Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/1891C49ADE9311ECA6280E1CC4F9AE02.roa
File: 1891C49ADE9311ECA6280E1CC4F9AE02.roa (raw, json)
Hash identifier: WEZp+ZSOrVW/75otxLxOw5qwaZlgkvQrYn7hgofeCQY=
Subject key identifier: A9:AF:FF:8A:45:83:81:F3:40:07:D7:8A:C1:4C:B1:22:8A:AB:E3:6C
Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial: 012C
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/1891C49ADE9311ECA6280E1CC4F9AE02.roa
Signing time: Sat 28 May 2022 14:33:10 +0000
ROA not before: Sat 28 May 2022 14:33:10 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 136526
IP address blocks: 103.254.73.0/24 maxlen: 24
103.254.74.0/24 maxlen: 24
103.254.75.0/24 maxlen: 24
192.51.188.0/24 maxlen: 24
192.197.113.0/24 maxlen: 24
199.212.57.0/24 maxlen: 24
204.52.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300 (0x12c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Validity
Not Before: May 28 14:33:10 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=629232a5-be25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:49:90:c2:e9:67:bd:27:88:a4:3a:40:e1:f1:
7a:72:1b:cd:b3:45:20:51:be:3c:00:c6:c5:f0:2e:
6f:e0:28:c3:3f:09:30:48:70:1b:d2:13:1c:01:4f:
01:a2:c1:75:9c:5b:65:91:0a:36:b8:c9:ca:eb:ba:
ff:40:3e:f8:dc:97:fd:e5:88:47:7f:34:b5:3b:73:
be:fa:d3:dd:5d:cf:c0:5f:9b:83:99:4f:a9:45:65:
85:d1:7d:50:c7:0b:64:8c:2c:c6:10:e0:9b:92:18:
14:28:99:00:80:c3:52:9a:27:a1:94:cc:3a:a3:db:
b2:b1:a8:73:84:26:ab:86:c9:ac:84:28:df:ae:1a:
4e:f6:ac:36:88:27:9e:e5:42:71:f5:7b:80:78:5d:
4d:d1:89:21:7c:43:e0:1a:ee:4c:85:14:12:ca:b5:
36:44:42:ad:3c:4e:7a:c9:ce:c6:2c:a3:a7:03:c3:
91:a3:e7:45:73:e1:95:aa:fe:c4:a0:f2:5c:9b:95:
f1:97:85:fa:68:c7:d7:1f:88:31:47:c9:38:34:35:
8b:62:ca:c7:92:10:cf:9b:b5:cd:08:b0:fc:a2:18:
57:a9:0b:e5:c0:42:9b:2b:dd:2c:6a:01:ea:72:41:
7a:23:19:9c:28:49:4a:3a:07:72:59:7c:53:92:8a:
87:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AF:FF:8A:45:83:81:F3:40:07:D7:8A:C1:4C:B1:22:8A:AB:E3:6C
X509v3 Authority Key Identifier:
keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/1891C49ADE9311ECA6280E1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.73.0-103.254.75.255
192.51.188.0/24
192.197.113.0/24
199.212.57.0/24
204.52.191.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a9:9b:d8:4b:13:10:0c:71:35:b2:bb:2c:ec:fe:ee:cd:bb:
96:28:50:54:a4:cc:00:27:be:e4:ed:ef:ef:aa:cd:e7:5e:3c:
34:c7:9d:f6:c4:ac:0d:2b:dd:b5:15:a1:b7:88:1f:62:01:96:
89:f1:b9:9f:e4:c7:a2:22:70:df:ef:ea:4b:81:f1:e7:85:49:
e0:a4:c8:aa:a1:fd:ee:99:5f:52:be:f6:3a:51:dc:65:3d:eb:
cd:ba:bf:ad:5b:a2:67:4c:b3:41:1d:67:18:24:2a:13:86:1b:
f5:b4:55:ab:38:af:2d:8c:dd:0d:7b:82:ee:b9:4f:0b:ea:af:
60:83:ac:37:de:e9:7a:a0:3e:e6:f1:af:80:9a:d0:06:3c:af:
f7:82:5e:95:d4:25:1e:71:f7:60:75:26:9e:21:b3:dd:80:7c:
2a:15:03:bb:aa:01:9d:9c:0f:24:29:4e:97:21:ae:f2:e5:ce:
98:83:8f:48:bd:de:b8:eb:1c:a9:99:9c:4d:71:c0:4f:f2:01:
39:de:81:d5:f6:12:a3:77:8d:22:f9:ab:0b:f7:3b:62:67:2f:
b5:7f:3a:8a:e6:23:86:ea:ac:18:d1:b0:39:4d:9e:c5:dc:3d:
f3:f1:12:bd:3f:c4:51:d0:4d:83:dd:5f:9d:1b:d4:91:ac:4e:
ba:50:e9:27
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICASwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC
RUQ1RDk4OTIwHhcNMjIwNTI4MTQzMzEwWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjkyMzJhNS1iZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0mQwulnvSeIpDpA4fF6chvNs0UgUb48AMbF8C5v4CjDPwkwSHAb0hMcAU8B
osF1nFtlkQo2uMnK67r/QD743Jf95YhHfzS1O3O++tPdXc/AX5uDmU+pRWWF0X1Q
xwtkjCzGEOCbkhgUKJkAgMNSmiehlMw6o9uysahzhCarhsmshCjfrhpO9qw2iCee
5UJx9XuAeF1N0YkhfEPgGu5MhRQSyrU2REKtPE56yc7GLKOnA8ORo+dFc+GVqv7E
oPJcm5Xxl4X6aMfXH4gxR8k4NDWLYsrHkhDPm7XNCLD8ohhXqQvlwEKbK90sagHq
ckF6IxmcKElKOgdyWXxTkoqHfQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFKmv/4pF
g4HzQAfXisFMsSKKq+NsMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw
RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCODEvQ0Y5NjYzQzY3MEY3MTFFQ0IzMThFNDNBQzRGOUFFMDIvMTg5MUM0OUFE
RTkzMTFFQ0E2MjgwRTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYwDAMEAGf+SQMEAmf+SAMEAMAzvAMEAMDFcQMEAMfUOQMEAMw0
vzANBgkqhkiG9w0BAQsFAAOCAQEAIamb2EsTEAxxNbK7LOz+7s27lihQVKTMACe+
5O3v76rN5148NMed9sSsDSvdtRWht4gfYgGWifG5n+THoiJw3+/qS4Hx54VJ4KTI
qqH97plfUr72OlHcZT3rzbq/rVuiZ0yzQR1nGCQqE4Yb9bRVqzivLYzdDXuC7rlP
C+qvYIOsN97peqA+5vGvgJrQBjyv94JeldQlHnH3YHUmniGz3YB8KhUDu6oBnZwP
JClOlyGu8uXOmIOPSL3euOscqZmcTXHAT/IBOd6B1fYSo3eNIvmrC/c7YmcvtX86
iuYjhuqsGNGwOU2exdw98/ESvT/EUdBNg91fnRvUkaxOulDpJw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:10 2023 by rpki-client on console-fra.rpki-client.org