Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4C6B/278AA3E4B51F11EA9FE8BD58C4F9AE02/E04E9F2AB51F11EA9146DD58C4F9AE02.roa
File: E04E9F2AB51F11EA9146DD58C4F9AE02.roa (raw, json)
Hash identifier: erYpYUemXr4hKHq3kuSTyEmovyBZZvDT2FX3Gz+sf74=
Subject key identifier: 0B:BA:83:45:AB:81:DD:FC:BC:5D:E6:C7:37:38:DC:88:1C:88:36:B7
Certificate issuer: /CN=A91F4C6B/serialNumber=E26873B45F88D1F5D883C17E4CCF70A245162142
Certificate serial: 068D
Authority key identifier: E2:68:73:B4:5F:88:D1:F5:D8:83:C1:7E:4C:CF:70:A2:45:16:21:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4mhztF-I0fXYg8F-TM9wokUWIUI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F4C6B/278AA3E4B51F11EA9FE8BD58C4F9AE02/E04E9F2AB51F11EA9146DD58C4F9AE02.roa
Signing time: Tue 30 Aug 2022 10:38:35 +0000
ROA not before: Tue 30 Aug 2022 10:38:35 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 134371
IP address blocks: 103.152.102.0/23 maxlen: 23
103.152.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1677 (0x68d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F4C6B/serialNumber=E26873B45F88D1F5D883C17E4CCF70A245162142
Validity
Not Before: Aug 30 10:38:35 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=630de8aa-6ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a2:97:09:66:c4:47:78:da:de:bb:07:be:bd:
5d:be:3c:11:cc:e3:b2:59:1f:ae:de:24:c6:81:c6:
f0:d1:b1:f8:a7:b7:7d:ce:ab:56:7e:72:49:cf:fa:
16:c6:09:7d:ac:b3:b5:83:9f:10:65:6c:f7:71:55:
84:56:4b:db:37:42:5f:21:24:18:94:74:81:71:c1:
93:f0:f6:91:3e:4b:c9:c0:ee:c9:bf:b3:aa:ad:54:
1a:7f:1f:df:28:ee:9d:12:a7:f7:f3:8f:6d:ee:92:
7f:1b:4d:8d:ae:95:5d:4e:15:45:6d:f0:99:5e:48:
c6:a7:9c:c3:8a:bf:65:e8:9a:92:23:d1:42:b9:cc:
71:c7:aa:47:94:75:1c:9b:98:0d:b0:c9:e4:b0:a5:
93:51:dc:65:ca:06:77:d3:40:d1:1c:e1:0a:66:10:
3f:d2:15:7b:87:0d:90:8d:e0:f9:13:ff:3f:f3:7c:
e1:3d:fa:3d:64:be:71:58:6a:8c:7d:c6:b1:9d:85:
36:7b:e6:9a:97:2c:dd:01:10:99:e7:75:28:d9:d0:
20:54:cf:25:92:3b:05:38:da:95:9d:b2:80:02:f7:
81:b9:e0:c5:78:42:bb:fe:f2:a7:8e:e7:6e:34:2b:
0c:6d:79:8d:15:94:e8:6c:98:b6:b0:0c:2a:3a:97:
85:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BA:83:45:AB:81:DD:FC:BC:5D:E6:C7:37:38:DC:88:1C:88:36:B7
X509v3 Authority Key Identifier:
keyid:E2:68:73:B4:5F:88:D1:F5:D8:83:C1:7E:4C:CF:70:A2:45:16:21:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F4C6B/278AA3E4B51F11EA9FE8BD58C4F9AE02/4mhztF-I0fXYg8F-TM9wokUWIUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4mhztF-I0fXYg8F-TM9wokUWIUI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4C6B/278AA3E4B51F11EA9FE8BD58C4F9AE02/E04E9F2AB51F11EA9146DD58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.102.0/23
