Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/E7C7B03AD2C111ED9C19CC32C4F9AE02.roa
File: E7C7B03AD2C111ED9C19CC32C4F9AE02.roa (raw, json)
Hash identifier: 8CrQubSq/CtNMo88fqYnlzhka2FYSKkHnPKs7a8pxLw=
Subject key identifier: 07:34:FC:A4:1E:51:95:96:FD:AC:3B:49:10:46:61:43:39:CD:7F:1B
Certificate issuer: /CN=A9148BFA/serialNumber=157B0BDE0E3CADB294839BC9815655644DB26E91
Certificate serial: 03A0
Authority key identifier: 15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/E7C7B03AD2C111ED9C19CC32C4F9AE02.roa
Signing time: Mon 19 Jun 2023 05:29:38 +0000
ROA not before: Mon 19 Jun 2023 05:29:38 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 38001
IP address blocks: 103.46.141.0/24 maxlen: 24
103.46.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928 (0x3a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148BFA/serialNumber=157B0BDE0E3CADB294839BC9815655644DB26E91
Validity
Not Before: Jun 19 05:29:38 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=648fe7c2-146b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:51:33:e8:07:47:33:b8:f3:a4:62:fa:b8:95:
86:85:2c:e6:08:70:bc:23:69:3c:31:05:34:53:28:
ba:7d:aa:ac:b8:16:c2:73:eb:58:42:4d:20:b1:0b:
da:c7:2d:49:f6:b7:d6:1d:bc:57:1b:b1:45:73:45:
c6:a9:c2:f9:06:b0:22:26:de:e5:0b:70:ca:71:fb:
c7:17:15:c0:7f:05:06:4d:7f:c7:b6:e0:a7:04:d3:
47:bf:54:88:27:4d:2c:65:ef:79:06:6a:80:52:3b:
54:48:65:93:df:a8:00:36:f6:f8:e1:04:d6:a8:77:
35:de:f5:c7:29:2d:05:e1:3f:98:6f:d4:08:f2:a7:
ca:9f:b0:d5:33:cf:4c:11:10:c6:b8:19:df:41:d0:
ef:ce:75:9b:4f:37:5a:65:97:0c:52:68:0a:41:09:
07:cb:2a:44:40:52:76:03:2d:66:a9:8c:b6:18:2c:
1e:d3:de:7a:e5:6d:f7:d2:d7:18:24:9f:25:a0:1f:
58:28:c7:e6:2b:bc:a5:ed:9c:8d:c0:a7:38:8f:00:
00:8c:4d:cd:24:57:86:e3:d2:4f:15:bc:f3:d4:ec:
5b:92:3a:89:8d:1f:0f:34:19:38:6c:02:87:2d:1a:
47:60:54:59:2d:22:b5:5f:34:44:2e:a5:3e:0f:c2:
41:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:34:FC:A4:1E:51:95:96:FD:AC:3B:49:10:46:61:43:39:CD:7F:1B
X509v3 Authority Key Identifier:
keyid:15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/FXsL3g48rbKUg5vJgVZVZE2ybpE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/E7C7B03AD2C111ED9C19CC32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.46.141.0-103.46.142.255
Signature Algorithm: sha256WithRSAEncryption
9c:96:29:e9:7c:8a:bb:b9:5f:93:c7:1c:3a:8d:45:18:97:a1:
f0:65:d8:62:54:e9:7b:2f:fb:fd:55:81:c8:57:a9:97:7c:18:
e4:eb:c1:36:83:39:74:8e:57:b4:c1:9c:37:ed:e7:6c:e6:65:
34:bb:02:df:86:a7:a5:72:41:84:98:25:49:ae:b7:f4:79:d7:
42:e5:5a:f6:09:b1:27:a5:d1:df:b5:53:f2:99:44:73:4e:11:
55:03:9b:88:63:b7:12:64:61:3c:e5:5e:a0:e7:d0:e1:ed:07:
60:43:d1:c8:4c:d2:fe:68:aa:b5:83:42:af:2b:82:45:5c:89:
44:99:cb:63:2a:29:b1:51:47:4a:d2:1e:b1:b1:04:9b:56:cd:
36:35:80:ba:de:4f:3e:5e:cc:b7:57:61:77:a2:28:5f:fe:8e:
0b:24:af:f7:4a:de:24:d6:e3:ce:f1:0b:70:81:91:7c:7c:d3:
93:11:76:b4:d8:3b:3f:42:61:1e:f3:0e:7e:df:c3:e7:c3:5f:
96:a1:e0:b6:e6:eb:35:e0:72:83:75:8c:bd:01:d0:db:6d:aa:
ba:a9:35:85:07:e4:8c:9a:1a:66:c6:32:26:3f:28:d3:95:30:
ff:99:46:18:c7:62:d8:95:ce:68:cd:a3:69:da:21:17:6f:d6:
bd:4c:68:77
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICA6AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhCRkExMTAvBgNVBAUTKDE1N0IwQkRFMEUzQ0FEQjI5NDgzOUJDOTgxNTY1NTY0
NERCMjZFOTEwHhcNMjMwNjE5MDUyOTM4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDhmZTdjMi0xNDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2VEz6AdHM7jzpGL6uJWGhSzmCHC8I2k8MQU0Uyi6faqsuBbCc+tYQk0gsQva
xy1J9rfWHbxXG7FFc0XGqcL5BrAiJt7lC3DKcfvHFxXAfwUGTX/HtuCnBNNHv1SI
J00sZe95BmqAUjtUSGWT36gANvb44QTWqHc13vXHKS0F4T+Yb9QI8qfKn7DVM89M
ERDGuBnfQdDvznWbTzdaZZcMUmgKQQkHyypEQFJ2Ay1mqYy2GCwe09565W330tcY
JJ8loB9YKMfmK7yl7ZyNwKc4jwAAjE3NJFeG49JPFbzz1OxbkjqJjR8PNBk4bAKH
LRpHYFRZLSK1XzRELqU+D8JByQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFAc0/KQe
UZWW/aw7SRBGYUM5zX8bMB8GA1UdIwQYMBaAFBV7C94OPK2ylIObyYFWVWRNsm6R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEJGQS8wNEEyNEMzNDEx
NDMxMUVDOTczNjlGNzNDNEY5QUUwMi9GWHNMM2c0OHJiS1VnNXZKZ1ZaVlpFMnli
cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZYc0wzZzQ4cmJLVWc1dkpnVlpWWkUyeWJwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhCRkEvMDRBMjRDMzQxMTQzMTFFQzk3MzY5RjczQzRGOUFFMDIvRTdDN0IwM0FE
MkMxMTFFRDlDMTlDQzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGcujQMEAGcujjANBgkqhkiG9w0BAQsFAAOCAQEAnJYp
6XyKu7lfk8ccOo1FGJeh8GXYYlTpey/7/VWByFepl3wY5OvBNoM5dI5XtMGcN+3n
bOZlNLsC34anpXJBhJglSa639HnXQuVa9gmxJ6XR37VT8plEc04RVQObiGO3EmRh
POVeoOfQ4e0HYEPRyEzS/miqtYNCryuCRVyJRJnLYyopsVFHStIesbEEm1bNNjWA
ut5PPl7Mt1dhd6IoX/6OCySv90reJNbjzvELcIGRfHzTkxF2tNg7P0JhHvMOft/D
58NflqHgtubrNeByg3WMvQHQ222quqk1hQfkjJoaZsYyJj8o05Uw/5lGGMdi2JXO
aM2jadohF2/WvUxodw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org