Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/380CD588A1BA11EB9779E659C4F9AE02.roa
File: 380CD588A1BA11EB9779E659C4F9AE02.roa (raw, json)
Hash identifier: xYbHSea5Q2psTuoPsLvtyF5G5tY6nCmOUfSUKiPA36g=
Subject key identifier: 99:9C:73:BF:FC:E3:3D:9B:D9:80:D2:D1:83:01:25:A8:6C:0E:A6:27
Certificate issuer: /CN=A91409DC/serialNumber=14A6CABC302EC1E3DCE74DE98BF558A042BEAC56
Certificate serial: 045C
Authority key identifier: 14:A6:CA:BC:30:2E:C1:E3:DC:E7:4D:E9:8B:F5:58:A0:42:BE:AC:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FKbKvDAuwePc503pi_VYoEK-rFY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/380CD588A1BA11EB9779E659C4F9AE02.roa
Signing time: Mon 31 Jan 2022 08:26:15 +0000
ROA not before: Mon 31 Jan 2022 08:26:15 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 138917
IP address blocks: 103.137.40.0/24 maxlen: 24
103.143.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1116 (0x45c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91409DC/serialNumber=14A6CABC302EC1E3DCE74DE98BF558A042BEAC56
Validity
Not Before: Jan 31 08:26:15 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61f79d27-97f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bd:9e:dd:76:53:22:a7:83:e7:07:15:e6:d9:
81:08:ad:e3:bc:78:fa:24:3d:43:a1:b4:4a:3a:85:
ea:6c:5b:8b:d9:66:cd:97:11:fe:be:0b:c2:9f:c3:
91:07:a8:dc:66:cd:f8:65:bf:a6:6b:9c:8b:05:0e:
6c:6b:20:90:98:e6:60:fe:46:b1:ef:33:34:cb:56:
bf:0f:0b:23:33:a8:fc:ba:3a:5c:fd:2e:9f:14:36:
cc:37:4c:5b:89:e8:e2:90:6f:3a:cb:57:5e:69:77:
be:80:2b:ed:5a:9a:57:7a:3c:a4:a7:3c:55:9b:c7:
39:7a:98:3e:26:30:b4:d8:20:bb:6d:79:cb:ac:89:
16:a4:42:06:c9:6d:cd:75:2f:2a:88:79:e2:17:47:
79:85:3f:db:d6:ee:c1:26:5d:1e:c5:99:dc:83:09:
c3:56:d2:6a:43:39:0f:89:a0:e1:73:bc:ec:69:ff:
17:ef:9c:e3:05:56:40:f1:35:61:b0:58:ea:b9:63:
ef:d1:c0:3d:a4:08:cd:09:08:cb:05:5a:29:0e:fa:
15:0d:74:3a:5c:8f:ab:d7:47:74:cf:1d:1f:a3:a7:
c1:94:22:f1:3d:cd:57:0a:26:e4:6f:8e:e2:4a:90:
aa:10:84:b7:ce:8c:b6:f1:96:03:b5:b8:62:5c:4a:
8a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9C:73:BF:FC:E3:3D:9B:D9:80:D2:D1:83:01:25:A8:6C:0E:A6:27
X509v3 Authority Key Identifier:
keyid:14:A6:CA:BC:30:2E:C1:E3:DC:E7:4D:E9:8B:F5:58:A0:42:BE:AC:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/FKbKvDAuwePc503pi_VYoEK-rFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FKbKvDAuwePc503pi_VYoEK-rFY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/380CD588A1BA11EB9779E659C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.40.0/24