Signature Algorithm: sha256WithRSAEncryption
79:25:53:27:6c:d3:98:a5:ba:15:c3:5a:07:c4:11:dd:d7:8f:
8f:b9:8d:bf:59:f3:62:3b:7f:74:70:33:8e:bc:d5:58:3e:79:
e9:f3:00:a9:2c:6d:25:ff:cf:97:d9:ed:49:fd:fa:1f:0b:60:
7e:44:b9:21:38:83:70:c1:17:f2:d4:b4:f4:78:df:b1:f3:76:
f9:1c:c7:b8:00:76:12:e6:70:d8:a3:9a:d8:a7:e8:34:fa:3d:
8f:ce:fd:25:f9:d3:3a:7d:48:67:19:3f:61:29:b2:9d:fd:99:
cd:b2:a4:bf:28:80:a9:17:4d:0d:a4:5d:30:06:94:a2:46:3e:
8a:de:77:9e:15:06:07:d2:c6:29:a9:26:a0:64:8b:1e:07:a8:
f5:1f:f6:58:4c:a7:5d:e1:f0:e4:af:09:f5:b7:8a:38:5a:4b:
f0:af:07:46:16:66:63:06:ce:67:ab:98:95:ec:ff:c8:e3:87:
c4:92:d3:db:c7:3a:cd:53:63:b0:3e:6c:90:a8:6d:ed:6f:78:
29:fd:69:7c:dc:85:09:47:79:02:89:ba:59:45:6c:1c:30:b9:
fd:f8:e9:3d:00:8b:77:c9:6d:e0:a7:c7:be:99:c5:42:6d:1e:
11:c9:8c:7e:77:ab:b3:42:9d:7e:19:07:33:9b:f5:5f:5e:9a:
6c:c6:2b:83
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjRDNkIxMTAvBgNVBAUTKEUyNjg3M0I0NUY4OEQxRjVEODgzQzE3RTRDQ0Y3MEEy
NDUxNjIxNDIwHhcNMjIwODMwMTAzODM1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBkZThhYS02ZWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyKKXCWbER3ja3rsHvr1dvjwRzOOyWR+u3iTGgcbw0bH4p7d9zqtWfnJJz/oW
xgl9rLO1g58QZWz3cVWEVkvbN0JfISQYlHSBccGT8PaRPkvJwO7Jv7OqrVQafx/f
KO6dEqf3849t7pJ/G02NrpVdThVFbfCZXkjGp5zDir9l6JqSI9FCucxxx6pHlHUc
m5gNsMnksKWTUdxlygZ300DRHOEKZhA/0hV7hw2QjeD5E/8/83zhPfo9ZL5xWGqM
fcaxnYU2e+aalyzdARCZ53Uo2dAgVM8lkjsFONqVnbKAAveBueDFeEK7/vKnjudu
NCsMbXmNFZTobJi2sAwqOpeFuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAu6g0Wr
gd38vF3mxzc43IgciDa3MB8GA1UdIwQYMBaAFOJoc7RfiNH12IPBfkzPcKJFFiFC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNEM2Qi8yNzhBQTNFNEI1
MUYxMUVBOUZFOEJENThDNEY5QUUwMi80bWh6dEYtSTBmWFlnOEYtVE05d29rVVdJ
VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRtaHp0Ri1JMGZYWWc4Ri1UTTl3b2tVV0lVSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjRDNkIvMjc4QUEzRTRCNTFGMTFFQTlGRThCRDU4QzRGOUFFMDIvRTA0RTlGMkFC
NTFGMTFFQTkxNDZERDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmGYwDQYJKoZIhvcNAQELBQADggEBAHklUyds05iluhXD
WgfEEd3Xj4+5jb9Z82I7f3RwM4681Vg+eenzAKksbSX/z5fZ7Un9+h8LYH5EuSE4
g3DBF/LUtPR437Hzdvkcx7gAdhLmcNijmtin6DT6PY/O/SX50zp9SGcZP2Epsp39
mc2ypL8ogKkXTQ2kXTAGlKJGPored54VBgfSximpJqBkix4HqPUf9lhMp13h8OSv
CfW3ijhaS/CvB0YWZmMGzmermJXs/8jjh8SS09vHOs1TY7A+bJCobe1veCn9aXzc
hQlHeQKJullFbBwwuf346T0Ai3fJbeCnx76ZxUJtHhHJjH53q7NCnX4ZBzOb9V9e
mmzGK4M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org