Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/52C9B6A4DF8711ED8F5EEC2FC4F9AE02.roa
File: 52C9B6A4DF8711ED8F5EEC2FC4F9AE02.roa (raw, json)
Hash identifier: LDrZf4v/3mvHTnua0mBkPkY08VdaxSATBvEZwfVyuWw=
Subject key identifier: AD:E9:FD:27:BA:69:64:D1:25:0B:F8:84:B8:5C:53:2F:DF:39:69:2D
Certificate issuer: /CN=A91F0FC6/serialNumber=66E6F6F8FDCE3D954A77E5B0A3E250CC262E5D5D
Certificate serial: 2C
Authority key identifier: 66:E6:F6:F8:FD:CE:3D:95:4A:77:E5:B0:A3:E2:50:CC:26:2E:5D:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zub2-P3OPZVKd-Wwo-JQzCYuXV0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/52C9B6A4DF8711ED8F5EEC2FC4F9AE02.roa
Signing time: Fri 21 Apr 2023 02:27:22 +0000
ROA not before: Fri 21 Apr 2023 02:27:22 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150430
IP address blocks: 103.41.112.0/23 maxlen: 23
2001:df1:efc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44 (0x2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F0FC6/serialNumber=66E6F6F8FDCE3D954A77E5B0A3E250CC262E5D5D
Validity
Not Before: Apr 21 02:27:22 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6441f48a-259c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2a:1d:a4:2f:c6:0b:0e:5f:41:28:1b:c4:c2:
fd:30:23:79:d5:b7:4c:e0:3a:66:14:5d:94:0b:79:
0b:f8:de:bf:24:63:ff:5a:24:22:02:e3:63:7a:9f:
4e:92:d3:c3:80:4b:c3:56:41:28:9f:09:2e:44:9f:
d0:b8:4a:3e:50:89:d8:3d:d8:4d:52:3f:49:61:e2:
19:c2:d0:7c:51:42:d0:0b:fb:eb:74:5d:82:38:eb:
b3:af:21:e1:a2:be:e9:bc:4f:a3:7f:09:3d:1d:55:
e2:5e:3d:d8:b1:ad:fc:eb:f7:85:4e:da:c8:c3:5f:
5e:91:c4:41:55:cc:f5:1d:41:e7:c8:7c:0f:25:6f:
fd:9c:6b:a3:df:15:33:e3:37:3a:8a:1c:2d:c1:8a:
8b:9e:39:d5:07:a4:39:24:ec:07:d5:3e:3f:58:66:
13:98:df:9d:11:29:44:7c:a8:28:c9:2c:16:8a:ad:
29:56:eb:23:b5:2d:ab:31:8a:ce:b9:ab:f7:9b:8b:
ae:69:08:05:b0:54:f4:e4:f1:f6:a8:ce:7e:77:ca:
18:52:79:81:b5:29:19:88:2d:f3:5a:d7:b5:7c:c2:
09:b3:d8:9a:18:70:ff:0e:23:71:f3:32:5a:9c:7e:
1d:47:3a:af:a3:8e:12:7c:1c:a9:93:a4:81:67:f4:
6e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E9:FD:27:BA:69:64:D1:25:0B:F8:84:B8:5C:53:2F:DF:39:69:2D
X509v3 Authority Key Identifier:
keyid:66:E6:F6:F8:FD:CE:3D:95:4A:77:E5:B0:A3:E2:50:CC:26:2E:5D:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/Zub2-P3OPZVKd-Wwo-JQzCYuXV0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zub2-P3OPZVKd-Wwo-JQzCYuXV0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0FC6/1D9F3E08A76111ED98242252C4F9AE02/52C9B6A4DF8711ED8F5EEC2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.112.0/23
