Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/79C35C68781311EEA0B16D0EC4F9AE02.roa
File: 79C35C68781311EEA0B16D0EC4F9AE02.roa (raw, json)
Hash identifier: GvXKt6gYCOzwItxjIUoarxTKhZv/bt8++ME0Ww2tag8=
Subject key identifier: 70:78:1B:0B:75:DB:DE:CB:9A:7C:3C:38:B6:29:94:D7:B1:A0:CC:A2
Certificate issuer: /CN=A91FB095/serialNumber=B291102154472183CF50D2AE6FA30E1BDE342BF4
Certificate serial: 40
Authority key identifier: B2:91:10:21:54:47:21:83:CF:50:D2:AE:6F:A3:0E:1B:DE:34:2B:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spEQIVRHIYPPUNKub6MOG940K_Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/79C35C68781311EEA0B16D0EC4F9AE02.roa
Signing time: Tue 31 Oct 2023 17:32:34 +0000
ROA not before: Tue 31 Oct 2023 17:32:34 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 24499
IP address blocks: 103.66.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FB095/serialNumber=B291102154472183CF50D2AE6FA30E1BDE342BF4
Validity
Not Before: Oct 31 17:32:34 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=65413a32-be92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cd:bf:d8:0d:53:18:6b:30:70:f9:bf:d4:24:
f8:35:84:cc:87:c3:da:71:6f:97:bf:eb:df:fd:91:
1b:e1:26:b5:05:db:96:57:46:e4:d6:eb:67:40:de:
a5:e8:16:69:ce:3b:5a:e2:55:77:84:15:ee:c3:dd:
22:38:58:03:25:4a:d0:38:87:54:1b:75:84:4d:1a:
a4:4a:e0:3a:6e:c2:6d:82:c7:a8:87:c4:f0:b9:dd:
04:d8:5a:c6:df:cb:7b:18:2f:90:8d:54:c3:c2:f9:
06:f7:f1:49:c1:fe:06:98:d4:18:97:d1:51:b7:a5:
e9:76:2b:03:6d:c4:22:19:e7:ab:01:7a:a3:d8:e9:
77:aa:ee:c3:69:e2:90:ec:57:0d:34:76:2d:7b:32:
a7:be:e9:aa:5e:c7:fa:4d:53:1b:2c:f7:af:11:7a:
3c:e6:d9:8a:ce:37:55:4a:15:7d:cf:f6:64:6b:67:
4e:40:c4:9e:e6:6b:39:61:6b:dc:29:24:e5:6f:3a:
9a:8f:56:30:a3:19:54:22:b3:44:9e:28:80:68:d2:
96:77:ec:05:6d:e5:ce:be:09:cc:12:a6:83:90:b6:
bb:6e:b9:db:9f:b3:30:14:e0:4a:d3:f0:d7:fd:94:
24:39:3c:93:cd:94:8e:d9:21:c6:1b:54:5d:4f:04:
07:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:78:1B:0B:75:DB:DE:CB:9A:7C:3C:38:B6:29:94:D7:B1:A0:CC:A2
X509v3 Authority Key Identifier:
keyid:B2:91:10:21:54:47:21:83:CF:50:D2:AE:6F:A3:0E:1B:DE:34:2B:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/spEQIVRHIYPPUNKub6MOG940K_Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spEQIVRHIYPPUNKub6MOG940K_Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB095/AABEB56A1A5311EEA4608814C4F9AE02/79C35C68781311EEA0B16D0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.149.0/24
