Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/D5F9A63A7B3F11EDA3BE281FC4F9AE02.roa
File: D5F9A63A7B3F11EDA3BE281FC4F9AE02.roa (raw, json)
Hash identifier: 9FVh6HHBaRRlr8FdrCf3i6zLVVnr5cmgNSjvGpomwdQ=
Subject key identifier: B9:17:12:D5:85:AC:4C:98:7C:ED:3F:CA:81:6A:5B:53:95:6A:6C:0A
Certificate issuer: /CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Certificate serial: 0266
Authority key identifier: 45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/D5F9A63A7B3F11EDA3BE281FC4F9AE02.roa
Signing time: Wed 01 Feb 2023 04:14:08 +0000
ROA not before: Wed 01 Feb 2023 04:14:08 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 16509
IP address blocks: 103.179.36.0/24 maxlen: 24
103.179.37.0/24 maxlen: 24
2001:df0:45c4::/46 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 614 (0x266)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAAF5/serialNumber=4584AEA2394C46D6934E63ED6887D4726FDF7A13
Validity
Not Before: Feb 1 04:14:08 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63d9e710-945c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2b:87:17:07:eb:41:49:7f:4f:6b:14:09:99:
71:50:f9:cd:f8:3f:78:55:7b:ff:b9:ca:4e:5d:06:
17:b5:37:d4:10:94:ec:8e:2b:e2:3a:dd:93:88:7d:
6d:42:08:3f:de:a4:85:75:78:17:bf:d7:1a:8f:be:
2f:6c:95:60:f2:c3:ec:fb:a7:6d:35:10:64:ef:d9:
9f:3f:cd:94:f4:27:1d:ac:92:50:c6:4d:eb:3d:0d:
18:26:1b:61:3f:11:34:a8:f8:b4:72:86:0b:2d:f5:
d5:99:b8:6d:42:9e:99:75:d9:4c:ed:d3:02:4c:56:
fe:ad:80:12:bf:b9:77:2d:55:2e:83:98:1d:9c:d7:
ef:1d:d3:9c:5e:f1:a7:7b:43:55:42:a5:8d:b5:d8:
4d:a2:c9:f0:a5:48:c3:4d:66:6c:36:88:65:ec:b5:
c2:ea:ce:b0:ff:6d:8a:30:a8:e2:da:25:bc:8c:1e:
8c:ae:4d:9e:b7:5f:8c:93:e5:82:3b:9c:bd:27:50:
b5:40:58:16:4f:61:c8:43:fe:d5:eb:ef:fa:c7:ec:
12:67:05:10:3d:6b:55:41:c7:3d:36:83:c8:cf:5b:
8e:1d:88:25:ea:81:f9:0b:c2:15:f6:71:e5:a6:72:
74:22:26:9c:cb:cc:fd:45:fe:46:6c:a2:71:11:2f:
98:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:17:12:D5:85:AC:4C:98:7C:ED:3F:CA:81:6A:5B:53:95:6A:6C:0A
X509v3 Authority Key Identifier:
keyid:45:84:AE:A2:39:4C:46:D6:93:4E:63:ED:68:87:D4:72:6F:DF:7A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/RYSuojlMRtaTTmPtaIfUcm_fehM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RYSuojlMRtaTTmPtaIfUcm_fehM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAAF5/E99F523A6EC411ECAFD27331C4F9AE02/D5F9A63A7B3F11EDA3BE281FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.36.0/23
IPv6:
2001:df0:45c4::/46
