Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/5A2D13BE113011EBA8684B7EC4F9AE02.roa
File: 5A2D13BE113011EBA8684B7EC4F9AE02.roa (raw, json)
Hash identifier: YtKKIvUf+sxYVlp4r2X+1CuUzQhbj3/f3zU76GoAHz8=
Subject key identifier: F1:5A:BA:CF:AF:20:67:82:81:01:48:C5:38:AE:F5:CC:3A:35:59:29
Certificate issuer: /CN=A91D5230/serialNumber=64F8AF81EAB908996214D439F711700E9F48B4CB
Certificate serial: 05F0
Authority key identifier: 64:F8:AF:81:EA:B9:08:99:62:14:D4:39:F7:11:70:0E:9F:48:B4:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZPivgeq5CJliFNQ59xFwDp9ItMs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/5A2D13BE113011EBA8684B7EC4F9AE02.roa
Signing time: Mon 19 Sep 2022 23:19:40 +0000
ROA not before: Mon 19 Sep 2022 23:19:40 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141033
IP address blocks: 103.155.27.0/24 maxlen: 24
103.156.189.0/24 maxlen: 24
2001:df4:ab80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1520 (0x5f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5230/serialNumber=64F8AF81EAB908996214D439F711700E9F48B4CB
Validity
Not Before: Sep 19 23:19:40 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6328f90c-afbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1b:46:fd:5a:59:d0:1a:85:dd:de:e2:2f:25:
cb:73:56:4e:97:ab:57:3f:74:24:51:24:80:2b:75:
e7:67:63:ad:25:7f:de:e4:1e:bc:c1:5c:11:a8:be:
6c:e3:3d:50:0d:70:90:9b:8a:e4:03:e7:05:49:bd:
80:6a:b3:ae:87:e9:3a:0d:ab:c9:6c:79:80:e0:55:
9a:f7:49:84:75:a3:6b:81:a3:af:7b:af:ea:8b:c2:
e0:32:63:3a:8e:90:97:f9:24:22:1c:0f:cd:85:1b:
cb:9f:a1:86:64:f6:e5:aa:3c:4a:96:46:c6:86:b3:
31:6b:2c:8f:8e:44:22:66:e5:5a:d1:c1:be:1e:0f:
31:bc:1a:62:6c:af:d1:ff:30:70:cb:05:13:b9:25:
59:04:45:e2:e9:25:86:68:91:e1:90:37:30:d5:23:
e8:e9:46:29:a3:8d:a2:2e:e2:dc:5d:da:61:43:8f:
c9:fb:43:5f:2a:cc:c6:3a:1f:7e:21:ff:0c:1e:7e:
97:6d:75:5a:9c:92:cd:e0:d3:ec:96:44:6b:72:54:
58:ae:23:57:a7:6e:65:13:24:87:44:17:93:7c:24:
74:a8:8f:2b:55:0b:b4:df:15:e3:38:46:49:96:2b:
d8:72:c4:59:a2:fa:f1:cb:a1:fe:31:e2:f2:dd:1f:
70:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5A:BA:CF:AF:20:67:82:81:01:48:C5:38:AE:F5:CC:3A:35:59:29
X509v3 Authority Key Identifier:
keyid:64:F8:AF:81:EA:B9:08:99:62:14:D4:39:F7:11:70:0E:9F:48:B4:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/ZPivgeq5CJliFNQ59xFwDp9ItMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZPivgeq5CJliFNQ59xFwDp9ItMs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/5A2D13BE113011EBA8684B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.27.0/24
