Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/B7AAFCBCE18C11ECB1697F55C4F9AE02.roa
File: B7AAFCBCE18C11ECB1697F55C4F9AE02.roa (raw, json)
Hash identifier: pftcetk4gYN2oYKIGYTVoZL6eQDa0Swdq+niRfuRNE4=
Subject key identifier: 33:D7:2E:82:99:F9:E0:77:F3:6D:B8:4A:FC:DF:DA:80:2D:71:53:4E
Certificate issuer: /CN=A91580A1/serialNumber=437FF34EE7BC7050C9C84886AA94CE8CF50C24F9
Certificate serial: 0512
Authority key identifier: 43:7F:F3:4E:E7:BC:70:50:C9:C8:48:86:AA:94:CE:8C:F5:0C:24:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q3_zTue8cFDJyEiGqpTOjPUMJPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/B7AAFCBCE18C11ECB1697F55C4F9AE02.roa
Signing time: Wed 01 Jun 2022 21:20:23 +0000
ROA not before: Wed 01 Jun 2022 21:20:23 +0000
ROA not after: Sat 01 Oct 2022 00:00:00 +0000
asID: 140849
IP address blocks: 103.137.6.0/23 maxlen: 23
103.137.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1298 (0x512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91580A1/serialNumber=437FF34EE7BC7050C9C84886AA94CE8CF50C24F9
Validity
Not Before: Jun 1 21:20:23 2022 GMT
Not After : Oct 1 00:00:00 2022 GMT
Subject: CN=6297d817-ede8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d0:87:51:3f:52:1f:bc:aa:6f:3e:5c:f1:de:
c1:b6:9a:81:4d:02:33:f0:c5:d1:23:48:a9:87:33:
a1:2b:02:eb:cd:9a:c8:5b:0b:8b:56:e2:16:79:b5:
0a:55:b4:aa:6c:c3:21:f9:4f:2b:e0:fb:10:d0:89:
a6:9e:a3:49:2c:55:4e:17:45:0d:cf:d2:1d:d2:04:
ea:ff:2b:9f:d4:41:ad:f1:bb:a2:9e:44:48:7f:ae:
11:58:d1:d8:82:48:ec:0c:bc:10:f2:8a:23:2e:fa:
d4:45:a9:24:d3:04:66:47:9f:88:44:16:fb:e5:d4:
6b:92:51:73:99:ea:96:bc:ff:10:55:16:cc:84:2e:
eb:e4:ef:fd:af:7f:63:a9:29:4e:2d:9f:3f:a3:8d:
20:14:13:01:4c:d4:6a:e1:7c:5b:7e:bc:e8:76:26:
e8:06:5d:8d:e2:ec:e8:1e:9d:1d:c1:38:43:63:dd:
0b:de:6d:65:03:73:4e:b7:86:25:ad:68:87:e8:a4:
46:d0:a4:eb:eb:3d:41:8c:81:a8:9d:10:6f:39:5d:
b1:6a:e7:de:e0:e7:dc:ce:76:4b:3d:82:31:58:10:
78:05:f6:1f:8c:b2:ee:00:d5:0a:e4:52:44:3d:24:
9f:50:6e:f7:8f:f4:21:f5:ad:6d:25:e1:fc:af:9a:
ec:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D7:2E:82:99:F9:E0:77:F3:6D:B8:4A:FC:DF:DA:80:2D:71:53:4E
X509v3 Authority Key Identifier:
keyid:43:7F:F3:4E:E7:BC:70:50:C9:C8:48:86:AA:94:CE:8C:F5:0C:24:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/Q3_zTue8cFDJyEiGqpTOjPUMJPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q3_zTue8cFDJyEiGqpTOjPUMJPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91580A1/92560A6A374D11EAA0A3BE55C4F9AE02/B7AAFCBCE18C11ECB1697F55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.6.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:72:f4:68:a1:f2:37:e8:51:c9:68:2a:1c:c8:39:b0:76:72:
