Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/72A3AB50B97C11ED9D0D0154C4F9AE02.roa
File: 72A3AB50B97C11ED9D0D0154C4F9AE02.roa (raw, json)
Hash identifier: /sD53YXUgew+zIB/r/QgG8yPZMnm9GoISL9HkRNbKWo=
Subject key identifier: FB:89:AC:A9:A4:7C:D7:88:79:A1:96:EB:8D:6B:59:8D:F7:B0:D1:9D
Certificate issuer: /CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
Certificate serial: 04C1
Authority key identifier: AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/72A3AB50B97C11ED9D0D0154C4F9AE02.roa
Signing time: Fri 03 Mar 2023 04:32:47 +0000
ROA not before: Fri 03 Mar 2023 04:32:47 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 133441
IP address blocks: 103.151.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1217 (0x4c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
Validity
Not Before: Mar 3 04:32:47 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6401786f-e6a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:c8:bd:2c:0e:c9:07:77:d5:d5:71:58:86:
50:16:76:af:d6:cb:75:ed:af:70:f9:c6:83:8b:f2:
ea:dd:80:e1:87:57:af:40:43:05:14:f4:6c:6f:22:
8a:a0:7d:c0:4b:27:1e:0b:76:1c:91:4c:85:45:e5:
cb:17:06:34:e4:ec:64:05:be:e2:b4:a1:15:32:fe:
31:a5:e2:7d:15:0f:8e:c8:89:11:00:da:f1:f1:78:
67:ce:10:d9:4b:34:8f:ef:17:98:a2:d3:09:18:48:
51:0d:a1:6b:21:90:f7:1c:91:2f:17:83:0b:33:fa:
5a:ab:2a:0c:4b:5d:9a:13:63:d7:3d:a1:6b:a6:c9:
1a:0b:71:4e:0b:a1:60:15:b7:06:0b:99:17:0b:df:
ac:6f:12:cb:dc:85:c0:1a:1e:5a:ae:25:a7:3b:a8:
94:1e:7a:69:3b:3e:54:43:72:cb:8b:57:94:02:38:
56:ca:5d:3b:3c:a6:02:2f:30:38:0d:4c:53:78:5c:
66:67:ad:63:f3:b5:fa:cd:dd:af:96:82:a4:1b:88:
7b:d0:85:8c:40:6c:0e:da:98:7b:b8:2e:25:8b:61:
7f:2d:bf:34:4c:26:92:bc:b8:e3:16:93:33:9c:cb:
37:38:f8:1f:bd:6c:7a:08:a5:a6:50:a0:51:85:82:
ff:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:89:AC:A9:A4:7C:D7:88:79:A1:96:EB:8D:6B:59:8D:F7:B0:D1:9D
X509v3 Authority Key Identifier:
keyid:AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/qq7HHKNN7wjYjud72RwVcXXMPAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/72A3AB50B97C11ED9D0D0154C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.4.0/24
Signature Algorithm: sha256WithRSAEncryption
20:75:98:b2:84:df:47:42:9e:a8:30:31:00:53:e1:12:35:47:
a3:c8:b9:ff:6b:7f:50:f7:d3:cc:ab:b6:11:c7:41:0b:70:0e:
e8:25:95:fa:7f:c3:ff:ee:33:1b:96:c1:0a:1b:10:e5:cb:93:
af:f4:5a:a1:f3:13:cd:55:d2:e8:b2:c8:13:d3:70:3f:24:80:
90:cd:04:7c:d5:84:58:ff:1a:92:e5:f4:cc:7f:ad:fe:3e:82:
ba:5c:b2:a9:a3:df:4d:88:6b:84:d4:f1:04:04:79:75:22:34:
bb:59:c0:45:2d:93:93:52:3b:85:84:d1:2d:31:c2:d8:e6:af:
01:2e:ac:1d:78:49:d2:e8:43:cd:35:7e:5f:78:5e:5b:0a:b9:
93:aa:4c:5c:fd:cf:3f:f8:7d:d5:0a:cd:f6:9e:77:00:cb:e0:
e3:26:d1:41:f8:fa:83:9c:94:3a:6e:37:a1:2f:df:cb:cc:70:
0b:67:4a:7a:d9:48:e0:03:81:f0:f4:0c:ff:a5:7b:8e:2d:86:
e8:11:63:ea:81:fb:85:cc:9a:76:dc:c8:f2:a9:1d:db:30:fb:
ea:38:96:fd:88:4f:09:33:98:12:b9:45:cc:a8:e7:6c:bc:30:
e1:4c:a3:e1:af:a2:8e:cc:e1:d7:7c:5c:c4:b9:f1:50:73:fb:
ae:c3:7c:97
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYzNTMxMTAvBgNVBAUTKEFBQUVDNzFDQTM0REVGMDhEODhFRTc3QkQ5MUMxNTcx
NzVDQzNDMDkwHhcNMjMwMzAzMDQzMjQ3WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDAxNzg2Zi1lNmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApbLIvSwOyQd31dVxWIZQFnav1st17a9w+caDi/Lq3YDhh1evQEMFFPRsbyKK
oH3ASyceC3YckUyFReXLFwY05OxkBb7itKEVMv4xpeJ9FQ+OyIkRANrx8XhnzhDZ
SzSP7xeYotMJGEhRDaFrIZD3HJEvF4MLM/paqyoMS12aE2PXPaFrpskaC3FOC6Fg
FbcGC5kXC9+sbxLL3IXAGh5ariWnO6iUHnppOz5UQ3LLi1eUAjhWyl07PKYCLzA4
DUxTeFxmZ61j87X6zd2vloKkG4h70IWMQGwO2ph7uC4li2F/Lb80TCaSvLjjFpMz
nMs3OPgfvWx6CKWmUKBRhYL/mwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPuJrKmk
fNeIeaGW641rWY33sNGdMB8GA1UdIwQYMBaAFKquxxyjTe8I2I7ne9kcFXF1zDwJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjM1My8zQkZERUQ2NDg2
QkExMUVCQkNDMzk4NzVDNEY5QUUwMi9xcTdISEtOTjd3allqdWQ3MlJ3VmNYWE1Q
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FxN0hIS05ON3dqWWp1ZDcyUndWY1hYTVBBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYzNTMvM0JGREVENjQ4NkJBMTFFQkJDQzM5ODc1QzRGOUFFMDIvNzJBM0FCNTBC
OTdDMTFFRDlEMEQwMTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlwQwDQYJKoZIhvcNAQELBQADggEBACB1mLKE30dCnqgw
MQBT4RI1R6PIuf9rf1D308yrthHHQQtwDugllfp/w//uMxuWwQobEOXLk6/0WqHz
E81V0uiyyBPTcD8kgJDNBHzVhFj/GpLl9Mx/rf4+grpcsqmj302Ia4TU8QQEeXUi
NLtZwEUtk5NSO4WE0S0xwtjmrwEurB14SdLoQ801fl94XlsKuZOqTFz9zz/4fdUK
zfaedwDL4OMm0UH4+oOclDpuN6Ev38vMcAtnSnrZSOADgfD0DP+le44thugRY+qB
+4XMmnbcyPKpHdsw++o4lv2ITwkzmBK5Rcyo52y8MOFMo+Gvoo7M4dd8XMS58VBz
+67DfJc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org