Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/0225F0E45DDF11EC87232C0EC4F9AE02.roa
File: 0225F0E45DDF11EC87232C0EC4F9AE02.roa (raw, json)
Hash identifier: XyqzBgCR7gqaX4JwWJK8WAPhE4SJW/yV1girhj9U1yU=
Subject key identifier: 50:3F:79:3C:E5:32:FE:4C:C3:E8:58:52:2B:3B:E1:C2:65:7A:58:F6
Certificate issuer: /CN=A91FF428/serialNumber=BE852A8B3B7EA5C5AC5A52AACB852A01A4CDD082
Certificate serial: 04
Authority key identifier: BE:85:2A:8B:3B:7E:A5:C5:AC:5A:52:AA:CB:85:2A:01:A4:CD:D0:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/voUqizt-pcWsWlKqy4UqAaTN0II.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/0225F0E45DDF11EC87232C0EC4F9AE02.roa
Signing time: Wed 15 Dec 2021 19:41:34 +0000
ROA not before: Wed 15 Dec 2021 19:41:34 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 149289
IP address blocks: 103.178.26.0/24 maxlen: 24
103.178.27.0/24 maxlen: 24
2001:df0:31c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF428/serialNumber=BE852A8B3B7EA5C5AC5A52AACB852A01A4CDD082
Validity
Not Before: Dec 15 19:41:34 2021 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61ba44ee-582a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9d:c0:2d:1a:74:86:ed:7e:17:be:24:ff:d5:
31:21:a7:ee:f6:92:e6:42:c4:91:97:7d:75:db:e4:
33:c1:e4:45:5b:3a:36:83:34:a9:29:81:9f:ff:0d:
45:1d:a1:40:80:9a:1e:ff:b2:2c:b0:64:21:0b:51:
d0:df:de:35:fb:14:06:2d:9c:44:c7:7c:65:bd:b9:
32:d4:f5:ab:45:9b:b3:f1:0b:1e:c0:a8:10:8b:b7:
10:70:44:98:96:c1:d2:64:65:4b:1b:e5:20:7f:0e:
38:4c:4b:c0:cf:e5:3a:64:4c:11:fd:0c:51:ab:b1:
c4:30:87:2a:b0:1f:05:3b:10:1e:b8:a4:26:66:49:
94:82:f6:47:0d:44:9a:91:aa:d5:ef:9f:04:bc:e2:
06:fc:fc:da:8e:ea:27:51:8d:19:f9:1e:56:a4:a1:
94:28:74:58:cc:58:8a:43:a1:36:a4:48:05:71:8e:
bf:73:9a:d4:5a:90:26:fa:4c:aa:2c:9f:3c:e7:8f:
0e:9a:61:d4:65:ad:16:01:ab:73:33:7f:83:41:46:
8f:48:3b:be:bf:10:3b:63:59:5b:5f:52:e2:2c:cd:
7f:60:25:00:75:bf:ef:29:d5:50:e0:af:82:9b:98:
5e:11:29:bf:8e:8a:e4:05:89:e0:5a:61:42:49:a3:
be:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3F:79:3C:E5:32:FE:4C:C3:E8:58:52:2B:3B:E1:C2:65:7A:58:F6
X509v3 Authority Key Identifier:
keyid:BE:85:2A:8B:3B:7E:A5:C5:AC:5A:52:AA:CB:85:2A:01:A4:CD:D0:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/voUqizt-pcWsWlKqy4UqAaTN0II.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/voUqizt-pcWsWlKqy4UqAaTN0II.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/0225F0E45DDF11EC87232C0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.26.0/23
IPv6:
