Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/C58E0DC61BAB11ECBA40EB61C4F9AE02.roa
File: C58E0DC61BAB11ECBA40EB61C4F9AE02.roa (raw, json)
Hash identifier: bdXf9amXIkywVWLFZ9jgeNIMh1sYYfX8/6lnJ4KmTOc=
Subject key identifier: CD:1F:76:56:55:E5:83:09:7C:A7:13:EE:DF:98:DE:EF:AD:53:E7:BC
Certificate issuer: /CN=A91C7B68/serialNumber=C284BA8A88A02116BEE43410E039E909E3029D0D
Certificate serial: 0403
Authority key identifier: C2:84:BA:8A:88:A0:21:16:BE:E4:34:10:E0:39:E9:09:E3:02:9D:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woS6ioigIRa-5DQQ4DnpCeMCnQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/C58E0DC61BAB11ECBA40EB61C4F9AE02.roa
Signing time: Wed 22 Sep 2021 13:48:31 +0000
ROA not before: Wed 22 Sep 2021 13:48:31 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 135339
IP address blocks: 103.214.156.0/22 maxlen: 22
103.214.156.0/24 maxlen: 24
103.214.157.0/24 maxlen: 24
103.214.158.0/24 maxlen: 24
144.48.112.0/22 maxlen: 22
144.48.113.0/24 maxlen: 24
144.48.114.0/24 maxlen: 24
144.48.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1027 (0x403)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7B68/serialNumber=C284BA8A88A02116BEE43410E039E909E3029D0D
Validity
Not Before: Sep 22 13:48:31 2021 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=614b342f-2b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:27:c5:93:3d:7d:1a:c1:16:96:bc:48:27:da:
27:28:56:11:ad:cd:58:d2:34:8f:f8:56:d4:36:9c:
d5:b9:aa:67:c7:7b:61:59:ea:47:b5:b8:1f:c5:9e:
1b:ee:60:73:e8:27:37:bd:34:73:4d:bc:a6:76:e3:
e9:79:f5:ff:c9:ff:e3:41:51:bb:10:02:7f:57:02:
4e:ad:91:4a:6d:e4:3e:0d:95:f2:30:01:68:c3:53:
eb:86:57:94:6a:17:ab:6c:45:27:7c:05:ce:11:3d:
18:c3:f9:7a:21:df:d0:2f:a6:e7:7c:ea:17:ed:c9:
11:98:07:ea:52:31:38:1e:83:f1:6c:3f:99:69:fc:
13:3f:ab:72:b9:51:17:2f:9b:f1:2e:6a:31:46:b4:
95:ad:02:dc:13:a0:a5:65:8a:e0:34:45:16:48:df:
ba:c3:be:7f:66:60:2d:9b:56:52:08:55:e8:f1:0b:
b8:fb:1d:95:36:2c:c6:81:d9:87:bf:f4:bd:24:43:
08:ab:45:fd:34:77:4a:c1:fd:f4:f9:2f:f7:45:11:
06:33:1f:de:60:5a:60:ee:34:4f:36:bc:47:dc:0d:
17:12:0d:d8:b6:2a:02:41:54:d6:26:01:0f:81:9a:
78:ee:c0:90:0e:35:9c:57:65:7e:fa:0e:5a:aa:f3:
4f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1F:76:56:55:E5:83:09:7C:A7:13:EE:DF:98:DE:EF:AD:53:E7:BC
X509v3 Authority Key Identifier:
keyid:C2:84:BA:8A:88:A0:21:16:BE:E4:34:10:E0:39:E9:09:E3:02:9D:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/woS6ioigIRa-5DQQ4DnpCeMCnQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woS6ioigIRa-5DQQ4DnpCeMCnQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/C58E0DC61BAB11ECBA40EB61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.214.156.0/22
