Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/353D9D5C9DC711EB811E8734C4F9AE02.roa
File: 353D9D5C9DC711EB811E8734C4F9AE02.roa (raw, json)
Hash identifier: QJZcirZqlkdVFRjLJrXNbE+P6Z5G2WxAdgAQNNgPFBU=
Subject key identifier: EE:2D:C2:6C:49:58:77:3D:B3:CA:42:10:35:7A:32:D3:5D:11:61:E5
Certificate issuer: /CN=A91F9665/serialNumber=3058A469B67D03072C2D8A385E9F2AABBA134E2B
Certificate serial: 0411
Authority key identifier: 30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/353D9D5C9DC711EB811E8734C4F9AE02.roa
Signing time: Mon 30 May 2022 12:59:01 +0000
ROA not before: Mon 30 May 2022 12:59:01 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 55933
IP address blocks: 103.226.124.0/22 maxlen: 24
103.242.0.0/22 maxlen: 24
150.129.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1041 (0x411)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F9665/serialNumber=3058A469B67D03072C2D8A385E9F2AABBA134E2B
Validity
Not Before: May 30 12:59:01 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=6294bf95-4ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:30:41:84:c1:22:0c:af:68:5d:f4:48:67:09:
7d:8a:2e:66:85:50:4f:11:ba:3d:42:6c:eb:2d:44:
b7:72:a7:fb:e2:2a:aa:58:71:ce:a5:f8:ea:20:01:
37:de:46:7f:e3:bd:d3:a1:0e:fc:c5:e4:ce:ce:b2:
99:35:e1:7c:93:58:9b:e4:1b:0b:b9:18:7b:d4:86:
7f:b5:59:de:72:9c:5f:b5:bb:0e:91:72:36:a7:42:
4e:39:79:3d:cd:67:48:37:ad:0b:b0:d0:78:ab:d0:
92:aa:11:d8:47:34:bb:cc:6d:90:b9:bf:58:70:80:
2c:45:17:61:cd:d3:cc:95:b0:a2:95:9c:cf:21:13:
12:5a:53:21:00:a4:c6:c4:a3:ed:83:d6:ab:11:ef:
92:35:1e:ed:49:40:43:22:58:9b:c0:cd:4f:bc:44:
a9:00:d0:be:3d:63:3b:95:e2:43:a4:68:ec:52:50:
89:64:3e:7b:db:da:d0:41:92:60:db:d1:b0:da:50:
58:51:fa:be:61:a1:a1:74:41:7f:55:85:e0:6d:62:
b3:15:d2:95:7d:d7:03:2a:cb:70:bb:e8:da:d4:60:
54:a1:86:d6:e2:63:64:45:ab:25:03:fa:23:05:8e:
01:bb:9d:5f:f7:2e:2b:5d:d5:93:cb:62:e0:e5:ac:
4a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2D:C2:6C:49:58:77:3D:B3:CA:42:10:35:7A:32:D3:5D:11:61:E5
X509v3 Authority Key Identifier:
keyid:30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/MFikabZ9AwcsLYo4Xp8qq7oTTis.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/353D9D5C9DC711EB811E8734C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.226.124.0/22
103.242.0.0/22
150.129.80.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:9f:1f:c3:60:31:26:18:c7:95:8a:6b:e6:c6:1f:1d:bc:41:
91:e3:13:d4:33:87:6f:97:86:c0:90:26:51:7c:d3:9e:08:e2:
87:6b:eb:4f:59:69:3f:16:cb:cb:81:00:d6:ce:30:93:f2:b2:
85:72:9f:65:bc:d0:3a:7d:d4:33:8c:5b:a1:47:16:5a:a6:f9:
de:b0:79:d4:07:5e:05:21:7b:a0:5d:39:94:fb:2c:f4:9d:9a:
df:49:99:e3:e5:f5:60:76:cd:2b:c5:2d:49:65:be:3c:40:44:
1e:92:8d:7c:d2:7e:21:fb:97:e7:0d:85:50:0b:3d:38:7c:a8:
e1:22:5e:73:63:de:20:80:f6:80:85:4d:4e:dd:4c:df:1a:08:
14:74:3d:a3:73:93:8c:3d:90:96:4b:7d:ca:b0:50:ff:0d:10:
c2:79:f8:af:65:bd:7b:00:2d:9d:b1:f0:b8:84:d8:31:51:82:
13:96:bf:5f:0f:54:bb:9d:0a:b3:ca:4b:56:be:c0:95:25:a0:
42:78:9b:d5:25:9e:be:a5:0d:0d:ea:2d:c8:d1:19:c3:7a:dc:
5d:14:fb:1e:50:1b:0f:1b:ca:fb:75:59:a2:4a:f5:40:4e:1f:
93:5e:d1:61:b9:a6:31:66:9d:f0:35:2f:e3:4a:7e:f1:95:3f:
6d:9a:2e:b0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjk2NjUxMTAvBgNVBAUTKDMwNThBNDY5QjY3RDAzMDcyQzJEOEEzODVFOUYyQUFC
QkExMzRFMkIwHhcNMjIwNTMwMTI1OTAxWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk0YmY5NS00YWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArjBBhMEiDK9oXfRIZwl9ii5mhVBPEbo9QmzrLUS3cqf74iqqWHHOpfjqIAE3
3kZ/473ToQ78xeTOzrKZNeF8k1ib5BsLuRh71IZ/tVnecpxftbsOkXI2p0JOOXk9
zWdIN60LsNB4q9CSqhHYRzS7zG2Qub9YcIAsRRdhzdPMlbCilZzPIRMSWlMhAKTG
xKPtg9arEe+SNR7tSUBDIlibwM1PvESpANC+PWM7leJDpGjsUlCJZD5729rQQZJg
29Gw2lBYUfq+YaGhdEF/VYXgbWKzFdKVfdcDKstwu+ja1GBUoYbW4mNkRaslA/oj
BY4Bu51f9y4rXdWTy2Lg5axKuwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFO4twmxJ
WHc9s8pCEDV6MtNdEWHlMB8GA1UdIwQYMBaAFDBYpGm2fQMHLC2KOF6fKqu6E04r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTY2NS82RDBEMTJCODRC
RjUxMUVCQkQ4M0I4N0JDNEY5QUUwMi9NRmlrYWJaOUF3Y3NMWW80WHA4cXE3b1RU
aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01GaWthYlo5QXdjc0xZbzRYcDhxcTdvVFRpcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjk2NjUvNkQwRDEyQjg0QkY1MTFFQkJEODNCODdCQzRGOUFFMDIvMzUzRDlENUM5
REM3MTFFQjgxMUU4NzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJn4nwDBAJn8gADBAKWgVAwDQYJKoZIhvcNAQELBQADggEB
AEufH8NgMSYYx5WKa+bGHx28QZHjE9Qzh2+XhsCQJlF8054I4odr609ZaT8Wy8uB
ANbOMJPysoVyn2W80Dp91DOMW6FHFlqm+d6wedQHXgUhe6BdOZT7LPSdmt9JmePl
9WB2zSvFLUllvjxARB6SjXzSfiH7l+cNhVALPTh8qOEiXnNj3iCA9oCFTU7dTN8a
CBR0PaNzk4w9kJZLfcqwUP8NEMJ5+K9lvXsALZ2x8LiE2DFRghOWv18PVLudCrPK
S1a+wJUloEJ4m9Ulnr6lDQ3qLcjRGcN63F0U+x5QGw8byvt1WaJK9UBOH5Ne0WG5
pjFmnfA1L+NKfvGVP22aLrA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:39 2024 by rpki-client on console-ams.rpki-client.org