Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A445C/5A8AD0880B1811E3B637C6795911EA32/4615B0B8FFEE11EB93712E74C4F9AE02.roa
File: 4615B0B8FFEE11EB93712E74C4F9AE02.roa (raw, json)
Hash identifier: jgMcEx0RsBc6NVUcuSfepJARYORG8ZUoM6xMMYzqznE=
Subject key identifier: C8:CA:D4:9A:09:13:22:56:88:A0:A3:3E:CA:D3:AF:1F:F3:CD:EA:E9
Certificate issuer: /CN=A91A445C/serialNumber=C0F7D8D6D54163765FF6F3E2FB337FCFE1507219
Certificate serial: 2AC3
Authority key identifier: C0:F7:D8:D6:D5:41:63:76:5F:F6:F3:E2:FB:33:7F:CF:E1:50:72:19
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wPfY1tVBY3Zf9vPi-zN_z-FQchk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A445C/5A8AD0880B1811E3B637C6795911EA32/4615B0B8FFEE11EB93712E74C4F9AE02.roa
Signing time: Sun 29 Aug 2021 00:01:46 +0000
ROA not before: Sun 29 Aug 2021 00:01:46 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 133382
IP address blocks: 103.79.108.0/24 maxlen: 24
103.79.109.0/24 maxlen: 24
103.241.6.0/24 maxlen: 24
103.241.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10947 (0x2ac3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A445C/serialNumber=C0F7D8D6D54163765FF6F3E2FB337FCFE1507219
Validity
Not Before: Aug 29 00:01:46 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=612ace69-afdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:76:8c:2f:19:5d:ef:67:cc:ad:e4:20:65:
ae:77:a8:2a:bb:95:c3:80:27:40:9f:97:cc:dd:09:
0d:70:97:e9:da:bc:89:89:10:fd:ab:4f:57:3c:68:
a7:cb:b6:89:1f:86:bf:67:ea:df:d7:c3:f6:f1:0a:
4d:40:b2:52:7d:92:de:3c:59:9a:72:ee:81:24:a8:
24:77:ce:76:fa:e4:fb:f6:cc:f5:94:66:b4:18:47:
3a:cb:28:23:40:94:1b:a9:08:c0:9e:cd:4b:31:c2:
5f:3d:84:4e:56:68:fa:c2:4c:a5:a0:93:18:8c:a4:
1d:db:84:ec:81:e2:f6:fc:7c:2d:85:b2:df:be:b2:
e5:ef:8e:0b:02:62:aa:1f:88:3f:52:5d:54:5e:cc:
39:cc:51:58:1c:e2:24:f7:6c:96:e6:67:69:d1:0a:
d8:1e:00:2f:ad:05:5a:0c:8f:f2:22:6a:34:f2:c3:
70:ba:25:6d:2f:65:32:43:f1:4c:93:9d:d4:63:49:
73:94:d2:67:c9:52:f1:71:7e:fd:ab:00:4a:21:4b:
c2:02:5f:af:54:e2:4a:b1:ef:3e:70:88:c6:99:c3:
8f:cb:2a:f3:1a:8e:78:93:6f:fc:f0:3f:a5:fc:16:
4f:38:40:df:07:d6:a3:82:1e:a0:ad:19:c6:f0:88:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CA:D4:9A:09:13:22:56:88:A0:A3:3E:CA:D3:AF:1F:F3:CD:EA:E9
X509v3 Authority Key Identifier:
keyid:C0:F7:D8:D6:D5:41:63:76:5F:F6:F3:E2:FB:33:7F:CF:E1:50:72:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A445C/5A8AD0880B1811E3B637C6795911EA32/wPfY1tVBY3Zf9vPi-zN_z-FQchk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wPfY1tVBY3Zf9vPi-zN_z-FQchk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A445C/5A8AD0880B1811E3B637C6795911EA32/4615B0B8FFEE11EB93712E74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.108.0/23