144.48.112.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:ff:1f:d6:ec:45:7e:ec:f2:e1:e1:9e:50:c9:a8:29:4f:06:
47:a9:dd:e0:6c:b6:be:67:d4:93:24:ab:f2:41:d9:9c:e5:d4:
ca:4e:ca:ce:f7:25:b4:e4:ad:1c:ef:a5:e9:9e:5d:f8:83:7a:
49:ca:25:2f:03:c5:84:3b:d3:d3:dd:fb:7a:7a:a2:0b:f1:6d:
54:d2:96:b2:cf:3f:48:c2:d0:ea:f2:37:1f:3f:51:0d:59:2f:
2c:cf:41:be:80:86:a8:d8:38:44:f3:75:a8:ac:46:eb:e2:8c:
46:c5:97:0d:9d:49:b2:e5:b4:c4:e0:1d:75:da:ae:b0:57:c6:
9f:eb:22:ec:fc:f3:35:41:59:15:96:de:9b:ab:ab:69:f3:0f:
b6:c9:a6:2c:e6:34:c5:39:f6:68:ee:f1:b3:13:85:f4:ee:48:
8e:be:3d:8e:f5:4b:09:f5:03:d0:9c:4d:8e:9b:b7:dd:ad:71:
98:84:b1:5f:6a:29:9e:30:dc:17:51:25:ad:b4:49:74:dc:0c:
6d:55:e3:8a:85:28:02:44:39:a4:b9:97:81:fb:36:54:b8:c1:
40:bf:8f:ec:de:02:a9:99:85:64:4a:71:1d:7b:be:44:24:f3:
a8:87:40:97:99:c2:97:cf:44:e3:96:da:56:eb:c0:12:9a:c1:
23:18:22:19
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBAMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdCNjgxMTAvBgNVBAUTKEMyODRCQThBODhBMDIxMTZCRUU0MzQxMEUwMzlFOTA5
RTMwMjlEMEQwHhcNMjEwOTIyMTM0ODMxWhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTRiMzQyZi0yYjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuyfFkz19GsEWlrxIJ9onKFYRrc1Y0jSP+FbUNpzVuapnx3thWepHtbgfxZ4b
7mBz6Cc3vTRzTbymduPpefX/yf/jQVG7EAJ/VwJOrZFKbeQ+DZXyMAFow1PrhleU
aherbEUnfAXOET0Yw/l6Id/QL6bnfOoX7ckRmAfqUjE4HoPxbD+ZafwTP6tyuVEX
L5vxLmoxRrSVrQLcE6ClZYrgNEUWSN+6w75/ZmAtm1ZSCFXo8Qu4+x2VNizGgdmH
v/S9JEMIq0X9NHdKwf30+S/3RREGMx/eYFpg7jRPNrxH3A0XEg3YtioCQVTWJgEP
gZp47sCQDjWcV2V++g5aqvNPNwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM0fdlZV
5YMJfKcT7t+Y3u+tU+e8MB8GA1UdIwQYMBaAFMKEuoqIoCEWvuQ0EOA56QnjAp0N
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0I2OC81M0E3QjkyQ0Iw
QTUxMUVBOEY5MkVEMTdDNEY5QUUwMi93b1M2aW9pZ0lSYS01RFFRNERucENlTUNu
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dvUzZpb2lnSVJhLTVEUVE0RG5wQ2VNQ25RMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdCNjgvNTNBN0I5MkNCMEE1MTFFQThGOTJFRDE3QzRGOUFFMDIvQzU4RTBEQzYx
QkFCMTFFQ0JBNDBFQjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn1pwDBAKQMHAwDQYJKoZIhvcNAQELBQADggEBAAr/H9bs
RX7s8uHhnlDJqClPBkep3eBstr5n1JMkq/JB2Zzl1MpOys73JbTkrRzvpemeXfiD
eknKJS8DxYQ709Pd+3p6ogvxbVTSlrLPP0jC0OryNx8/UQ1ZLyzPQb6AhqjYOETz
daisRuvijEbFlw2dSbLltMTgHXXarrBXxp/rIuz88zVBWRWW3purq2nzD7bJpizm
NMU59mju8bMThfTuSI6+PY71Swn1A9CcTY6bt92tcZiEsV9qKZ4w3BdRJa20SXTc
DG1V44qFKAJEOaS5l4H7NlS4wUC/j+zeAqmZhWRKcR17vkQk86iHQJeZwpfPROOW
2lbrwBKawSMYIhk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org