Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0E19/7071464EEDEF11EB8E21DE2DC4F9AE02/024A52D6E15B11ECA05C9236C4F9AE02.roa
File: 024A52D6E15B11ECA05C9236C4F9AE02.roa (raw, json)
Hash identifier: k43uH7l+tAqxxdUlMRPfxboc1N3cWTXfuFdDZa7Cjqs=
Subject key identifier: C5:E3:EB:0E:09:3F:7F:B0:30:0B:EB:D8:FA:97:3D:19:38:E2:0C:AC
Certificate issuer: /CN=A91E0E19/serialNumber=EF5001A75B58059D93A5D3163854B46AD66A9EC8
Certificate serial: 027B
Authority key identifier: EF:50:01:A7:5B:58:05:9D:93:A5:D3:16:38:54:B4:6A:D6:6A:9E:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71ABp1tYBZ2TpdMWOFS0atZqnsg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0E19/7071464EEDEF11EB8E21DE2DC4F9AE02/024A52D6E15B11ECA05C9236C4F9AE02.roa
Signing time: Fri 03 Jun 2022 15:02:30 +0000
ROA not before: Fri 03 Jun 2022 15:02:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134715
IP address blocks: 103.166.42.0/23 maxlen: 24
2407:5040::/32 maxlen: 40
2407:5040:1501::/48 maxlen: 48
2407:5040:1502::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 635 (0x27b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0E19/serialNumber=EF5001A75B58059D93A5D3163854B46AD66A9EC8
Validity
Not Before: Jun 3 15:02:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=629a2286-6568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:f1:f3:9f:57:92:e3:6a:57:da:5d:56:48:
ca:c5:39:79:a9:a8:27:86:ae:81:1a:b8:51:fb:0a:
7d:d4:c0:c8:5c:4c:c6:66:ff:49:90:36:86:fb:fb:
6a:50:63:ba:11:e1:9e:b4:c0:83:51:1e:97:fd:78:
77:78:01:6f:60:09:2e:e3:ac:18:dd:a2:ba:9c:a2:
68:99:cc:e8:c3:9b:61:f6:47:a6:f1:8e:d0:90:a2:
77:43:b9:85:db:c6:5b:e8:14:90:a9:5c:dd:c8:cc:
fc:82:fb:73:e9:28:46:e6:8b:8b:1d:72:e1:f1:f1:
bb:b2:47:44:fd:1d:97:11:86:23:ae:dd:31:cc:74:
d0:f2:f2:b8:e9:1c:dd:33:df:7e:d6:aa:45:bf:d6:
f1:f3:42:e6:d5:5b:75:f9:1e:3b:9c:9b:42:c1:ce:
5c:2c:f3:90:b8:88:d0:2b:b6:b0:34:bb:fb:2c:23:
5a:e2:2a:a9:67:fd:80:22:96:e7:af:8a:32:9d:4e:
2d:c5:3a:76:de:3f:ed:87:58:8a:e8:76:ec:0e:f5:
a9:1b:e7:51:57:ac:65:cf:71:79:30:14:2b:3b:46:
c8:1f:a1:49:75:d8:1b:ef:e9:30:1c:e1:b1:3b:41:
9b:57:8b:67:79:3c:88:1b:27:52:45:9f:c7:a7:4c:
db:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E3:EB:0E:09:3F:7F:B0:30:0B:EB:D8:FA:97:3D:19:38:E2:0C:AC
X509v3 Authority Key Identifier:
keyid:EF:50:01:A7:5B:58:05:9D:93:A5:D3:16:38:54:B4:6A:D6:6A:9E:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0E19/7071464EEDEF11EB8E21DE2DC4F9AE02/71ABp1tYBZ2TpdMWOFS0atZqnsg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71ABp1tYBZ2TpdMWOFS0atZqnsg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0E19/7071464EEDEF11EB8E21DE2DC4F9AE02/024A52D6E15B11ECA05C9236C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.42.0/23