103.241.6.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:bf:fb:30:cd:a4:c1:88:f6:c1:05:4a:ce:2e:e2:89:92:9e:
8b:6f:a7:03:d4:cf:f4:53:02:ee:64:d7:de:49:74:06:0d:31:
04:38:bb:ec:6c:22:17:8b:37:a3:2b:6b:4c:6c:9d:fc:d5:b0:
64:ed:32:62:52:4d:b7:9f:2c:9b:e7:29:d9:86:ef:ca:ec:9f:
e4:8a:2d:04:98:b1:19:91:8f:03:73:85:66:69:97:b0:0a:5a:
84:72:20:2e:43:2e:bb:52:47:b9:30:08:df:34:69:69:d3:db:
13:b8:ea:bd:a3:3d:a1:c3:bd:ba:83:41:e4:e4:fa:e3:ee:52:
69:7c:fe:d7:87:01:10:fd:63:38:f8:69:5c:d1:3b:8d:84:af:
be:f1:ad:1d:64:85:6d:6d:8e:55:7c:04:53:95:99:a3:d9:c4:
80:4e:67:f9:ea:34:13:76:46:4a:7c:db:71:a2:77:46:e0:76:
c7:ba:fd:2a:f0:35:84:5c:53:6b:d0:81:ed:8a:08:51:c0:af:
5a:72:62:3f:1e:dc:1e:9b:7c:51:3e:e9:30:80:b8:3b:08:6f:
06:24:e6:50:4d:41:9e:22:db:b5:62:36:8b:7f:a2:a0:c7:e6:
6a:9a:11:ff:14:fc:ac:52:ec:f3:6f:87:44:42:97:89:29:64:
90:35:30:33
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICKsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0NUMxMTAvBgNVBAUTKEMwRjdEOEQ2RDU0MTYzNzY1RkY2RjNFMkZCMzM3RkNG
RTE1MDcyMTkwHhcNMjEwODI5MDAwMTQ2WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTJhY2U2OS1hZmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs9F2jC8ZXe9nzK3kIGWud6gqu5XDgCdAn5fM3QkNcJfp2ryJiRD9q09XPGin
y7aJH4a/Z+rf18P28QpNQLJSfZLePFmacu6BJKgkd852+uT79sz1lGa0GEc6yygj
QJQbqQjAns1LMcJfPYROVmj6wkyloJMYjKQd24TsgeL2/HwthbLfvrLl744LAmKq
H4g/Ul1UXsw5zFFYHOIk92yW5mdp0QrYHgAvrQVaDI/yImo08sNwuiVtL2UyQ/FM
k53UY0lzlNJnyVLxcX79qwBKIUvCAl+vVOJKse8+cIjGmcOPyyrzGo54k2/88D+l
/BZPOEDfB9ajgh6grRnG8IhZbwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMjK1JoJ
EyJWiKCjPsrTrx/zzerpMB8GA1UdIwQYMBaAFMD32NbVQWN2X/bz4vszf8/hUHIZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQ1Qy81QThBRDA4ODBC
MTgxMUUzQjYzN0M2Nzk1OTExRUEzMi93UGZZMXRWQlkzWmY5dlBpLXpOX3otRlFj
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dQZlkxdFZCWTNaZjl2UGktek5fei1GUWNoay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0NUMvNUE4QUQwODgwQjE4MTFFM0I2MzdDNjc5NTkxMUVBMzIvNDYxNUIwQjhG
RkVFMTFFQjkzNzEyRTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnT2wDBAFn8QYwDQYJKoZIhvcNAQELBQADggEBALy/+zDN
pMGI9sEFSs4u4omSnotvpwPUz/RTAu5k195JdAYNMQQ4u+xsIheLN6Mra0xsnfzV
sGTtMmJSTbefLJvnKdmG78rsn+SKLQSYsRmRjwNzhWZpl7AKWoRyIC5DLrtSR7kw
CN80aWnT2xO46r2jPaHDvbqDQeTk+uPuUml8/teHARD9Yzj4aVzRO42Er77xrR1k
hW1tjlV8BFOVmaPZxIBOZ/nqNBN2Rkp823Gid0bgdse6/SrwNYRcU2vQge2KCFHA
r1pyYj8e3B6bfFE+6TCAuDsIbwYk5lBNQZ4i27ViNot/oqDH5mqaEf8U/KxS7PNv
h0RCl4kpZJA1MDM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org