Signature Algorithm: sha256WithRSAEncryption
16:71:c2:6f:10:94:86:e7:5d:44:8f:d4:57:51:ab:0c:9b:e9:
bc:e3:3d:5e:17:39:83:5d:6a:df:d4:fd:1a:95:75:57:8e:dd:
83:de:a9:2c:ff:95:f7:74:13:c1:3b:a6:61:cd:0c:83:f9:4c:
62:76:61:47:76:08:c3:38:4f:fe:ab:37:6b:1d:1a:d8:b7:4f:
8b:40:fe:62:02:45:cf:7b:a0:86:e9:e1:e8:73:01:2a:d0:68:
cf:4f:19:bf:9e:66:e2:aa:c8:a4:b4:2f:2b:4b:04:f9:d1:5c:
5c:d6:70:e9:a8:c5:a6:49:30:98:38:8e:b2:02:82:06:43:06:
8f:80:5d:03:d7:1f:c2:fd:a7:ff:df:94:1f:54:44:8e:7f:d6:
eb:8a:12:a7:f7:7b:b0:db:78:11:45:ca:17:8f:82:dd:1e:b9:
31:46:9b:91:5a:35:36:c1:34:cb:ad:7b:0f:f4:8a:96:40:fe:
47:e4:5a:71:f1:99:28:f7:07:6a:55:b7:28:b0:37:d2:fa:e7:
2e:2b:54:89:fa:5b:55:f5:71:58:ed:12:3b:73:60:3b:ee:41:
53:3b:b1:eb:93:16:bd:43:94:36:c0:58:90:d2:e2:a0:40:60:
5a:ba:50:fb:40:d9:b1:ae:59:41:81:e1:a8:26:45:6d:1e:75:
91:69:1c:b5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFBRjUxMTAvBgNVBAUTKDQ1ODRBRUEyMzk0QzQ2RDY5MzRFNjNFRDY4ODdENDcy
NkZERjdBMTMwHhcNMjMwMjAxMDQxNDA4WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q5ZTcxMC05NDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvSuHFwfrQUl/T2sUCZlxUPnN+D94VXv/ucpOXQYXtTfUEJTsjiviOt2TiH1t
Qgg/3qSFdXgXv9caj74vbJVg8sPs+6dtNRBk79mfP82U9CcdrJJQxk3rPQ0YJhth
PxE0qPi0coYLLfXVmbhtQp6ZddlM7dMCTFb+rYASv7l3LVUug5gdnNfvHdOcXvGn
e0NVQqWNtdhNosnwpUjDTWZsNohl7LXC6s6w/22KMKji2iW8jB6Mrk2et1+Mk+WC
O5y9J1C1QFgWT2HIQ/7V6+/6x+wSZwUQPWtVQcc9NoPIz1uOHYgl6oH5C8IV9nHl
pnJ0Iiacy8z9Rf5GbKJxES+YnQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLkXEtWF
rEyYfO0/yoFqW1OVamwKMB8GA1UdIwQYMBaAFEWErqI5TEbWk05j7WiH1HJv33oT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUFGNS9FOTlGNTIzQTZF
QzQxMUVDQUZEMjczMzFDNEY5QUUwMi9SWVN1b2psTVJ0YVRUbVB0YUlmVWNtX2Zl
aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JZU3VvamxNUnRhVFRtUHRhSWZVY21fZmVoTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFBRjUvRTk5RjUyM0E2RUM0MTFFQ0FGRDI3MzMxQzRGOUFFMDIvRDVGOUE2M0E3
QjNGMTFFREEzQkUyODFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnsyQwDwQCAAIwCQMHAiABDfBFxDANBgkqhkiG9w0BAQsF
AAOCAQEAFnHCbxCUhuddRI/UV1GrDJvpvOM9Xhc5g11q39T9GpV1V47dg96pLP+V
93QTwTumYc0Mg/lMYnZhR3YIwzhP/qs3ax0a2LdPi0D+YgJFz3ughunh6HMBKtBo
z08Zv55m4qrIpLQvK0sE+dFcXNZw6ajFpkkwmDiOsgKCBkMGj4BdA9cfwv2n/9+U
H1REjn/W64oSp/d7sNt4EUXKF4+C3R65MUabkVo1NsE0y617D/SKlkD+R+RacfGZ
KPcHalW3KLA30vrnLitUifpbVfVxWO0SO3NgO+5BUzux65MWvUOUNsBYkNLioEBg
WrpQ+0DZsa5ZQYHhqCZFbR51kWkctQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org