:24:E7:DD:35:9B:E1:10:85:E1:97:85:3C:A0:70:D8
Certificate issuer: /CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Certificate serial: 1550
Authority key identifier: 90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DEE0978AD46511ECA1A27035C4F9AE02.roa
Signing time: Sun 15 May 2022 15:44:14 +0000
ROA not before: Sun 15 May 2022 15:44:14 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 136933
IP address blocks: 103.71.152.0/24 maxlen: 24
103.234.72.0/24 maxlen: 24
103.234.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5456 (0x1550)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7169/serialNumber=900B870C80C0EB3F8468F53E7672FA741752C5D5
Validity
Not Before: May 15 15:44:14 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62811fce-b725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:b8:36:dc:d9:95:27:31:bc:de:0d:b9:dc:
70:23:d7:1f:19:77:d7:8c:d8:fb:b3:13:03:e5:22:
40:18:7f:f6:14:74:34:f5:9d:d7:f4:03:42:11:f8:
15:39:27:28:a7:3d:18:bd:11:aa:c0:85:2b:1c:6e:
7a:ff:7a:de:3b:be:d8:fa:85:c2:6f:b2:91:73:3d:
d6:f3:9a:fb:78:40:99:fb:0e:bc:d7:b2:be:f5:b1:
a5:f5:14:8f:08:26:49:90:e2:95:48:ed:5f:8a:8e:
49:eb:16:ff:d0:7b:64:55:33:00:c1:9c:bc:44:be:
13:fb:a4:c0:2c:7d:f6:cd:6f:9d:a5:f0:e2:96:c8:
b9:a3:c3:15:8f:3b:2f:5a:2c:1b:8e:0d:60:87:b3:
52:ef:2a:e5:fb:28:5e:4a:8f:2e:0d:f8:9a:18:cf:
25:7b:52:23:b0:82:1a:d6:78:84:32:9b:3a:bf:0e:
c1:85:3c:f7:67:ff:8f:a7:ed:00:c3:04:b0:f1:fa:
c6:2a:bd:53:5b:69:f7:df:bf:97:b0:2d:01:f1:12:
9d:91:45:86:c1:ba:50:60:9b:55:8f:c6:59:57:c2:
a8:b9:1d:16:a9:17:17:eb:fe:e7:19:b0:e4:b2:61:
14:e6:2a:6f:8a:ff:6a:4d:27:26:24:dc:be:ee:ba:
ae:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BF:55:EF:46:24:E7:DD:35:9B:E1:10:85:E1:97:85:3C:A0:70:D8
X509v3 Authority Key Identifier:
keyid:90:0B:87:0C:80:C0:EB:3F:84:68:F5:3E:76:72:FA:74:17:52:C5:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/kAuHDIDA6z-EaPU-dnL6dBdSxdU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAuHDIDA6z-EaPU-dnL6dBdSxdU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7169/502608B4AD9011E79267FF0FC4F9AE02/DEE0978AD46511ECA1A27035C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.152.0/24
103.234.72.0/24
103.234.75.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:4a:ee:09:2c:b1:87:d3:89:1a:69:c6:3a:57:2b:e2:f5:f8:
03:95:64:e3:73:1d:37:d7:46:be:c7:2c:8f:97:bc:60:12:6c:
6d:b3:c4:44:8c:e8:c7:50:65:15:53:ee:89:63:b7:54:39:f9:
89:f4:56:12:29:b7:a5:31:50:ec:f7:7b:2e:31:8f:f1:53:4a:
39:37:59:dd:33:10:5f:94:87:77:dc:90:e6:4b:e0:72:8d:6e:
55:5f:cb:9d:cc:2b:41:c2:6c:94:a7:f1:5b:7d:a8:85:0c:6d:
8d:74:2f:20:89:90:7a:af:76:e0:f5:3a:13:db:47:1a:b6:38:
2c:77:39:f3:f3:e9:59:d2:f5:78:53:10:38:41:20:3d:ca:f9:
65:b3:e9:13:0d:e1:1d:05:8b:ca:cc:54:36:d0:10:ad:51:3a:
ee:43:8f:f1:65:00:80:54:1d:c7:e1:0b:10:f7:e2:02:85:bf:
f9:3a:45:60:18:ae:7e:35:65:c6:3c:7c:54:47:b8:6a:28:57:
20:68:a5:db:b1:36:73:8a:15:20:3b:f5:43:2c:e1:b8:64:f6:
e4:92:fa:fe:b5:91:be:d7:93:8e:c7:f0:fa:c1:0b:60:09:e7:
e6:bf:5b:2a:68:d3:45:b2:40:7c:38:77:87:ac:c5:bb:d7:05:
80:d8:e2:54
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICFVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzcxNjkxMTAvBgNVBAUTKDkwMEI4NzBDODBDMEVCM0Y4NDY4RjUzRTc2NzJGQTc0
MTc1MkM1RDUwHhcNMjIwNTE1MTU0NDE0WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxMWZjZS1iNzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAps64NtzZlScxvN4NudxwI9cfGXfXjNj7sxMD5SJAGH/2FHQ09Z3X9ANCEfgV
OScopz0YvRGqwIUrHG56/3reO77Y+oXCb7KRcz3W85r7eECZ+w6817K+9bGl9RSP
CCZJkOKVSO1fio5J6xb/0HtkVTMAwZy8RL4T+6TALH32zW+dpfDilsi5o8MVjzsv
Wiwbjg1gh7NS7yrl+yheSo8uDfiaGM8le1IjsIIa1niEMps6vw7BhTz3Z/+Pp+0A
wwSw8frGKr1TW2n337+XsC0B8RKdkUWGwbpQYJtVj8ZZV8KouR0WqRcX6/7nGbDk
smEU5ipviv9qTScmJNy+7rquwwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAm/Ve9G
JOfdNZvhEIXhl4U8oHDYMB8GA1UdIwQYMBaAFJALhwyAwOs/hGj1PnZy+nQXUsXV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzE2OS81MDI2MDhCNEFE
OTAxMUU3OTI2N0ZGMEZDNEY5QUUwMi9rQXVIRElEQTZ6LUVhUFUtZG5MNmRCZFN4
ZFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBdUhESURBNnotRWFQVS1kbkw2ZEJkU3hkVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNjkvNTAyNjA4QjRBRDkwMTFFNzkyNjdGRjBGQzRGOUFFMDIvREVFMDk3OEFE
NDY1MTFFQ0ExQTI3MDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnR5gDBABn6kgDBABn6kswDQYJKoZIhvcNAQELBQADggEB
AMFK7gkssYfTiRppxjpXK+L1+AOVZONzHTfXRr7HLI+XvGASbG2zxESM6MdQZRVT
7oljt1Q5+Yn0VhIpt6UxUOz3ey4xj/FTSjk3Wd0zEF+Uh3fckOZL4HKNblVfy53M
K0HCbJSn8Vt9qIUMbY10LyCJkHqvduD1OhPbRxq2OCx3OfPz6VnS9XhTEDhBID3K
+WWz6RMN4R0Fi8rMVDbQEK1ROu5Dj/FlAIBUHcfhCxD34gKFv/k6RWAYrn41ZcY8
fFRHuGooVyBopduxNnOKFSA79UMs4bhk9uSS+v61kb7Xk47H8PrBC2AJ5+a/Wypo
00WyQHw4d4esxbvXBYDY4lQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org