Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/A7CB399C697311ECA564FA0CC4F9AE02.roa
File: A7CB399C697311ECA564FA0CC4F9AE02.roa (raw, json)
Hash identifier: D7R3lOIh97kB/myWAPTvt2/2oGmkAk6Ewefpd9NSmwE=
Subject key identifier: 1D:74:2D:35:EF:9F:65:3E:53:E9:6A:86:7D:7E:0E:4C:9F:8D:24:8C
Certificate issuer: /CN=A91B72D9/serialNumber=41E5DC2155069FF317E5EE38C75B7889C22197E3
Certificate serial: 02
Authority key identifier: 41:E5:DC:21:55:06:9F:F3:17:E5:EE:38:C7:5B:78:89:C2:21:97:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeXcIVUGn_MX5e44x1t4icIhl-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/A7CB399C697311ECA564FA0CC4F9AE02.roa
Signing time: Thu 30 Dec 2021 13:23:20 +0000
ROA not before: Thu 30 Dec 2021 13:23:20 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 149414
IP address blocks: 103.178.220.0/23 maxlen: 23
103.178.220.0/24 maxlen: 24
103.178.221.0/24 maxlen: 24
2001:df0:3e40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B72D9/serialNumber=41E5DC2155069FF317E5EE38C75B7889C22197E3
Validity
Not Before: Dec 30 13:23:20 2021 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61cdb2c8-6f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f4:51:04:ce:55:35:f7:fa:2e:04:d5:84:31:
c3:fa:a6:2d:93:3e:9a:df:aa:dd:70:c8:7b:de:8b:
cd:e9:bd:01:7a:4b:6b:9d:c3:f6:af:c9:e8:f9:db:
8b:97:12:ce:7d:2b:25:e1:28:ec:ad:05:55:1f:31:
52:49:30:f6:16:13:95:c6:a3:4b:d7:95:71:64:94:
fd:0d:be:c6:7b:7f:c6:6a:4d:d1:99:40:e2:ea:fd:
6f:ee:c3:f3:18:56:6d:30:86:87:4e:47:27:55:ee:
c0:cf:e2:89:db:0c:71:ac:28:09:4d:eb:a2:23:c7:
13:85:28:1a:01:63:87:94:74:da:c9:63:1a:de:6c:
13:44:e2:f8:d5:32:01:8a:5c:11:55:0b:16:fb:65:
3c:bf:74:82:7c:2d:e6:1d:b1:be:68:4f:1c:a1:45:
96:10:68:c1:38:5b:f0:71:86:42:52:0f:39:14:63:
1d:7c:30:da:02:83:be:0c:81:ad:8e:12:8c:df:8a:
82:1d:08:eb:cc:13:04:a1:b8:6d:56:ee:ef:0c:d1:
1b:6f:22:da:40:da:90:66:ed:3c:85:eb:f9:1d:7a:
64:ce:40:d6:0f:cc:43:44:3f:40:1c:de:cd:68:40:
2f:9f:aa:dd:bb:ea:35:6f:2e:87:03:f5:94:bd:3a:
42:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:74:2D:35:EF:9F:65:3E:53:E9:6A:86:7D:7E:0E:4C:9F:8D:24:8C
X509v3 Authority Key Identifier:
keyid:41:E5:DC:21:55:06:9F:F3:17:E5:EE:38:C7:5B:78:89:C2:21:97:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/QeXcIVUGn_MX5e44x1t4icIhl-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeXcIVUGn_MX5e44x1t4icIhl-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/A7CB399C697311ECA564FA0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.220.0/23
