Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/B0BD2030900011EB9F44FD46C4F9AE02.roa
File: B0BD2030900011EB9F44FD46C4F9AE02.roa (raw, json)
Hash identifier: jWhpnmhfql9vWcyda8yxSHzCcNLOhfOXG4609CCXTxg=
Subject key identifier: 28:5D:D6:AA:20:48:25:8A:42:5D:30:90:03:5F:D0:52:15:92:C3:82
Certificate issuer: /CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Certificate serial: 0D29
Authority key identifier: 0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/B0BD2030900011EB9F44FD46C4F9AE02.roa
Signing time: Tue 08 Nov 2022 19:05:31 +0000
ROA not before: Tue 08 Nov 2022 19:05:31 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 136030
IP address blocks: 103.130.156.0/24 maxlen: 24
103.130.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3369 (0xd29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F
Validity
Not Before: Nov 8 19:05:31 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=636aa87b-fb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:16:8e:a1:f4:f8:f4:52:17:26:2f:69:01:
ce:56:c7:36:11:ae:bc:fe:af:bb:74:00:08:06:8e:
b9:1b:6d:77:7d:dd:ae:e6:ca:15:d7:78:a4:02:d8:
9c:e8:6d:36:c8:ad:59:5f:19:eb:8f:12:f8:79:9b:
26:b3:94:3d:3c:4b:72:3d:4d:e2:d9:14:88:61:7f:
6e:9f:bb:3c:a5:48:85:3c:56:f8:c4:61:69:fa:8e:
d9:db:10:b6:3a:5d:8c:f2:a7:0f:cf:fd:f1:7f:8e:
ba:bf:00:8d:2d:ed:cb:58:c6:76:4e:1b:54:3c:47:
51:d3:8a:df:4d:62:84:fe:dd:7e:6d:f5:3d:dd:3b:
cb:6e:45:4d:2d:ac:89:bb:be:d4:7e:fa:af:36:ac:
a4:30:01:34:48:cb:cd:8d:c4:32:f1:81:27:ec:73:
3a:44:64:70:24:d8:fc:55:d1:7b:d2:b5:42:b4:e5:
0f:1f:c1:ca:cb:21:be:b5:4d:1b:29:1e:20:40:6a:
77:42:e2:14:b9:3b:26:a6:87:bd:21:21:f2:4a:a9:
61:e8:d1:f4:82:52:eb:74:3b:5e:1f:89:85:19:77:
ed:b1:32:03:45:04:0f:53:e6:3a:37:2a:79:be:6b:
f6:68:e5:e8:68:f2:94:2d:9e:e5:55:20:2b:4b:1c:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5D:D6:AA:20:48:25:8A:42:5D:30:90:03:5F:D0:52:15:92:C3:82
X509v3 Authority Key Identifier:
keyid:0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/B0BD2030900011EB9F44FD46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.156.0/24
103.130.159.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:50:e0:1e:7c:72:6a:30:d1:d0:59:3c:98:63:46:0c:0e:84:
67:a9:1f:de:aa:90:b0:22:c7:85:8d:4b:94:8b:1a:10:bf:42:
7a:f9:78:97:5d:f9:e5:e3:39:7e:52:53:63:b5:8e:4c:e7:7d:
f5:da:61:d0:19:53:50:4e:a5:06:14:91:33:56:0d:c7:c0:70:
9f:0b:42:35:df:81:66:e6:80:7a:78:fa:a0:08:8e:fa:d6:5a:
e0:c3:73:87:ca:4b:4a:ef:d9:cf:d7:50:ad:35:08:8f:8c:a2:
ca:15:86:13:69:e7:77:05:d7:97:b8:d5:45:a2:a1:cf:4e:f0:
2e:42:d7:94:d0:e9:a9:1d:09:20:92:7e:c1:83:2d:3a:a6:04:
04:c2:22:41:44:ee:6e:bb:c0:9a:68:40:52:e3:84:4e:e8:f0:
5d:b6:50:ee:74:e0:d7:49:b5:e9:24:ff:b4:4b:86:81:17:26:
b8:bc:99:c7:1d:40:3e:53:5e:e2:43:1b:70:91:fe:27:da:2f:
7e:56:0d:90:ac:76:1c:78:fa:31:f4:92:a1:63:54:06:b9:65:
af:19:dc:33:a0:51:90:e1:80:46:01:28:ab:70:9a:26:5e:33:
80:29:f6:0e:dd:08:54:c0:02:19:b5:15:e6:30:2e:ef:39:5c:
ba:dd:42:4f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkZFOUYxMTAvBgNVBAUTKDBCMDk1MjM2MjM0RTY5MzVCQUEzNDFFMzIzNUEzREI0
NzNBQ0M2N0YwHhcNMjIxMTA4MTkwNTMxWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhYTg3Yi1mYjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAydwWjqH0+PRSFyYvaQHOVsc2Ea68/q+7dAAIBo65G213fd2u5soV13ikAtic
6G02yK1ZXxnrjxL4eZsms5Q9PEtyPU3i2RSIYX9un7s8pUiFPFb4xGFp+o7Z2xC2
Ol2M8qcPz/3xf466vwCNLe3LWMZ2ThtUPEdR04rfTWKE/t1+bfU93TvLbkVNLayJ
u77UfvqvNqykMAE0SMvNjcQy8YEn7HM6RGRwJNj8VdF70rVCtOUPH8HKyyG+tU0b
KR4gQGp3QuIUuTsmpoe9ISHySqlh6NH0glLrdDteH4mFGXftsTIDRQQPU+Y6Nyp5
vmv2aOXoaPKULZ7lVSArSxycLwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFChd1qog
SCWKQl0wkANf0FIVksOCMB8GA1UdIwQYMBaAFAsJUjYjTmk1uqNB4yNaPbRzrMZ/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkU5Ri84QkUwNjNFMDdC
MTYxMUU5OTk0OUFDNTFDNEY5QUUwMi9Dd2xTTmlOT2FUVzZvMEhqSTFvOXRIT3N4
bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N3bFNOaU5PYVRXNm8wSGpJMW85dEhPc3huOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkZFOUYvOEJFMDYzRTA3QjE2MTFFOTk5NDlBQzUxQzRGOUFFMDIvQjBCRDIwMzA5
MDAwMTFFQjlGNDRGRDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABngpwDBABngp8wDQYJKoZIhvcNAQELBQADggEBANFQ4B58
cmow0dBZPJhjRgwOhGepH96qkLAix4WNS5SLGhC/Qnr5eJdd+eXjOX5SU2O1jkzn
ffXaYdAZU1BOpQYUkTNWDcfAcJ8LQjXfgWbmgHp4+qAIjvrWWuDDc4fKS0rv2c/X
UK01CI+MosoVhhNp53cF15e41UWioc9O8C5C15TQ6akdCSCSfsGDLTqmBATCIkFE
7m67wJpoQFLjhE7o8F22UO504NdJtekk/7RLhoEXJri8mccdQD5TXuJDG3CR/ifa
L35WDZCsdhx4+jH0kqFjVAa5Za8Z3DOgUZDhgEYBKKtwmiZeM4Ap9g7dCFTAAhm1
FeYwLu85XLrdQk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org