Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/09380682B69011ED9564956CC4F9AE02.roa
File: 09380682B69011ED9564956CC4F9AE02.roa (raw, json)
Hash identifier: J6BWaOs0HATfhuBREsRcZlwEQYlNvvnPDfLgindCBoc=
Subject key identifier: 19:79:FA:97:85:56:EE:1F:00:6C:5F:26:22:90:76:F8:81:87:16:6A
Certificate issuer: /CN=A91613AB/serialNumber=3901AF4A93FEFAAEB879CC9F5994E4E7F01AF838
Certificate serial: 3C
Authority key identifier: 39:01:AF:4A:93:FE:FA:AE:B8:79:CC:9F:59:94:E4:E7:F0:1A:F8:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OQGvSpP--q64ecyfWZTk5_Aa-Dg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/09380682B69011ED9564956CC4F9AE02.roa
Signing time: Sat 18 Mar 2023 14:16:20 +0000
ROA not before: Sat 18 Mar 2023 14:16:20 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 147001
IP address blocks: 103.46.184.0/23 maxlen: 24
2400:c620::/32 maxlen: 32
2400:c620:1::/48 maxlen: 48
2400:c620:2::/48 maxlen: 48
2400:c620:3::/48 maxlen: 48
2400:c620:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91613AB/serialNumber=3901AF4A93FEFAAEB879CC9F5994E4E7F01AF838
Validity
Not Before: Mar 18 14:16:20 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6415c7b3-1a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:05:c3:4b:42:91:fa:45:9e:d9:98:8b:fc:75:
60:7f:d2:48:e0:57:cf:84:92:6c:e3:bd:e3:5c:23:
19:52:c2:8b:83:79:e2:74:dd:c5:5f:48:11:32:a6:
a3:c9:92:c0:82:47:52:0f:20:2a:60:91:23:6c:3e:
51:d3:e5:5a:c9:19:1e:50:ee:63:67:a9:5a:23:19:
30:d6:09:d5:c8:19:5f:cd:b6:50:a0:79:c3:a7:47:
51:59:f5:5f:7f:fb:21:2f:56:69:a8:99:99:99:d8:
00:93:a9:45:a6:58:12:5c:06:40:ed:20:2d:3e:c8:
c9:9e:19:ea:78:20:d1:0d:01:5b:40:15:76:eb:02:
1f:0c:9b:a2:1d:ad:ef:87:0a:ef:63:94:aa:ae:e0:
f5:b9:fc:03:63:b3:6b:de:2c:e4:99:f8:ff:ce:ad:
91:79:00:d5:3d:dc:73:4a:6f:db:e5:a4:11:a8:70:
67:bb:06:4a:fc:6b:c2:f5:cb:ce:f9:a0:e4:33:fb:
55:7c:2e:8b:58:15:5e:d6:8a:25:05:16:d4:8e:46:
85:38:01:02:37:bc:e6:77:a6:1e:7f:ee:82:7b:be:
08:a4:fd:95:f1:9c:e6:c9:e3:a6:50:a4:f4:f6:4c:
d9:77:3d:ba:6d:5a:77:4f:59:1f:59:09:15:53:25:
ce:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:79:FA:97:85:56:EE:1F:00:6C:5F:26:22:90:76:F8:81:87:16:6A
X509v3 Authority Key Identifier:
keyid:39:01:AF:4A:93:FE:FA:AE:B8:79:CC:9F:59:94:E4:E7:F0:1A:F8:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/OQGvSpP--q64ecyfWZTk5_Aa-Dg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OQGvSpP--q64ecyfWZTk5_Aa-Dg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/09380682B69011ED9564956CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.46.184.0/23