IPv6:
2001:df0:3e40::/48
Signature Algorithm: sha256WithRSAEncryption
67:70:76:bf:d1:af:bd:a3:73:59:39:0e:e9:e9:b2:49:9d:86:
20:b1:5a:71:72:20:a4:2b:9e:a2:a4:98:36:d0:04:41:01:3c:
2f:ca:9f:0a:10:8e:63:4e:96:2a:05:49:f9:e7:54:9d:96:9a:
23:0a:05:57:c9:b0:36:a9:60:a7:9a:1f:d9:65:a0:a0:c2:39:
13:7e:6d:82:99:c5:8e:bb:f0:00:bf:45:92:f3:89:d1:5c:6d:
b9:7b:56:84:ba:d1:62:a1:be:08:7f:25:96:bb:fa:b3:d6:61:
0e:7a:de:2b:bd:90:88:e0:a9:07:43:c4:e4:ac:77:01:20:80:
db:61:aa:c6:db:16:73:32:cb:34:a9:2d:33:f1:23:be:8a:dc:
d6:bd:79:6b:36:ea:c1:91:3d:db:2e:f3:cc:2b:03:7e:98:be:
c5:89:5d:3a:72:18:b4:22:30:ae:de:0d:59:b2:68:03:68:87:
31:c8:8a:70:4b:50:41:b1:5d:f3:2d:e1:37:e1:4b:2b:dc:22:
5a:77:2a:61:53:8f:0b:f7:9a:6d:db:fc:7b:fb:22:3d:13:71:
ce:96:b9:e0:fd:96:1b:f7:8f:bd:79:00:47:fc:34:01:0e:5a:
0e:49:7e:d5:f3:70:be:bc:19:f3:ab:ba:33:20:f8:14:11:5a:
f5:c1:61:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NzJEOTExMC8GA1UEBRMoNDFFNURDMjE1NTA2OUZGMzE3RTVFRTM4Qzc1Qjc4ODlD
MjIxOTdFMzAeFw0yMTEyMzAxMzIzMjBaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxY2RiMmM4LTZmMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDq9FEEzlU19/ouBNWEMcP6pi2TPprfqt1wyHvei83pvQF6S2udw/avyej524uX
Es59KyXhKOytBVUfMVJJMPYWE5XGo0vXlXFklP0NvsZ7f8ZqTdGZQOLq/W/uw/MY
Vm0whodORydV7sDP4onbDHGsKAlN66IjxxOFKBoBY4eUdNrJYxrebBNE4vjVMgGK
XBFVCxb7ZTy/dIJ8LeYdsb5oTxyhRZYQaME4W/BxhkJSDzkUYx18MNoCg74Mga2O
EozfioIdCOvMEwShuG1W7u8M0RtvItpA2pBm7TyF6/kdemTOQNYPzENEP0Ac3s1o
QC+fqt276jVvLocD9ZS9OkLvAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUHXQtNe+f
ZT5T6WqGfX4OTJ+NJIwwHwYDVR0jBBgwFoAUQeXcIVUGn/MX5e44x1t4icIhl+Mw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3MkQ5L0FBMjNGQTk2Njk3
MTExRUNCNjI1OTMwQ0M0RjlBRTAyL1FlWGNJVlVHbl9NWDVlNDR4MXQ0aWNJaGwt
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUWVYY0lWVUduX01YNWU0NHgxdDRpY0lobC1NLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NzJEOS9BQTIzRkE5NjY5NzExMUVDQjYyNTkzMENDNEY5QUUwMi9BN0NCMzk5QzY5
NzMxMUVDQTU2NEZBMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWey3DAPBAIAAjAJAwcAIAEN8D5AMA0GCSqGSIb3DQEBCwUA
A4IBAQBncHa/0a+9o3NZOQ7p6bJJnYYgsVpxciCkK56ipJg20ARBATwvyp8KEI5j
TpYqBUn551SdlpojCgVXybA2qWCnmh/ZZaCgwjkTfm2CmcWOu/AAv0WS84nRXG25
e1aEutFiob4IfyWWu/qz1mEOet4rvZCI4KkHQ8TkrHcBIIDbYarG2xZzMss0qS0z
8SO+itzWvXlrNurBkT3bLvPMKwN+mL7FiV06chi0IjCu3g1ZsmgDaIcxyIpwS1BB
sV3zLeE34Usr3CJadyphU48L95pt2/x7+yI9E3HOlrng/ZYb94+9eQBH/DQBDloO
SX7V83C+vBnzq7ozIPgUEVr1wWG/
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org