IPv6:
2001:df1:efc0::/48
Signature Algorithm: sha256WithRSAEncryption
92:74:34:bc:94:99:4a:7b:02:6c:62:11:ba:98:6c:51:d7:f6:
44:9a:6c:98:b0:67:26:9b:60:f4:e7:76:da:3c:84:7f:e5:fe:
7c:fd:2c:ff:6b:a5:aa:b0:1d:72:65:af:29:4d:58:78:a2:c5:
02:f1:6c:dd:07:27:5a:50:2f:c4:e8:09:86:05:14:7d:78:b2:
3f:98:65:15:b9:ea:a2:7f:f9:6e:62:b5:75:cf:d9:08:21:9a:
88:98:6c:64:35:54:93:78:07:a0:bd:f5:8a:ba:c9:b5:6d:1d:
68:d0:54:69:80:87:a4:a4:4a:40:86:c7:ab:80:27:84:a3:49:
a3:6b:c4:9a:3f:1d:fe:e4:1c:a7:ab:8d:3d:4f:60:a1:fb:d7:
6a:d1:8b:99:19:e7:53:63:25:75:61:ec:b6:c5:e7:5a:ba:a0:
ec:1a:55:db:d2:5b:0f:9f:90:fe:70:67:c2:8b:96:b7:fd:91:
27:68:46:b2:75:62:24:e1:fb:56:64:5d:07:8c:0d:a8:f3:ae:
66:63:da:f3:54:12:d9:bb:c7:40:b0:17:63:79:e1:b7:a9:dc:
1b:d0:5c:15:9c:22:53:98:f3:23:6f:16:1a:50:d9:14:3f:44:
4c:11:a2:d4:ce:16:05:cc:fe:73:7b:d4:bc:91:ce:ac:56:8d:
c4:c9:f0:93
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MEZDNjExMC8GA1UEBRMoNjZFNkY2RjhGRENFM0Q5NTRBNzdFNUIwQTNFMjUwQ0My
NjJFNUQ1RDAeFw0yMzA0MjEwMjI3MjJaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NDFmNDhhLTI1OWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuKh2kL8YLDl9BKBvEwv0wI3nVt0zgOmYUXZQLeQv43r8kY/9aJCIC42N6n06S
08OAS8NWQSifCS5En9C4Sj5Qidg92E1SP0lh4hnC0HxRQtAL++t0XYI467OvIeGi
vum8T6N/CT0dVeJePdixrfzr94VO2sjDX16RxEFVzPUdQefIfA8lb/2ca6PfFTPj
NzqKHC3BioueOdUHpDkk7AfVPj9YZhOY350RKUR8qCjJLBaKrSlW6yO1Lasxis65
q/ebi65pCAWwVPTk8faozn53yhhSeYG1KRmILfNa17V8wgmz2JoYcP8OI3HzMlqc
fh1HOq+jjhJ8HKmTpIFn9G63AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUren9J7pp
ZNElC/iEuFxTL985aS0wHwYDVR0jBBgwFoAUZub2+P3OPZVKd+Wwo+JQzCYuXV0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwRkM2LzFEOUYzRTA4QTc2
MTExRUQ5ODI0MjI1MkM0RjlBRTAyL1p1YjItUDNPUFpWS2QtV3dvLUpRekNZdVhW
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWnViMi1QM09QWlZLZC1Xd28tSlF6Q1l1WFYwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MEZDNi8xRDlGM0UwOEE3NjExMUVEOTgyNDIyNTJDNEY5QUUwMi81MkM5QjZBNERG
ODcxMUVEOEY1RUVDMkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcpcDAPBAIAAjAJAwcAIAEN8e/AMA0GCSqGSIb3DQEBCwUA
A4IBAQCSdDS8lJlKewJsYhG6mGxR1/ZEmmyYsGcmm2D053baPIR/5f58/Sz/a6Wq
sB1yZa8pTVh4osUC8WzdBydaUC/E6AmGBRR9eLI/mGUVueqif/luYrV1z9kIIZqI
mGxkNVSTeAegvfWKusm1bR1o0FRpgIekpEpAhsergCeEo0mja8SaPx3+5Bynq409
T2Ch+9dq0YuZGedTYyV1Yey2xedauqDsGlXb0lsPn5D+cGfCi5a3/ZEnaEaydWIk
4ftWZF0HjA2o865mY9rzVBLZu8dAsBdjeeG3qdwb0FwVnCJTmPMjbxYaUNkUP0RM
EaLUzhYFzP5ze9S8kc6sVo3EyfCT
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org