IPv6:
2400:c620::/32
Signature Algorithm: sha256WithRSAEncryption
73:70:4b:8b:8d:1b:1f:93:4a:dc:84:66:f8:1e:3f:9d:28:98:
4a:64:a1:2f:a3:50:34:72:4d:18:f5:03:72:73:fc:0c:de:2d:
8d:32:6a:06:4a:40:7a:32:9d:0f:64:cd:23:f3:a7:7e:b3:30:
a1:14:70:64:a2:d5:08:aa:4e:26:09:02:54:dc:0c:f9:e2:d3:
df:70:14:56:95:9a:09:6c:a0:bc:7d:7f:82:55:e1:32:3e:b1:
5a:aa:64:77:64:63:24:20:4e:d8:6f:d9:6f:82:62:2a:f7:57:
1a:0a:76:48:2a:12:e4:82:66:ba:4c:3a:47:74:43:ec:98:c8:
73:35:02:cb:f2:fc:94:22:c7:87:71:00:eb:fa:60:3f:7e:32:
7d:d5:43:40:dc:de:e9:a0:e8:86:13:22:a2:93:db:e6:bf:41:
82:06:6c:45:e5:fd:d4:87:ef:77:fb:fa:17:c9:12:25:7d:df:
21:9c:42:70:05:e5:b1:18:2b:8a:1c:37:9e:c8:c5:6d:97:63:
78:22:76:eb:b0:8f:25:e9:9e:03:7e:ba:cc:ec:47:56:dd:82:
41:31:e8:f5:90:5c:d0:6d:49:03:df:05:92:89:5d:ea:0f:fe:
66:00:32:a6:86:64:f7:96:be:af:b6:04:27:c0:4e:70:1f:98:
2f:71:c9:1e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MTNBQjExMC8GA1UEBRMoMzkwMUFGNEE5M0ZFRkFBRUI4NzlDQzlGNTk5NEU0RTdG
MDFBRjgzODAeFw0yMzAzMTgxNDE2MjBaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MTVjN2IzLTFhNGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCaBcNLQpH6RZ7ZmIv8dWB/0kjgV8+EkmzjveNcIxlSwouDeeJ03cVfSBEypqPJ
ksCCR1IPICpgkSNsPlHT5VrJGR5Q7mNnqVojGTDWCdXIGV/NtlCgecOnR1FZ9V9/
+yEvVmmomZmZ2ACTqUWmWBJcBkDtIC0+yMmeGep4INENAVtAFXbrAh8Mm6Idre+H
Cu9jlKqu4PW5/ANjs2veLOSZ+P/OrZF5ANU93HNKb9vlpBGocGe7Bkr8a8L1y875
oOQz+1V8LotYFV7WiiUFFtSORoU4AQI3vOZ3ph5/7oJ7vgik/ZXxnObJ46ZQpPT2
TNl3PbptWndPWR9ZCRVTJc43AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUGXn6l4VW
7h8AbF8mIpB2+IGHFmowHwYDVR0jBBgwFoAUOQGvSpP++q64ecyfWZTk5/Aa+Dgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxM0FCLzlDRjdFQ0RBNkY4
QjExRUQ4RkFFM0MxMUM0RjlBRTAyL09RR3ZTcFAtLXE2NGVjeWZXWlRrNV9BYS1E
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT1FHdlNwUC0tcTY0ZWN5ZldaVGs1X0FhLURnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MTNBQi85Q0Y3RUNEQTZGOEIxMUVEOEZBRTNDMTFDNEY5QUUwMi8wOTM4MDY4MkI2
OTAxMUVEOTU2NDk1NkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWcuuDANBAIAAjAHAwUAJADGIDANBgkqhkiG9w0BAQsFAAOC
AQEAc3BLi40bH5NK3IRm+B4/nSiYSmShL6NQNHJNGPUDcnP8DN4tjTJqBkpAejKd
D2TNI/OnfrMwoRRwZKLVCKpOJgkCVNwM+eLT33AUVpWaCWygvH1/glXhMj6xWqpk
d2RjJCBO2G/Zb4JiKvdXGgp2SCoS5IJmukw6R3RD7JjIczUCy/L8lCLHh3EA6/pg
P34yfdVDQNze6aDohhMiopPb5r9BggZsReX91Ifvd/v6F8kSJX3fIZxCcAXlsRgr
ihw3nsjFbZdjeCJ267CPJemeA366zOxHVt2CQTHo9ZBc0G1JA98Fkold6g/+ZgAy
poZk95a+r7YEJ8BOcB+YL3HJHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org