68:11:1c:6a:ca:eb:47:07:c0:c9:89:05:78:0d:37:af:c1:9b:
fa:a0:98:1a:fc:6a:a4:a1:94:23:17:10:f7:4c:74:2c:52:55:
6f:b9:02:3a:d3:bc:3b:cd:29:65:fb:71:ac:75:b5:37:c8:96:
f0:a2:3b:e9:27:4c:f7:63:a6:e5:9e:2e:8e:dc:9e:b6:80:e4:
f8:95:7f:56:33:a7:e0:6a:c5:a0:28:40:3d:a8:cc:e4:b7:43:
47:9c:0b:8d:7d:7b:65:32:68:87:87:60:52:0c:9e:83:37:1f:
56:f5:6e:fc:13:f3:b3:97:9c:2b:e4:60:33:14:51:1d:78:17:
d2:73:89:28:db:19:c9:4c:e9:65:4a:1f:f1:f4:8b:98:3d:4f:
ba:51:ed:a3:93:03:bf:e9:df:d0:20:25:75:d8:95:36:b2:3e:
7f:af:db:49:17:a8:aa:d6:d0:7a:8b:9c:b1:e7:78:f7:eb:94:
1b:31:09:e7:8d:61:3c:fa:6b:60:7d:5f:c0:76:86:f6:4d:96:
44:ea:dc:10:90:79:55:99:86:a3:a8:8b:8a:26:31:b6:3c:19:
bb:93:8b:f7:83:77:54:ed:d7:f4:fd:2e:32:2c:42:0f:8e:3e:
49:cf:41:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTgwQTExMTAvBgNVBAUTKDQzN0ZGMzRFRTdCQzcwNTBDOUM4NDg4NkFBOTRDRThD
RjUwQzI0RjkwHhcNMjIwNjAxMjEyMDIzWhcNMjIxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk3ZDgxNy1lZGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA39CHUT9SH7yqbz5c8d7BtpqBTQIz8MXRI0iphzOhKwLrzZrIWwuLVuIWebUK
VbSqbMMh+U8r4PsQ0ImmnqNJLFVOF0UNz9Id0gTq/yuf1EGt8buinkRIf64RWNHY
gkjsDLwQ8oojLvrURakk0wRmR5+IRBb75dRrklFzmeqWvP8QVRbMhC7r5O/9r39j
qSlOLZ8/o40gFBMBTNRq4XxbfrzodiboBl2N4uzoHp0dwThDY90L3m1lA3NOt4Yl
rWiH6KRG0KTr6z1BjIGonRBvOV2xaufe4OfcznZLPYIxWBB4BfYfjLLuANUK5FJE
PSSfUG73j/Qh9a1tJeH8r5rsUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDPXLoKZ
+eB38224Svzf2oAtcVNOMB8GA1UdIwQYMBaAFEN/807nvHBQychIhqqUzoz1DCT5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODBBMS85MjU2MEE2QTM3
NEQxMUVBQTBBM0JFNTVDNEY5QUUwMi9RM196VHVlOGNGREp5RWlHcXBUT2pQVU1K
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1EzX3pUdWU4Y0ZESnlFaUdxcFRPalBVTUpQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTgwQTEvOTI1NjBBNkEzNzREMTFFQUEwQTNCRTU1QzRGOUFFMDIvQjdBQUZDQkNF
MThDMTFFQ0IxNjk3RjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFniQYwDQYJKoZIhvcNAQELBQADggEBAE5y9Gih8jfoUclo
KhzIObB2cmgRHGrK60cHwMmJBXgNN6/Bm/qgmBr8aqShlCMXEPdMdCxSVW+5AjrT
vDvNKWX7cax1tTfIlvCiO+knTPdjpuWeLo7cnraA5PiVf1Yzp+BqxaAoQD2ozOS3
Q0ecC419e2UyaIeHYFIMnoM3H1b1bvwT87OXnCvkYDMUUR14F9JziSjbGclM6WVK
H/H0i5g9T7pR7aOTA7/p39AgJXXYlTayPn+v20kXqKrW0HqLnLHnePfrlBsxCeeN
YTz6a2B9X8B2hvZNlkTq3BCQeVWZhqOoi4omMbY8GbuTi/eDd1Tt1/T9LjIsQg+O
PknPQa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org