Signature Algorithm: sha256WithRSAEncryption
85:63:54:d8:a3:31:0b:0e:12:1a:d3:03:0e:b4:ae:d4:8b:6a:
74:5b:42:33:01:e0:76:cc:29:5e:24:52:0f:90:c9:3b:45:45:
42:f1:ca:b0:0a:92:00:d3:aa:c1:c5:ff:b9:21:15:ae:8d:57:
9f:ed:df:d4:52:10:c3:36:a4:eb:64:8c:af:a0:14:99:47:cd:
72:31:e6:df:ca:a3:06:59:9c:33:88:69:1f:84:42:92:4d:4c:
6b:fa:5a:b6:a4:cd:d7:c3:b0:af:7b:68:e4:fc:a1:64:0b:9b:
fe:78:b0:43:dd:78:74:92:4e:09:c3:04:13:9e:0d:11:55:4a:
06:5d:db:b1:c1:f4:1f:13:5f:b0:d4:8c:33:9e:df:87:77:63:
9c:55:02:dd:dc:cb:ba:67:11:c6:90:ab:1b:d2:51:50:da:2f:
a4:04:be:21:e0:cb:93:56:bf:8c:45:9f:b9:a9:af:88:e3:20:
75:3e:15:0d:17:f2:81:78:84:a8:f2:f0:09:a4:f5:0a:54:bb:
f2:27:62:00:1e:e8:6c:a0:18:f2:28:1c:ac:c4:b5:16:8b:e5:
fd:e7:17:16:49:d3:26:4b:54:08:4f:44:0e:84:03:f1:b8:e2:
9f:9b:b3:d9:70:b2:88:a6:ad:4c:3d:6d:eb:08:24:f1:95:fe:
b4:19:86:5a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QjA5NTExMC8GA1UEBRMoQjI5MTEwMjE1NDQ3MjE4M0NGNTBEMkFFNkZBMzBFMUJE
RTM0MkJGNDAeFw0yMzEwMzExNzMyMzRaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NDEzYTMyLWJlOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjzb/YDVMYazBw+b/UJPg1hMyHw9pxb5e/69/9kRvhJrUF25ZXRuTW62dA3qXo
FmnOO1riVXeEFe7D3SI4WAMlStA4h1QbdYRNGqRK4Dpuwm2Cx6iHxPC53QTYWsbf
y3sYL5CNVMPC+Qb38UnB/gaY1BiX0VG3pel2KwNtxCIZ56sBeqPY6Xeq7sNp4pDs
Vw00di17Mqe+6apex/pNUxss968Rejzm2YrON1VKFX3P9mRrZ05AxJ7mazlha9wp
JOVvOpqPVjCjGVQis0SeKIBo0pZ37AVt5c6+CcwSpoOQtrtuudufszAU4ErT8Nf9
lCQ5PJPNlI7ZIcYbVF1PBAe7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUcHgbC3Xb
3suafDw4timU17GgzKIwHwYDVR0jBBgwFoAUspEQIVRHIYPPUNKub6MOG940K/Qw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCMDk1L0FBQkVCNTZBMUE1
MzExRUVBNDYwODgxNEM0RjlBRTAyL3NwRVFJVlJISVlQUFVOS3ViNk1PRzk0MEtf
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvc3BFUUlWUkhJWVBQVU5LdWI2TU9HOTQwS19RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QjA5NS9BQUJFQjU2QTFBNTMxMUVFQTQ2MDg4MTRDNEY5QUUwMi83OUMzNUM2ODc4
MTMxMUVFQTBCMTZEMEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdClTANBgkqhkiG9w0BAQsFAAOCAQEAhWNU2KMxCw4SGtMD
DrSu1ItqdFtCMwHgdswpXiRSD5DJO0VFQvHKsAqSANOqwcX/uSEVro1Xn+3f1FIQ
wzak62SMr6AUmUfNcjHm38qjBlmcM4hpH4RCkk1Ma/patqTN18Owr3to5PyhZAub
/niwQ914dJJOCcMEE54NEVVKBl3bscH0HxNfsNSMM57fh3djnFUC3dzLumcRxpCr
G9JRUNovpAS+IeDLk1a/jEWfuamviOMgdT4VDRfygXiEqPLwCaT1ClS78idiAB7o
bKAY8igcrMS1Fovl/ecXFknTJktUCE9EDoQD8bjin5uz2XCyiKatTD1t6wgk8ZX+
tBmGWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org