Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/52D82696610411EDBAD5280FC4F9AE02.roa
File: 52D82696610411EDBAD5280FC4F9AE02.roa (raw, json)
Hash identifier: HxSmmxAE7DQfxJNC3kGq/6VVhJIMLfXdES0OCOzWYKA=
Subject key identifier: 8C:44:FA:BD:88:AF:04:FA:4E:F5:FE:BE:3A:1E:6B:E3:F1:23:71:97
Certificate issuer: /CN=A91FE75F/serialNumber=4D14E1AF22F53B22F56DEF02EB72EA5DD6BE77E2
Certificate serial: B3
Authority key identifier: 4D:14:E1:AF:22:F5:3B:22:F5:6D:EF:02:EB:72:EA:5D:D6:BE:77:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRThryL1OyL1be8C63LqXda-d-I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/52D82696610411EDBAD5280FC4F9AE02.roa
Signing time: Thu 10 Nov 2022 14:31:12 +0000
ROA not before: Thu 10 Nov 2022 14:31:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141778
IP address blocks: 103.163.255.0/24 maxlen: 24
2001:df6:3580::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179 (0xb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE75F/serialNumber=4D14E1AF22F53B22F56DEF02EB72EA5DD6BE77E2
Validity
Not Before: Nov 10 14:31:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=636d0b2f-9760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:49:25:cf:09:c8:d5:9a:18:ad:21:26:c5:94:
5c:b7:f3:b7:e8:38:f9:ed:5b:d7:4d:f3:ab:cc:62:
cc:08:72:ce:7d:d4:ab:8a:fb:62:a0:b3:d3:63:3d:
80:82:12:61:08:a2:dd:d0:d9:d4:0e:5b:e3:02:84:
1c:02:5b:10:d7:fd:ae:df:3d:6c:34:c4:1a:27:d1:
23:b1:8e:69:6c:ff:c4:f8:12:76:41:0c:7e:5b:dd:
a5:a2:1b:a4:f2:98:56:9d:37:d4:ae:b5:ea:63:08:
ba:a2:b8:82:a9:19:67:c2:e4:e4:21:c7:ab:40:7d:
86:3b:04:9e:8b:67:6d:03:18:27:61:e2:25:09:af:
51:b4:19:99:65:c0:9a:04:0a:55:f3:25:db:8f:d0:
b7:77:5d:52:d1:cf:57:ce:34:9d:6e:1a:51:de:f5:
de:84:1f:72:78:2a:50:e8:69:7d:7d:34:c5:f2:96:
2d:d7:90:49:c4:10:49:bf:7d:3f:9a:d6:fe:e7:61:
6f:17:c0:97:56:2d:80:08:48:a9:17:c6:c4:2b:f9:
9d:e1:66:74:5e:3c:44:e8:81:d4:71:24:da:a4:84:
f0:86:d2:c3:26:b0:7c:e8:66:2f:55:27:e9:8f:e1:
5a:03:f8:4b:37:a8:1d:c2:d0:1f:9e:24:bf:83:13:
af:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:44:FA:BD:88:AF:04:FA:4E:F5:FE:BE:3A:1E:6B:E3:F1:23:71:97
X509v3 Authority Key Identifier:
keyid:4D:14:E1:AF:22:F5:3B:22:F5:6D:EF:02:EB:72:EA:5D:D6:BE:77:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/TRThryL1OyL1be8C63LqXda-d-I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRThryL1OyL1be8C63LqXda-d-I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE75F/AB9EB8CAA9F511EB8A492254C4F9AE02/52D82696610411EDBAD5280FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.255.0/24
IPv6:
2001:df6:3580::/48
Signature Algorithm: sha256WithRSAEncryption
24:48:93:c5:03:5d:ca:1f:81:2c:6c:d5:18:02:8a:97:03:f0:
5c:6b:bf:53:a0:94:18:3c:a8:fc:87:07:e2:57:da:02:f9:0a:
5f:7e:64:64:2b:cc:b4:2f:89:5e:4a:c8:b1:5c:f9:85:55:bc:
71:fb:fa:df:4b:5c:36:c5:b8:4d:0a:37:b8:f6:cb:59:ea:e5:
ef:73:87:74:ae:f6:cc:56:73:f1:fb:0f:b3:86:c0:85:0a:ff:
d7:02:ba:65:48:5c:17:c6:c2:ac:44:69:ac:48:6c:30:8d:9e:
9b:9e:80:a6:9e:e3:3b:70:05:4b:6a:b4:2e:28:f1:30:21:f5:
f7:f0:fc:e7:3e:0c:97:2c:aa:ef:fe:ab:4f:43:fa:3a:56:db:
be:45:30:4c:a4:1e:ad:f9:e5:30:67:5f:95:1b:e3:91:bd:24:
91:a0:9f:a1:07:49:f1:84:5d:76:82:79:eb:2e:90:da:a6:e7:
dd:c3:71:45:2e:f6:01:e1:ea:80:87:f7:6b:a1:38:8d:04:34:
41:c8:a6:26:60:3b:e7:99:20:49:7c:94:a7:e9:b5:2a:09:e4:
63:c6:b1:f2:52:1a:1a:0d:65:8d:eb:87:58:a5:0a:af:b9:56:
f2:f1:3a:e6:41:36:17:a2:02:c7:4f:a3:05:7b:43:57:12:c8:
fb:62:17:5d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICALMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU3NUYxMTAvBgNVBAUTKDREMTRFMUFGMjJGNTNCMjJGNTZERUYwMkVCNzJFQTVE
RDZCRTc3RTIwHhcNMjIxMTEwMTQzMTEyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZkMGIyZi05NzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtEklzwnI1ZoYrSEmxZRct/O36Dj57VvXTfOrzGLMCHLOfdSrivtioLPTYz2A
ghJhCKLd0NnUDlvjAoQcAlsQ1/2u3z1sNMQaJ9EjsY5pbP/E+BJ2QQx+W92lohuk
8phWnTfUrrXqYwi6oriCqRlnwuTkIcerQH2GOwSei2dtAxgnYeIlCa9RtBmZZcCa
BApV8yXbj9C3d11S0c9XzjSdbhpR3vXehB9yeCpQ6Gl9fTTF8pYt15BJxBBJv30/
mtb+52FvF8CXVi2ACEipF8bEK/md4WZ0XjxE6IHUcSTapITwhtLDJrB86GYvVSfp
j+FaA/hLN6gdwtAfniS/gxOvKwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIxE+r2I
rwT6TvX+vjoea+PxI3GXMB8GA1UdIwQYMBaAFE0U4a8i9Tsi9W3vAuty6l3Wvnfi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTc1Ri9BQjlFQjhDQUE5
RjUxMUVCOEE0OTIyNTRDNEY5QUUwMi9UUlRocnlMMU95TDFiZThDNjNMcVhkYS1k
LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RSVGhyeUwxT3lMMWJlOEM2M0xxWGRhLWQtSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU3NUYvQUI5RUI4Q0FBOUY1MTFFQjhBNDkyMjU0QzRGOUFFMDIvNTJEODI2OTY2
MTA0MTFFREJBRDUyODBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABno/8wDwQCAAIwCQMHACABDfY1gDANBgkqhkiG9w0BAQsF
AAOCAQEAJEiTxQNdyh+BLGzVGAKKlwPwXGu/U6CUGDyo/IcH4lfaAvkKX35kZCvM
tC+JXkrIsVz5hVW8cfv630tcNsW4TQo3uPbLWerl73OHdK72zFZz8fsPs4bAhQr/
1wK6ZUhcF8bCrERprEhsMI2em56App7jO3AFS2q0LijxMCH19/D85z4Mlyyq7/6r
T0P6OlbbvkUwTKQerfnlMGdflRvjkb0kkaCfoQdJ8YRddoJ56y6Q2qbn3cNxRS72
AeHqgIf3a6E4jQQ0QcimJmA755kgSXyUp+m1KgnkY8ax8lIaGg1ljeuHWKUKr7lW
8vE65kE2F6ICx0+jBXtDVxLI+2IXXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org