Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/4D0B623E4E4511EAADC8604BC4F9AE02.roa
File: 4D0B623E4E4511EAADC8604BC4F9AE02.roa (raw, json)
Hash identifier: cQXBz+3/sSnHiNTYqEA8QhXbAO+Up+oV2B15GgL1cVU=
Subject key identifier: 6B:54:23:DC:95:08:9D:4F:21:FD:E7:E0:DA:84:85:57:D8:E8:5C:CE
Certificate issuer: /CN=A91EAF4B/serialNumber=D5B9BBA3305E88C000F562939D138BA506227B2A
Certificate serial: 04AE
Authority key identifier: D5:B9:BB:A3:30:5E:88:C0:00:F5:62:93:9D:13:8B:A5:06:22:7B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1bm7ozBeiMAA9WKTnROLpQYieyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/4D0B623E4E4511EAADC8604BC4F9AE02.roa
Signing time: Mon 29 Mar 2021 21:15:04 +0000
ROA not before: Mon 29 Mar 2021 21:15:04 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 140077
IP address blocks: 103.148.50.0/24 maxlen: 24
103.148.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1198 (0x4ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAF4B/serialNumber=D5B9BBA3305E88C000F562939D138BA506227B2A
Validity
Not Before: Mar 29 21:15:04 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=60624357-373c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:3d:68:62:eb:60:38:68:01:ec:ed:d6:29:
82:05:7f:e0:27:15:96:70:de:e1:53:1a:e9:b8:99:
6b:1e:0a:8a:3a:68:12:fc:01:44:6d:07:85:91:af:
3a:fe:b3:aa:17:17:56:1e:0f:f6:47:63:cb:18:4f:
b8:f0:94:7b:69:20:1b:79:de:45:09:a8:52:6a:36:
07:33:ba:fb:a3:e9:94:da:fe:0a:b1:1e:2a:8d:b6:
fa:de:42:0b:e4:90:ad:53:3d:7e:96:2e:a0:24:ce:
e6:26:aa:ac:a8:bf:d9:4f:19:e5:95:2e:ca:c1:10:
6b:45:e5:e8:c1:24:ca:47:ce:a7:e8:53:77:2f:6f:
c4:56:c4:e8:cf:26:85:21:1e:60:1a:0e:10:c6:58:
15:4d:1c:07:fc:12:5b:f2:e4:81:66:96:98:92:64:
28:81:fb:3c:36:b1:b5:56:8e:b5:ca:53:fa:f1:8a:
bb:c5:1d:ad:93:c4:c8:6d:71:96:f3:dd:59:23:50:
43:9b:91:59:02:01:8e:f2:7e:da:e1:05:69:74:81:
a8:66:bf:97:3b:80:a4:3a:0b:e1:4d:5d:8d:73:95:
be:32:14:89:bc:13:ea:cf:77:ca:30:21:52:eb:97:
bb:6e:02:e7:1d:5f:0a:c0:1f:33:ec:6b:07:d4:f8:
16:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:54:23:DC:95:08:9D:4F:21:FD:E7:E0:DA:84:85:57:D8:E8:5C:CE
X509v3 Authority Key Identifier:
keyid:D5:B9:BB:A3:30:5E:88:C0:00:F5:62:93:9D:13:8B:A5:06:22:7B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/1bm7ozBeiMAA9WKTnROLpQYieyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1bm7ozBeiMAA9WKTnROLpQYieyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/4D0B623E4E4511EAADC8604BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.50.0/23