103.143.148.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:20:6e:bb:23:72:18:06:0c:c2:b3:35:0a:2f:86:e8:dd:a5:
0d:4b:6a:6b:55:da:f9:58:be:a3:c3:87:3b:6b:15:5d:17:b1:
b4:60:1e:c7:a6:01:02:c1:8c:c5:f6:68:88:87:4f:17:fc:3d:
c2:88:de:e3:1b:d9:f8:38:c7:e0:83:c2:7e:bf:d4:23:95:3d:
a7:33:18:52:b8:49:c0:31:ff:af:ca:9e:f3:a7:a6:1e:da:50:
54:89:4e:93:68:bc:ab:24:37:dd:e4:bc:9d:49:81:40:6f:03:
63:06:47:d4:20:cc:37:a8:c4:d9:53:21:75:30:0d:f6:3d:e6:
c0:08:ef:4d:8b:8b:fb:41:61:dc:09:09:6f:4f:bf:dc:ab:d5:
3f:19:01:e1:07:1d:79:48:71:6f:03:2b:86:2f:b2:4a:9c:a9:
ab:b3:5f:b8:cf:5f:81:ba:a7:15:53:14:1b:b1:12:16:60:a6:
f2:24:91:52:f4:67:6d:f1:2a:bf:92:ec:1b:40:1d:6e:3d:f9:
33:4f:19:93:3e:bf:a4:dd:44:32:16:1f:2e:86:b5:de:9c:5c:
9b:35:a1:61:4d:f9:95:d6:c6:95:7a:1e:84:07:87:a7:25:2e:
45:3e:c9:9a:f6:d9:e8:3d:9b:34:87:b4:e4:bf:bb:f2:29:73:
8f:29:a4:ac
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA5REMxMTAvBgNVBAUTKDE0QTZDQUJDMzAyRUMxRTNEQ0U3NERFOThCRjU1OEEw
NDJCRUFDNTYwHhcNMjIwMTMxMDgyNjE1WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY3OWQyNy05N2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoL2e3XZTIqeD5wcV5tmBCK3jvHj6JD1DobRKOoXqbFuL2WbNlxH+vgvCn8OR
B6jcZs34Zb+ma5yLBQ5sayCQmOZg/kax7zM0y1a/DwsjM6j8ujpc/S6fFDbMN0xb
iejikG86y1deaXe+gCvtWppXejykpzxVm8c5epg+JjC02CC7bXnLrIkWpEIGyW3N
dS8qiHniF0d5hT/b1u7BJl0exZncgwnDVtJqQzkPiaDhc7zsaf8X75zjBVZA8TVh
sFjquWPv0cA9pAjNCQjLBVopDvoVDXQ6XI+r10d0zx0fo6fBlCLxPc1XCibkb47i
SpCqEIS3zoy28ZYDtbhiXEqKJQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJmcc7/8
4z2b2YDS0YMBJahsDqYnMB8GA1UdIwQYMBaAFBSmyrwwLsHj3OdN6Yv1WKBCvqxW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDlEQy9BNUJCRkFBNjA5
MzUxMUVBQUIxMEM5MUZDNEY5QUUwMi9GS2JLdkRBdXdlUGM1MDNwaV9WWW9FSy1y
RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZLYkt2REF1d2VQYzUwM3BpX1ZZb0VLLXJGWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA5REMvQTVCQkZBQTYwOTM1MTFFQUFCMTBDOTFGQzRGOUFFMDIvMzgwQ0Q1ODhB
MUJBMTFFQjk3NzlFNjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABniSgDBABnj5QwDQYJKoZIhvcNAQELBQADggEBAH4gbrsj
chgGDMKzNQovhujdpQ1LamtV2vlYvqPDhztrFV0XsbRgHsemAQLBjMX2aIiHTxf8
PcKI3uMb2fg4x+CDwn6/1COVPaczGFK4ScAx/6/KnvOnph7aUFSJTpNovKskN93k
vJ1JgUBvA2MGR9QgzDeoxNlTIXUwDfY95sAI702Li/tBYdwJCW9Pv9yr1T8ZAeEH
HXlIcW8DK4YvskqcqauzX7jPX4G6pxVTFBuxEhZgpvIkkVL0Z23xKr+S7BtAHW49
+TNPGZM+v6TdRDIWHy6Gtd6cXJs1oWFN+ZXWxpV6HoQHh6clLkU+yZr22eg9mzSH
tOS/u/Ipc48ppKw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org