Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/36A2C2F4E19511EC8AD57C6CC4F9AE02.roa
File: 36A2C2F4E19511EC8AD57C6CC4F9AE02.roa (raw, json)
Hash identifier: YhRJA5X8bbpVRGbVbkgA/Q64vsEs/l4n55lsDEO8lDQ=
Subject key identifier: 95:4E:40:6A:91:3D:A6:AE:41:E4:5C:66:C5:6B:B6:8D:12:98:1E:28
Certificate issuer: /CN=A91415AA/serialNumber=16C01D9CA0FFBEFAE0BB010E5144507AEA410D03
Certificate serial: 0626
Authority key identifier: 16:C0:1D:9C:A0:FF:BE:FA:E0:BB:01:0E:51:44:50:7A:EA:41:0D:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FsAdnKD_vvrguwEOUURQeupBDQM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/36A2C2F4E19511EC8AD57C6CC4F9AE02.roa
Signing time: Mon 29 Aug 2022 09:37:44 +0000
ROA not before: Mon 29 Aug 2022 09:37:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139025
IP address blocks: 103.138.155.0/24 maxlen: 24
103.160.158.0/24 maxlen: 24
2001:df2:c080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1574 (0x626)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91415AA/serialNumber=16C01D9CA0FFBEFAE0BB010E5144507AEA410D03
Validity
Not Before: Aug 29 09:37:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=630c88e8-c450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f8:7c:64:d8:9a:0f:27:56:1a:5c:56:a8:e8:
cf:b5:4b:fc:b9:07:3a:ef:b1:fa:bf:c3:38:76:38:
94:50:0b:28:7b:4e:9a:62:19:d7:31:13:90:84:ab:
e3:17:5a:80:c1:9f:d3:89:97:e6:69:1d:93:f1:85:
6e:75:05:ee:f2:a5:68:55:86:2f:20:89:50:de:2f:
74:9e:00:d9:6e:dc:5b:b3:29:a2:8c:32:f0:ed:97:
23:7d:9c:f3:2c:ad:3c:26:49:cb:8c:65:86:d0:8a:
ed:22:d6:ee:ef:2f:28:7b:0c:36:36:11:e3:f7:6a:
c1:3e:39:5d:8f:33:f8:59:e4:ef:ef:51:6b:62:08:
3b:81:c0:28:06:f0:01:18:87:a6:45:23:47:93:a8:
fe:26:a7:c1:10:4a:1b:f2:0f:6c:67:a4:b6:8e:6f:
a5:78:6f:37:7a:40:5f:ce:db:b4:81:d7:13:aa:ab:
b1:ce:00:0e:af:30:bb:61:d8:1b:36:60:6d:7e:47:
83:eb:e4:79:e0:4d:29:07:ce:89:9f:ca:86:da:66:
b3:66:59:1a:51:32:24:19:3c:4b:fe:07:12:a1:2a:
9c:d4:8f:c4:bb:69:62:cf:23:73:20:9e:cb:8d:77:
a8:7a:17:5f:51:3d:b3:36:0a:d5:39:8a:4e:21:01:
61:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4E:40:6A:91:3D:A6:AE:41:E4:5C:66:C5:6B:B6:8D:12:98:1E:28
X509v3 Authority Key Identifier:
keyid:16:C0:1D:9C:A0:FF:BE:FA:E0:BB:01:0E:51:44:50:7A:EA:41:0D:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/FsAdnKD_vvrguwEOUURQeupBDQM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FsAdnKD_vvrguwEOUURQeupBDQM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/36A2C2F4E19511EC8AD57C6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.155.0/24
