Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/6B68C92C11AD11EEA042DA46C4F9AE02.roa
File: 6B68C92C11AD11EEA042DA46C4F9AE02.roa (raw, json)
Hash identifier: ll7D+qoqQEZ97Ox3iJUzRyRwe8gSq3RIDhezN51RpQI=
Subject key identifier: 30:D6:77:C6:B1:EB:ED:82:24:25:64:61:CA:F6:79:C5:CD:51:89:AF
Certificate issuer: /CN=A91C0E6A/serialNumber=F5459CBA31F933F9073B514C9CBBEC34F6ED2E4A
Certificate serial: 02
Authority key identifier: F5:45:9C:BA:31:F9:33:F9:07:3B:51:4C:9C:BB:EC:34:F6:ED:2E:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9UWcujH5M_kHO1FMnLvsNPbtLko.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/6B68C92C11AD11EEA042DA46C4F9AE02.roa
Signing time: Fri 23 Jun 2023 10:05:03 +0000
ROA not before: Fri 23 Jun 2023 10:05:02 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 400377
IP address blocks: 103.130.238.0/24 maxlen: 24
103.130.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0E6A/serialNumber=F5459CBA31F933F9073B514C9CBBEC34F6ED2E4A
Validity
Not Before: Jun 23 10:05:02 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64956e4e-9e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:c6:dc:9a:f5:4a:45:d5:57:b5:54:bd:b7:
3f:19:df:0b:e2:ec:3e:4d:84:c0:25:06:9d:46:60:
ca:91:95:13:6f:97:83:2b:ad:54:c4:81:1d:c4:7a:
fd:65:27:39:23:ad:0b:ac:2b:ea:23:fe:da:26:25:
81:f2:95:81:b1:12:f0:66:71:d5:c9:13:38:26:8a:
17:96:77:62:3d:9f:08:af:d7:dd:73:3a:f0:f6:eb:
33:a1:f0:42:c2:71:ba:cb:fc:31:14:db:57:3e:5b:
be:e3:f3:ec:0f:59:5a:65:79:85:ec:dd:b1:f5:40:
c7:0b:ed:4a:d1:10:06:ed:ba:81:22:94:0e:c3:4b:
9c:21:76:e0:24:b2:39:57:3b:a7:d2:cc:c3:27:83:
82:b9:56:bd:f1:e5:ca:ab:b0:46:42:14:e8:a6:e7:
c4:f3:e3:37:64:3d:9d:65:40:c9:b2:f0:e4:f5:28:
a1:fe:55:76:1d:32:24:35:ae:bd:83:b4:65:55:f7:
22:60:1c:58:36:38:f9:90:65:94:e9:e7:43:12:ca:
91:22:fa:8c:03:ea:f4:4a:ca:73:28:65:a5:94:8f:
c5:d6:22:32:0c:c7:cd:14:b7:63:71:66:32:69:06:
14:13:d8:3d:f4:83:50:c6:49:02:17:2e:ac:e0:43:
23:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D6:77:C6:B1:EB:ED:82:24:25:64:61:CA:F6:79:C5:CD:51:89:AF
X509v3 Authority Key Identifier:
keyid:F5:45:9C:BA:31:F9:33:F9:07:3B:51:4C:9C:BB:EC:34:F6:ED:2E:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/9UWcujH5M_kHO1FMnLvsNPbtLko.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9UWcujH5M_kHO1FMnLvsNPbtLko.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0E6A/4C281BBE11A611EEB3346926C4F9AE02/6B68C92C11AD11EEA042DA46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.238.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:73:56:6a:54:62:dd:4d:93:1d:38:17:eb:65:5b:12:1f:ce:
b1:ed:ef:2c:cd:05:bf:74:af:1b:d4:c9:c3:d1:e4:04:5c:d7:
cd:92:3b:20:4c:61:95:21:b1:75:32:aa:d9:2b:8d:8b:05:f6:
9b:d9:c0:f5:59:1a:14:dc:a8:e5:6e:2e:eb:e5:22:85:95:73:
e0:c5:e8:4f:eb:2d:e9:18:1a:6e:8d:97:8d:6f:73:88:45:81:
df:b4:72:98:5a:70:eb:0e:57:4c:e9:fb:cc:e8:3a:ce:df:0f:
9a:68:4b:cd:9c:2a:dd:b6:3e:8c:db:33:00:db:7f:2f:f3:06:
32:7b:83:fc:0c:9a:65:55:dc:e6:eb:83:f3:e7:96:79:b0:c0:
48:54:96:15:db:0c:a6:25:6f:26:2a:ee:da:90:16:00:a8:62:
1c:62:8c:b2:42:c8:3f:e3:3b:99:6f:7c:76:7b:f5:f2:72:76:
cf:53:40:6f:5c:9d:62:17:58:37:0f:b4:bd:b2:05:48:6e:f9:
d6:f2:42:78:73:98:37:a8:de:e6:d0:4a:16:59:e0:16:aa:39:
e2:a4:07:17:7b:52:3d:c0:aa:3a:ec:23:f8:f1:4d:c0:ad:92:
e5:13:95:c0:70:55:a3:d7:3b:32:71:4c:43:22:41:12:f7:87:
a4:83:18:4b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MEU2QTExMC8GA1UEBRMoRjU0NTlDQkEzMUY5MzNGOTA3M0I1MTRDOUNCQkVDMzRG
NkVEMkU0QTAeFw0yMzA2MjMxMDA1MDJaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OTU2ZTRlLTllMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyNsbcmvVKRdVXtVS9tz8Z3wvi7D5NhMAlBp1GYMqRlRNvl4MrrVTEgR3Eev1l
JzkjrQusK+oj/tomJYHylYGxEvBmcdXJEzgmiheWd2I9nwiv191zOvD26zOh8ELC
cbrL/DEU21c+W77j8+wPWVpleYXs3bH1QMcL7UrREAbtuoEilA7DS5whduAksjlX
O6fSzMMng4K5Vr3x5cqrsEZCFOim58Tz4zdkPZ1lQMmy8OT1KKH+VXYdMiQ1rr2D
tGVV9yJgHFg2OPmQZZTp50MSypEi+owD6vRKynMoZaWUj8XWIjIMx80Ut2NxZjJp
BhQT2D30g1DGSQIXLqzgQyNlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUMNZ3xrHr
7YIkJWRhyvZ5xc1Ria8wHwYDVR0jBBgwFoAU9UWcujH5M/kHO1FMnLvsNPbtLkow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwRTZBLzRDMjgxQkJFMTFB
NjExRUVCMzM0NjkyNkM0RjlBRTAyLzlVV2N1akg1TV9rSE8xRk1uTHZzTlBidExr
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOVVXY3VqSDVNX2tITzFGTW5MdnNOUGJ0TGtvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MEU2QS80QzI4MUJCRTExQTYxMUVFQjMzNDY5MjZDNEY5QUUwMi82QjY4QzkyQzEx
QUQxMUVFQTA0MkRBNDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeC7jANBgkqhkiG9w0BAQsFAAOCAQEAS3NWalRi3U2THTgX
62VbEh/Ose3vLM0Fv3SvG9TJw9HkBFzXzZI7IExhlSGxdTKq2SuNiwX2m9nA9Vka
FNyo5W4u6+UihZVz4MXoT+st6Rgabo2XjW9ziEWB37RymFpw6w5XTOn7zOg6zt8P
mmhLzZwq3bY+jNszANt/L/MGMnuD/AyaZVXc5uuD8+eWebDASFSWFdsMpiVvJiru
2pAWAKhiHGKMskLIP+M7mW98dnv18nJ2z1NAb1ydYhdYNw+0vbIFSG751vJCeHOY
N6je5tBKFlngFqo54qQHF3tSPcCqOuwj+PFNwK2S5ROVwHBVo9c7MnFMQyJBEveH
pIMYSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org