Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/CA506240965D11ED981C5379C4F9AE02.roa
File: CA506240965D11ED981C5379C4F9AE02.roa (raw, json)
Hash identifier: YwPjSYFEtFjjD76HiqWeNWC4nZqqD3DfelpZjIkIoS0=
Subject key identifier: A0:6C:AE:05:76:C7:4E:32:DA:C0:4F:2A:63:1A:48:3E:56:5A:5B:7C
Certificate issuer: /CN=A91230B8/serialNumber=FBBAB690ADFE10EF434B718954F17387D6384668
Certificate serial: 02
Authority key identifier: FB:BA:B6:90:AD:FE:10:EF:43:4B:71:89:54:F1:73:87:D6:38:46:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7q2kK3-EO9DS3GJVPFzh9Y4Rmg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/CA506240965D11ED981C5379C4F9AE02.roa
Signing time: Tue 17 Jan 2023 11:55:09 +0000
ROA not before: Tue 17 Jan 2023 11:55:09 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150715
IP address blocks: 103.66.230.0/23 maxlen: 23
103.66.230.0/24 maxlen: 24
103.66.231.0/24 maxlen: 24
2001:df1:ce40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91230B8/serialNumber=FBBAB690ADFE10EF434B718954F17387D6384668
Validity
Not Before: Jan 17 11:55:09 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63c68c9d-6448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:aa:3f:7d:4e:c5:48:89:b2:3a:38:54:8f:1b:
98:83:20:67:a6:f7:53:00:ef:ac:89:dc:fd:fe:59:
a0:dd:0e:c7:49:9a:5c:8d:ba:d4:b4:fd:65:a3:87:
b8:e6:73:49:d6:06:b3:ba:4e:73:f4:93:0b:ed:93:
09:2f:83:9e:69:cb:66:2e:7c:43:78:3d:4f:3a:66:
f3:bd:9f:ff:c7:57:87:e8:db:06:01:da:37:9e:94:
02:21:b6:2b:cb:bd:b5:1f:2b:65:18:d9:45:3a:25:
5c:57:d4:d4:ac:70:c3:c5:e6:41:d5:fe:94:c5:1e:
b4:99:61:44:58:13:cc:9b:49:ce:d9:7d:78:8f:d9:
66:11:88:3f:34:73:4f:ed:7f:2e:58:03:76:6c:06:
5e:d5:58:99:f4:e9:22:91:bc:8b:57:c3:43:da:49:
ff:b8:bb:94:92:55:48:f1:5f:c6:03:e9:68:36:30:
44:c5:51:88:26:0f:ef:ea:23:b4:19:b1:fb:09:fc:
e6:57:e8:b3:d7:a7:7b:00:cf:db:1d:4a:77:06:fa:
5c:b8:bf:a9:8a:71:ae:5a:a4:1f:49:24:32:b6:f8:
ca:34:eb:53:dd:ab:d9:b1:71:d5:83:25:c9:28:0b:
fb:c9:15:37:de:7a:6d:93:03:62:a8:67:1b:e4:68:
4e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6C:AE:05:76:C7:4E:32:DA:C0:4F:2A:63:1A:48:3E:56:5A:5B:7C
X509v3 Authority Key Identifier:
keyid:FB:BA:B6:90:AD:FE:10:EF:43:4B:71:89:54:F1:73:87:D6:38:46:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/-7q2kK3-EO9DS3GJVPFzh9Y4Rmg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7q2kK3-EO9DS3GJVPFzh9Y4Rmg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/CA506240965D11ED981C5379C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.230.0/23