103.160.158.0/24
IPv6:
2001:df2:c080::/48
Signature Algorithm: sha256WithRSAEncryption
a0:01:7f:df:39:d8:63:89:9d:4f:e5:1a:ca:d9:a4:4b:82:72:
5f:04:d4:2b:fc:d5:5d:56:dc:2b:a3:e1:f2:98:34:74:07:dd:
b4:65:a8:a2:fc:cb:80:cf:a3:fe:9d:c2:f8:fb:b8:a8:6c:26:
37:b7:81:b4:5a:1b:1b:22:56:c7:7e:66:7f:b6:68:cc:47:db:
db:86:df:68:d1:cc:85:b9:ba:8a:69:3f:52:ab:24:98:e1:45:
f1:27:a3:ec:83:70:96:45:5d:1a:25:02:ad:8a:56:e7:9e:ae:
2c:46:f3:6f:06:fe:a3:dc:67:27:f8:70:de:19:39:3b:36:5c:
1c:23:86:4f:31:a2:c3:9b:f9:bb:27:91:72:8f:86:d4:fa:2d:
72:d8:c9:8c:7d:4e:1c:37:b2:fb:27:1c:2b:18:8c:66:10:9e:
ab:e7:0e:40:77:1e:cc:28:6a:08:e0:bb:4b:34:16:6c:be:6a:
ee:60:e3:3e:38:4a:d0:19:15:bb:06:aa:e8:01:43:cd:e6:e7:
36:a9:0f:13:a7:0e:3a:80:90:e8:cf:a3:f7:fd:91:19:54:bc:
74:da:df:7a:a7:d7:bb:8e:37:39:b4:20:4b:e1:cc:58:ef:73:
30:c0:da:3d:fb:9c:ba:c0:60:69:f1:2a:e2:25:51:84:15:81:
c5:b1:af:0f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDE1QUExMTAvBgNVBAUTKDE2QzAxRDlDQTBGRkJFRkFFMEJCMDEwRTUxNDQ1MDdB
RUE0MTBEMDMwHhcNMjIwODI5MDkzNzQ0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBjODhlOC1jNDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyPh8ZNiaDydWGlxWqOjPtUv8uQc677H6v8M4djiUUAsoe06aYhnXMROQhKvj
F1qAwZ/TiZfmaR2T8YVudQXu8qVoVYYvIIlQ3i90ngDZbtxbsymijDLw7ZcjfZzz
LK08JknLjGWG0IrtItbu7y8oeww2NhHj92rBPjldjzP4WeTv71FrYgg7gcAoBvAB
GIemRSNHk6j+JqfBEEob8g9sZ6S2jm+leG83ekBfztu0gdcTqquxzgAOrzC7Ydgb
NmBtfkeD6+R54E0pB86Jn8qG2mazZlkaUTIkGTxL/gcSoSqc1I/Eu2lizyNzIJ7L
jXeoehdfUT2zNgrVOYpOIQFhGQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFJVOQGqR
PaauQeRcZsVrto0SmB4oMB8GA1UdIwQYMBaAFBbAHZyg/7764LsBDlFEUHrqQQ0D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTVBQS8zRUZBMjQxNDYy
RTAxMUVBQTZENTlBMkNDNEY5QUUwMi9Gc0FkbktEX3Z2cmd1d0VPVVVSUWV1cEJE
UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZzQWRuS0RfdnZyZ3V3RU9VVVJRZXVwQkRRTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDE1QUEvM0VGQTI0MTQ2MkUwMTFFQUE2RDU5QTJDQzRGOUFFMDIvMzZBMkMyRjRF
MTk1MTFFQzhBRDU3QzZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnipsDBABnoJ4wDwQCAAIwCQMHACABDfLAgDANBgkqhkiG
9w0BAQsFAAOCAQEAoAF/3znYY4mdT+UaytmkS4JyXwTUK/zVXVbcK6Ph8pg0dAfd
tGWoovzLgM+j/p3C+Pu4qGwmN7eBtFobGyJWx35mf7ZozEfb24bfaNHMhbm6imk/
UqskmOFF8Sej7INwlkVdGiUCrYpW556uLEbzbwb+o9xnJ/hw3hk5OzZcHCOGTzGi
w5v5uyeRco+G1PotctjJjH1OHDey+yccKxiMZhCeq+cOQHcezChqCOC7SzQWbL5q
7mDjPjhK0BkVuwaq6AFDzebnNqkPE6cOOoCQ6M+j9/2RGVS8dNrfeqfXu443ObQg
S+HMWO9zMMDaPfucusBgafEq4iVRhBWBxbGvDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org