103.156.189.0/24
IPv6:
2001:df4:ab80::/48
Signature Algorithm: sha256WithRSAEncryption
f0:ec:4b:1a:9a:bd:48:37:75:a9:23:61:49:0b:4f:2e:4a:f0:
52:d8:78:0c:49:8e:85:c0:06:21:06:4a:68:ea:da:fd:65:7e:
60:1e:93:73:49:e0:b0:7e:4a:de:50:4f:69:0e:34:17:5c:43:
ea:f1:84:7b:70:9b:b8:81:3b:d4:99:50:a7:c9:82:08:ec:b5:
3e:85:57:a0:a4:4e:d4:3f:45:a5:49:f8:c7:b2:46:3f:da:23:
22:ba:7b:d4:5c:ce:21:7f:d3:4d:d4:4c:4e:3c:55:c4:30:a9:
87:6b:db:4b:18:b0:73:11:82:ce:9d:1c:15:31:5f:0b:a5:8e:
c4:b1:3e:48:da:00:37:53:30:1e:e9:12:ff:57:07:17:64:a9:
5f:df:bd:36:21:77:1e:c5:21:45:32:b7:26:e1:ae:b1:3b:1e:
91:c5:4d:fe:06:c7:09:a6:30:f9:79:cd:16:22:36:40:13:39:
67:7e:fe:c3:2c:e9:e4:57:ea:62:4b:5a:45:d7:00:68:f2:4c:
59:ac:bd:7f:92:5f:5b:3b:94:64:10:86:13:8d:47:97:02:47:
fe:04:ac:dd:6b:6e:d0:54:08:45:e3:d2:bc:7a:7d:9f:9c:6a:
4a:f9:aa:4d:61:55:e1:3b:03:6e:22:e8:3c:70:a3:8d:bb:4f:
b8:7d:8d:a1
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUyMzAxMTAvBgNVBAUTKDY0RjhBRjgxRUFCOTA4OTk2MjE0RDQzOUY3MTE3MDBF
OUY0OEI0Q0IwHhcNMjIwOTE5MjMxOTQwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI4ZjkwYy1hZmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuRtG/VpZ0BqF3d7iLyXLc1ZOl6tXP3QkUSSAK3XnZ2OtJX/e5B68wVwRqL5s
4z1QDXCQm4rkA+cFSb2AarOuh+k6DavJbHmA4FWa90mEdaNrgaOve6/qi8LgMmM6
jpCX+SQiHA/NhRvLn6GGZPblqjxKlkbGhrMxayyPjkQiZuVa0cG+Hg8xvBpibK/R
/zBwywUTuSVZBEXi6SWGaJHhkDcw1SPo6UYpo42iLuLcXdphQ4/J+0NfKszGOh9+
If8MHn6XbXVanJLN4NPslkRrclRYriNXp25lEySHRBeTfCR0qI8rVQu03xXjOEZJ
livYcsRZovrxy6H+MeLy3R9wzwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFPFaus+v
IGeCgQFIxTiu9cw6NVkpMB8GA1UdIwQYMBaAFGT4r4HquQiZYhTUOfcRcA6fSLTL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTIzMC9DNTAwNzREQUU4
NTIxMUVBQUM1MEI1NTFDNEY5QUUwMi9aUGl2Z2VxNUNKbGlGTlE1OXhGd0RwOUl0
TXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pQaXZnZXE1Q0psaUZOUTU5eEZ3RHA5SXRNcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDUyMzAvQzUwMDc0REFFODUyMTFFQUFDNTBCNTUxQzRGOUFFMDIvNUEyRDEzQkUx
MTMwMTFFQkE4Njg0QjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnmxsDBABnnL0wDwQCAAIwCQMHACABDfSrgDANBgkqhkiG
9w0BAQsFAAOCAQEA8OxLGpq9SDd1qSNhSQtPLkrwUth4DEmOhcAGIQZKaOra/WV+
YB6Tc0ngsH5K3lBPaQ40F1xD6vGEe3CbuIE71JlQp8mCCOy1PoVXoKRO1D9FpUn4
x7JGP9ojIrp71FzOIX/TTdRMTjxVxDCph2vbSxiwcxGCzp0cFTFfC6WOxLE+SNoA
N1MwHukS/1cHF2SpX9+9NiF3HsUhRTK3JuGusTsekcVN/gbHCaYw+XnNFiI2QBM5
Z37+wyzp5FfqYktaRdcAaPJMWay9f5JfWzuUZBCGE41HlwJH/gSs3Wtu0FQIRePS
vHp9n5xqSvmqTWFV4TsDbiLoPHCjjbtPuH2NoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org