IPv6:
2001:df1:ce40::/48
Signature Algorithm: sha256WithRSAEncryption
36:4e:ba:b7:89:a8:36:bd:4d:d5:d6:34:51:80:27:0c:13:9e:
0e:9d:3b:57:f7:9a:8e:f2:64:b8:56:9d:26:bc:f0:26:3e:e1:
9b:d6:dd:e8:97:80:86:53:b2:58:d5:fd:9e:9f:5f:a8:57:94:
ca:6c:ae:2b:95:38:3f:13:2c:19:7b:15:c2:13:2b:bc:8a:d8:
0a:ba:c5:96:ef:96:dd:f1:4d:3b:12:22:e8:15:27:78:56:5d:
c7:7d:a3:24:1f:57:f8:23:ef:92:6b:d0:45:06:21:da:9d:d9:
79:1f:a3:14:ea:86:01:d1:1e:7b:4c:82:06:f5:86:06:f1:03:
2c:de:6e:81:69:6f:5d:87:91:d0:63:73:77:a9:3d:7b:2b:31:
ee:c3:68:01:94:ac:a5:ec:61:63:b0:13:dd:0e:d7:52:82:7f:
d1:b0:43:3b:8c:cc:0b:13:c3:ca:fd:6f:9d:7f:17:71:3b:bf:
4c:5c:a0:d3:96:8c:e0:11:1b:71:de:85:88:2c:ff:c1:09:90:
e5:61:69:c6:1c:ac:eb:b2:51:0a:59:b1:20:0e:7b:8c:98:79:
cf:39:c9:d2:04:16:93:ac:ba:49:93:38:7b:e2:38:2e:d7:a7:
9e:6c:6f:62:d0:19:df:e0:6a:56:9b:0e:1d:b1:7c:9f:78:31:
56:dc:3e:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MzBCODExMC8GA1UEBRMoRkJCQUI2OTBBREZFMTBFRjQzNEI3MTg5NTRGMTczODdE
NjM4NDY2ODAeFw0yMzAxMTcxMTU1MDlaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYzY4YzlkLTY0NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmqj99TsVIibI6OFSPG5iDIGem91MA76yJ3P3+WaDdDsdJmlyNutS0/WWjh7jm
c0nWBrO6TnP0kwvtkwkvg55py2YufEN4PU86ZvO9n//HV4fo2wYB2jeelAIhtivL
vbUfK2UY2UU6JVxX1NSscMPF5kHV/pTFHrSZYURYE8ybSc7ZfXiP2WYRiD80c0/t
fy5YA3ZsBl7VWJn06SKRvItXw0PaSf+4u5SSVUjxX8YD6Wg2METFUYgmD+/qI7QZ
sfsJ/OZX6LPXp3sAz9sdSncG+ly4v6mKca5apB9JJDK2+Mo061Pdq9mxcdWDJcko
C/vJFTfeem2TA2KoZxvkaE6ZAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUoGyuBXbH
TjLawE8qYxpIPlZaW3wwHwYDVR0jBBgwFoAU+7q2kK3+EO9DS3GJVPFzh9Y4Rmgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIzMEI4L0YxRjg5MEYwOTY1
OTExRUQ4Q0M3OEE2MEM0RjlBRTAyLy03cTJrSzMtRU85RFMzR0pWUEZ6aDlZNFJt
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvLTdxMmtLMy1FTzlEUzNHSlZQRnpoOVk0Um1nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MzBCOC9GMUY4OTBGMDk2NTkxMUVEOENDNzhBNjBDNEY5QUUwMi9DQTUwNjI0MDk2
NUQxMUVEOTgxQzUzNzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdC5jAPBAIAAjAJAwcAIAEN8c5AMA0GCSqGSIb3DQEBCwUA
A4IBAQA2Trq3iag2vU3V1jRRgCcME54OnTtX95qO8mS4Vp0mvPAmPuGb1t3ol4CG
U7JY1f2en1+oV5TKbK4rlTg/EywZexXCEyu8itgKusWW75bd8U07EiLoFSd4Vl3H
faMkH1f4I++Sa9BFBiHandl5H6MU6oYB0R57TIIG9YYG8QMs3m6BaW9dh5HQY3N3
qT17KzHuw2gBlKyl7GFjsBPdDtdSgn/RsEM7jMwLE8PK/W+dfxdxO79MXKDTlozg
ERtx3oWILP/BCZDlYWnGHKzrslEKWbEgDnuMmHnPOcnSBBaTrLpJkzh74jgu16ee
bG9i0Bnf4GpWmw4dsXyfeDFW3D6C
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org