Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/979881641C6A11EEB0B4920EC4F9AE02.roa
File: 979881641C6A11EEB0B4920EC4F9AE02.roa (raw, json)
Hash identifier: X2cmM+tGZ3TL3SIgczIfWjiFtOsca5bG1lP2Ge8InW0=
Subject key identifier: E3:5E:3C:53:70:88:31:41:52:57:77:DE:F7:64:74:52:B6:57:07:86
Certificate issuer: /CN=A91D61DF/serialNumber=15BF210B73781D5CC0BE99BD39D70B2FEB4EB86C
Certificate serial: 02
Authority key identifier: 15:BF:21:0B:73:78:1D:5C:C0:BE:99:BD:39:D7:0B:2F:EB:4E:B8:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/979881641C6A11EEB0B4920EC4F9AE02.roa
Signing time: Fri 07 Jul 2023 02:04:23 +0000
ROA not before: Fri 07 Jul 2023 02:04:23 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 141199
IP address blocks: 103.160.146.0/24 maxlen: 24
2001:df1:ea40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D61DF/serialNumber=15BF210B73781D5CC0BE99BD39D70B2FEB4EB86C
Validity
Not Before: Jul 7 02:04:23 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64a772a7-251f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:90:3b:5d:51:12:7f:06:62:04:47:61:5a:9b:
0d:1d:4e:62:c5:a5:29:cf:b3:04:ca:7b:5e:91:a1:
6e:51:fb:27:f8:21:e9:37:51:08:01:4c:19:35:bb:
6e:6f:92:a2:b8:c7:68:f1:0c:1a:5c:bc:3f:12:7f:
01:8b:29:9e:e9:9b:3a:b9:a7:b5:1f:67:97:0f:2c:
e4:b3:d5:10:37:3e:e3:73:ed:0f:49:b1:ce:3a:b6:
2a:b5:eb:1a:d5:51:1a:23:bc:22:fc:2b:9e:e9:36:
01:eb:b3:63:e2:7b:38:ac:83:99:1d:61:9a:67:eb:
b7:ad:80:79:68:63:5e:92:8b:e8:ce:e1:5d:07:53:
48:06:9a:96:64:77:f4:10:a5:6e:15:7c:e0:73:7c:
5f:19:90:e9:65:88:fc:a3:3d:6e:50:3b:58:ed:0c:
17:99:f4:d3:6b:55:39:77:db:2d:4d:cd:fd:63:4b:
d1:ca:6e:6f:b5:ee:ee:00:9c:61:a2:46:96:e9:e9:
81:08:2a:7e:dc:3f:f6:ef:61:42:f5:c0:99:ea:bc:
94:83:c0:54:a1:ea:2e:84:41:80:b8:82:7d:1c:58:
72:0e:7f:a4:2d:e2:81:1b:ba:41:68:5e:47:d3:ca:
52:b0:e2:52:d3:f6:e1:a9:a9:1f:c1:e9:79:e7:86:
fa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5E:3C:53:70:88:31:41:52:57:77:DE:F7:64:74:52:B6:57:07:86
X509v3 Authority Key Identifier:
keyid:15:BF:21:0B:73:78:1D:5C:C0:BE:99:BD:39:D7:0B:2F:EB:4E:B8:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/979881641C6A11EEB0B4920EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.146.0/24
IPv6:
2001:df1:ea40::/48
Signature Algorithm: sha256WithRSAEncryption
02:d7:e8:f4:44:d1:41:86:b1:f5:ca:03:4c:02:28:af:ae:e4:
51:95:64:bb:7c:b6:6c:ab:4e:8a:fa:8f:1f:30:97:f4:c4:7c:
38:f7:97:2d:8b:15:51:a1:27:02:b2:be:dd:ca:4b:a3:a1:0d:
a7:e3:47:99:ae:a1:77:36:41:f2:e6:66:8d:d9:55:ac:9e:55:
73:d4:4a:e2:99:52:ca:8a:f8:b2:0f:af:47:a4:09:c7:54:db:
a8:89:80:84:2a:8b:1b:12:d9:d3:87:e6:a9:f6:47:72:2d:80:
6f:25:50:5d:de:32:79:cc:30:1c:34:ed:6a:16:0e:70:43:98:
bd:e2:11:81:c6:9d:c7:29:10:b9:a2:e7:94:7d:42:0c:40:e1:
63:3b:7a:76:aa:3d:1d:9a:eb:56:5f:2c:a5:5c:86:e2:f3:b1:
48:c1:91:58:47:5f:17:01:0d:c4:a5:8f:1c:22:90:af:bf:1a:
a0:6d:cd:02:31:35:2d:80:eb:d4:a7:bf:dc:23:f3:2e:ff:70:
3f:44:13:34:8c:75:49:92:f6:37:5e:61:91:d4:c8:65:b3:bc:
0d:fe:d3:bc:61:c3:3d:a2:f4:69:36:e1:ef:18:2b:7e:30:76:
d9:0f:f5:d1:4d:f0:dd:18:1a:09:88:cc:25:90:dc:6a:31:24:
c6:57:3d:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NjFERjExMC8GA1UEBRMoMTVCRjIxMEI3Mzc4MUQ1Q0MwQkU5OUJEMzlENzBCMkZF
QjRFQjg2QzAeFw0yMzA3MDcwMjA0MjNaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YTc3MmE3LTI1MWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHkDtdURJ/BmIER2Famw0dTmLFpSnPswTKe16RoW5R+yf4Iek3UQgBTBk1u25v
kqK4x2jxDBpcvD8SfwGLKZ7pmzq5p7UfZ5cPLOSz1RA3PuNz7Q9Jsc46tiq16xrV
URojvCL8K57pNgHrs2Piezisg5kdYZpn67etgHloY16Si+jO4V0HU0gGmpZkd/QQ
pW4VfOBzfF8ZkOlliPyjPW5QO1jtDBeZ9NNrVTl32y1Nzf1jS9HKbm+17u4AnGGi
Rpbp6YEIKn7cP/bvYUL1wJnqvJSDwFSh6i6EQYC4gn0cWHIOf6Qt4oEbukFoXkfT
ylKw4lLT9uGpqR/B6XnnhvrTAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU4148U3CI
MUFSV3fe92R0UrZXB4YwHwYDVR0jBBgwFoAUFb8hC3N4HVzAvpm9OdcLL+tOuGww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ2MURGLzBEMEM1Rjc0MUM2
NjExRUU5QTEzMkI4NEM0RjlBRTAyL0ZiOGhDM040SFZ6QXZwbTlPZGNMTC10T3VH
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRmI4aEMzTjRIVnpBdnBtOU9kY0xMLXRPdUd3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NjFERi8wRDBDNUY3NDFDNjYxMUVFOUExMzJCODRDNEY5QUUwMi85Nzk4ODE2NDFD
NkExMUVFQjBCNDkyMEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGegkjAPBAIAAjAJAwcAIAEN8epAMA0GCSqGSIb3DQEBCwUA
A4IBAQAC1+j0RNFBhrH1ygNMAiivruRRlWS7fLZsq06K+o8fMJf0xHw495ctixVR
oScCsr7dykujoQ2n40eZrqF3NkHy5maN2VWsnlVz1ErimVLKiviyD69HpAnHVNuo
iYCEKosbEtnTh+ap9kdyLYBvJVBd3jJ5zDAcNO1qFg5wQ5i94hGBxp3HKRC5oueU
fUIMQOFjO3p2qj0dmutWXyylXIbi87FIwZFYR18XAQ3EpY8cIpCvvxqgbc0CMTUt
gOvUp7/cI/Mu/3A/RBM0jHVJkvY3XmGR1Mhls7wN/tO8YcM9ovRpNuHvGCt+MHbZ
D/XRTfDdGBoJiMwlkNxqMSTGVz1v
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org