IPv6:
2407:5040::/32
Signature Algorithm: sha256WithRSAEncryption
66:33:a3:cb:83:99:11:8b:42:fd:b3:ac:30:7f:df:1a:d9:21:
12:ae:ed:8c:56:9e:45:70:75:1e:3c:c2:54:cc:42:a6:e2:8b:
50:70:52:45:7e:0d:81:f2:f3:2a:38:a1:ec:56:e9:77:53:64:
64:83:dd:c6:1e:70:87:f3:7a:4f:14:74:ab:2b:d3:5f:73:58:
ff:d6:77:d1:11:9a:7b:e2:66:32:83:bd:c1:5d:4d:db:4f:de:
8c:1b:20:b0:3c:4c:a7:6d:3a:96:e6:0a:88:5a:71:19:54:f4:
1d:ee:b9:57:0b:68:32:c2:4b:07:c8:49:62:49:3f:0e:da:59:
40:73:26:0c:33:6a:d0:21:9f:f3:b8:da:b0:7d:2a:2e:86:3a:
e8:39:55:8c:8d:0d:76:95:d1:17:62:9c:5e:78:42:ba:1a:7f:
11:93:9e:93:0e:5f:13:ea:86:06:a7:c2:63:2e:5e:b9:35:2a:
1b:59:ad:9c:b0:fc:d9:b5:de:d6:2f:c7:eb:d3:22:88:16:00:
c5:20:5d:5b:2d:47:cd:b1:a9:bc:92:da:ef:7f:d4:c0:3a:c0:
ab:c1:a4:5a:7c:65:2d:19:e0:4f:60:46:58:1f:4f:59:3e:d4:
e4:fa:89:1f:54:47:4b:d3:81:21:05:b3:26:86:94:1f:e1:cf:
4d:3a:b6:a2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBFMTkxMTAvBgNVBAUTKEVGNTAwMUE3NUI1ODA1OUQ5M0E1RDMxNjM4NTRCNDZB
RDY2QTlFQzgwHhcNMjIwNjAzMTUwMjMwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjlhMjI4Ni02NTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApujx859XkuNqV9pdVkjKxTl5qagnhq6BGrhR+wp91MDIXEzGZv9JkDaG+/tq
UGO6EeGetMCDUR6X/Xh3eAFvYAku46wY3aK6nKJomczow5th9kem8Y7QkKJ3Q7mF
28Zb6BSQqVzdyMz8gvtz6ShG5ouLHXLh8fG7skdE/R2XEYYjrt0xzHTQ8vK46Rzd
M99+1qpFv9bx80Lm1Vt1+R47nJtCwc5cLPOQuIjQK7awNLv7LCNa4iqpZ/2AIpbn
r4oynU4txTp23j/th1iK6HbsDvWpG+dRV6xlz3F5MBQrO0bIH6FJddgb7+kwHOGx
O0GbV4tneTyIGydSRZ/Hp0zbywIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMXj6w4J
P3+wMAvr2PqXPRk44gysMB8GA1UdIwQYMBaAFO9QAadbWAWdk6XTFjhUtGrWap7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEUxOS83MDcxNDY0RUVE
RUYxMUVCOEUyMURFMkRDNEY5QUUwMi83MUFCcDF0WUJaMlRwZE1XT0ZTMGF0WnFu
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcxQUJwMXRZQloyVHBkTVdPRlMwYXRacW5zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBFMTkvNzA3MTQ2NEVFREVGMTFFQjhFMjFERTJEQzRGOUFFMDIvMDI0QTUyRDZF
MTVCMTFFQ0EwNUM5MjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnpiowDQQCAAIwBwMFACQHUEAwDQYJKoZIhvcNAQELBQAD
ggEBAGYzo8uDmRGLQv2zrDB/3xrZIRKu7YxWnkVwdR48wlTMQqbii1BwUkV+DYHy
8yo4oexW6XdTZGSD3cYecIfzek8UdKsr019zWP/Wd9ERmnviZjKDvcFdTdtP3owb
ILA8TKdtOpbmCohacRlU9B3uuVcLaDLCSwfISWJJPw7aWUBzJgwzatAhn/O42rB9
Ki6GOug5VYyNDXaV0RdinF54QroafxGTnpMOXxPqhganwmMuXrk1KhtZrZyw/Nm1
3tYvx+vTIogWAMUgXVstR82xqbyS2u9/1MA6wKvBpFp8ZS0Z4E9gRlgfT1k+1OT6
iR9UR0vTgSEFsyaGlB/hz006tqI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org