Signature Algorithm: sha256WithRSAEncryption
49:a5:f7:86:0f:a2:d1:b3:15:6a:f9:d1:f7:b0:64:d7:c2:29:
94:0b:b5:66:68:bb:94:80:19:e8:a9:07:b2:0f:7e:20:a7:5e:
6e:bd:6c:1c:81:ef:fd:94:e6:45:1f:e9:bd:32:ff:b8:2d:0d:
3e:ba:81:1c:ed:eb:14:f9:37:fd:6e:f1:7b:1a:6d:69:4b:6a:
9a:36:8c:0c:4f:5a:40:ad:a6:db:89:1c:a6:7d:6c:f5:de:5e:
f0:ac:35:e4:d4:e4:68:50:73:e5:b0:e6:24:91:e8:e3:c9:e7:
8a:f5:c0:0a:17:dc:82:3f:67:33:d6:f4:d9:49:b7:56:ac:5a:
af:bf:02:b8:b3:38:41:15:c4:76:4e:bb:d0:58:a6:3e:19:50:
b2:4f:0b:d9:1e:4a:a6:be:59:83:62:94:f0:24:b7:e2:b0:0c:
8d:33:19:97:a4:1e:5f:f8:af:4f:db:09:18:d5:55:0b:a0:f7:
9e:c0:2e:34:84:96:9b:ce:ac:06:2a:69:8b:a4:7f:60:d2:f2:
2e:14:6d:47:0e:69:85:ed:32:a9:9d:ad:af:2f:8d:b1:f4:d5:
0b:0c:c1:d1:94:f6:76:36:99:14:cc:14:42:87:f9:b5:75:dc:
85:68:6b:a7:e8:10:77:81:72:63:f9:16:98:5a:93:52:62:82:
44:29:8d:d3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFGNEIxMTAvBgNVBAUTKEQ1QjlCQkEzMzA1RTg4QzAwMEY1NjI5MzlEMTM4QkE1
MDYyMjdCMkEwHhcNMjEwMzI5MjExNTA0WhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDYyNDM1Ny0zNzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAve49aGLrYDhoAezt1imCBX/gJxWWcN7hUxrpuJlrHgqKOmgS/AFEbQeFka86
/rOqFxdWHg/2R2PLGE+48JR7aSAbed5FCahSajYHM7r7o+mU2v4KsR4qjbb63kIL
5JCtUz1+li6gJM7mJqqsqL/ZTxnllS7KwRBrReXowSTKR86n6FN3L2/EVsTozyaF
IR5gGg4QxlgVTRwH/BJb8uSBZpaYkmQogfs8NrG1Vo61ylP68Yq7xR2tk8TIbXGW
891ZI1BDm5FZAgGO8n7a4QVpdIGoZr+XO4CkOgvhTV2Nc5W+MhSJvBPqz3fKMCFS
65e7bgLnHV8KwB8z7GsH1PgWjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGtUI9yV
CJ1PIf3n4NqEhVfY6FzOMB8GA1UdIwQYMBaAFNW5u6MwXojAAPVik50Ti6UGInsq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUY0Qi84NDg1OEY2QTQ3
MTkxMUVBOTA4NjMwNzJDNEY5QUUwMi8xYm03b3pCZWlNQUE5V0tUblJPTHBRWWll
eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFibTdvekJlaU1BQTlXS1RuUk9McFFZaWV5by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFGNEIvODQ4NThGNkE0NzE5MTFFQTkwODYzMDcyQzRGOUFFMDIvNEQwQjYyM0U0
RTQ1MTFFQUFEQzg2MDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlDIwDQYJKoZIhvcNAQELBQADggEBAEml94YPotGzFWr5
0fewZNfCKZQLtWZou5SAGeipB7IPfiCnXm69bByB7/2U5kUf6b0y/7gtDT66gRzt
6xT5N/1u8XsabWlLapo2jAxPWkCtptuJHKZ9bPXeXvCsNeTU5GhQc+Ww5iSR6OPJ
54r1wAoX3II/ZzPW9NlJt1asWq+/ArizOEEVxHZOu9BYpj4ZULJPC9keSqa+WYNi
lPAkt+KwDI0zGZekHl/4r0/bCRjVVQug957ALjSElpvOrAYqaYukf2DS8i4UbUcO
aYXtMqmdra8vjbH01QsMwdGU9nY2mRTMFEKH+bV13IVoa6foEHeBcmP5Fphak1Ji
gkQpjdM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org