2001:df0:31c0::/48
Signature Algorithm: sha256WithRSAEncryption
5f:a5:a4:c3:cb:44:91:6d:03:57:df:c4:fa:2a:a4:57:26:ab:
15:cf:7c:8b:e0:59:c9:92:94:69:c0:27:e8:cf:4b:3b:7f:29:
7f:21:0d:90:b1:c3:9d:4f:9c:85:bf:8a:d8:d8:38:51:04:fc:
f3:a3:9e:c0:eb:a7:4f:cf:ce:41:14:0d:e4:a0:57:90:74:63:
ab:9f:5f:ab:78:9d:16:0c:d9:8a:ff:5c:fa:24:0c:11:c7:da:
29:68:03:01:60:a6:78:96:d3:c2:49:22:80:be:c0:0c:f6:77:
60:0b:bf:45:01:4d:d6:15:08:cb:dc:cf:74:87:0e:00:95:2d:
32:a9:ec:cb:61:bf:2c:69:c7:73:94:3d:d4:f2:6e:89:c7:79:
28:b8:de:06:12:97:39:1d:32:38:17:89:d6:96:57:f1:28:a2:
d6:64:13:75:0f:67:02:e7:57:91:af:fc:e3:c5:18:bf:48:7d:
f3:6a:dd:49:04:20:8d:87:0c:72:a2:2f:6b:8d:d7:a8:4f:ff:
73:9b:2b:17:c8:eb:ea:74:b2:8d:f8:94:bd:5f:a7:be:06:fb:
38:97:de:e2:7d:80:c5:93:21:a2:d2:74:d3:a5:ec:fe:66:16:
1e:e8:e1:65:a9:49:68:c6:be:3d:fe:29:2a:32:6b:df:a8:35:
2b:c6:22:91
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RjQyODExMC8GA1UEBRMoQkU4NTJBOEIzQjdFQTVDNUFDNUE1MkFBQ0I4NTJBMDFB
NENERDA4MjAeFw0yMTEyMTUxOTQxMzRaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYmE0NGVlLTU4MmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDqncAtGnSG7X4XviT/1TEhp+72kuZCxJGXfXXb5DPB5EVbOjaDNKkpgZ//DUUd
oUCAmh7/siywZCELUdDf3jX7FAYtnETHfGW9uTLU9atFm7PxCx7AqBCLtxBwRJiW
wdJkZUsb5SB/DjhMS8DP5TpkTBH9DFGrscQwhyqwHwU7EB64pCZmSZSC9kcNRJqR
qtXvnwS84gb8/NqO6idRjRn5HlakoZQodFjMWIpDoTakSAVxjr9zmtRakCb6TKos
nzznjw6aYdRlrRYBq3Mzf4NBRo9IO76/EDtjWVtfUuIszX9gJQB1v+8p1VDgr4Kb
mF4RKb+OiuQFieBaYUJJo76RAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUUD95POUy
/kzD6FhSKzvhwmV6WPYwHwYDVR0jBBgwFoAUvoUqizt+pcWsWlKqy4UqAaTN0IIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZGNDI4LzM1RUIxMzQ4NURE
ODExRUNCOUI0RDYzMEM0RjlBRTAyL3ZvVXFpenQtcGNXc1dsS3F5NFVxQWFUTjBJ
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdm9VcWl6dC1wY1dzV2xLcXk0VXFBYVROMElJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RjQyOC8zNUVCMTM0ODVERDgxMUVDQjlCNEQ2MzBDNEY5QUUwMi8wMjI1RjBFNDVE
REYxMUVDODcyMzJDMEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWeyGjAPBAIAAjAJAwcAIAEN8DHAMA0GCSqGSIb3DQEBCwUA
A4IBAQBfpaTDy0SRbQNX38T6KqRXJqsVz3yL4FnJkpRpwCfoz0s7fyl/IQ2QscOd
T5yFv4rY2DhRBPzzo57A66dPz85BFA3koFeQdGOrn1+reJ0WDNmK/1z6JAwRx9op
aAMBYKZ4ltPCSSKAvsAM9ndgC79FAU3WFQjL3M90hw4AlS0yqezLYb8sacdzlD3U
8m6Jx3kouN4GEpc5HTI4F4nWllfxKKLWZBN1D2cC51eRr/zjxRi/SH3zat1JBCCN
hwxyoi9rjdeoT/9zmysXyOvqdLKN+JS9X6e+Bvs4l97ifYDFkyGi0nTTpez+ZhYe
6OFlqUloxr49/ikqMmvfqDUrxiKR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org