Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918B443/92426F86420A11EC94C4F15AC4F9AE02/D91BC5E894F211ECB617C54CC4F9AE02.roa
File: D91BC5E894F211ECB617C54CC4F9AE02.roa (raw, json)
Hash identifier: 5xwS+wdz6haa5scwZbzRMfoDF4DYevzQ+57vBEIbQyU=
Subject key identifier: A6:26:6C:DF:CB:EA:DE:E5:44:29:D2:3E:08:A1:0E:E4:25:A5:6A:36
Certificate issuer: /CN=A918B443/serialNumber=07AA73A7ED67411891BD8F727261951C41C716DE
Certificate serial: 0330
Authority key identifier: 07:AA:73:A7:ED:67:41:18:91:BD:8F:72:72:61:95:1C:41:C7:16:DE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6pzp-1nQRiRvY9ycmGVHEHHFt4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918B443/92426F86420A11EC94C4F15AC4F9AE02/D91BC5E894F211ECB617C54CC4F9AE02.roa
Signing time: Sat 03 Jun 2023 23:41:31 +0000
ROA not before: Sat 03 Jun 2023 23:41:31 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 149280
IP address blocks: 103.174.194.0/24 maxlen: 24
103.174.195.0/24 maxlen: 24
2001:df7:d380::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 816 (0x330)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918B443/serialNumber=07AA73A7ED67411891BD8F727261951C41C716DE
Validity
Not Before: Jun 3 23:41:31 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=647bcfab-e4af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:61:5a:1a:b8:36:4d:e3:46:a2:f6:12:d8:ae:
1f:fc:98:dd:41:8c:e3:59:24:ef:93:d7:53:0d:74:
37:b2:e0:6d:64:62:23:13:bf:17:d8:ad:84:e8:e0:
59:9b:a9:9b:42:e5:c1:8c:b4:15:d1:5f:5a:31:67:
a6:74:02:ab:e7:e5:11:48:e6:70:b1:2e:34:e8:81:
68:e7:da:17:dd:4e:03:f5:c9:8a:ec:c9:f9:5e:8f:
24:b8:b5:21:b4:7a:c5:ca:a9:63:2e:d5:7b:f3:cc:
16:01:f1:51:40:e8:b4:36:96:a2:21:43:73:64:92:
36:44:9e:10:7a:84:4b:d5:4c:dd:6b:19:7c:40:a9:
24:68:34:2c:a1:a3:2b:d8:c1:06:30:33:6e:b3:53:
d9:8c:46:26:f2:e2:7b:da:19:1e:fb:10:af:19:1e:
08:c8:97:4c:0f:22:33:e0:59:5d:16:48:7d:c4:da:
ad:17:68:e7:16:83:5b:1a:f5:ac:56:a8:6f:de:66:
96:67:14:a5:26:e0:5c:ab:a1:45:e7:9d:16:7b:c2:
e8:f0:98:8e:3a:d3:a3:0b:00:62:88:fe:67:ce:d7:
47:90:06:c5:17:ba:68:71:00:36:53:a5:9a:89:b4:
ad:01:26:73:d8:50:3c:60:f8:25:3a:c6:2d:f9:51:
6f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:26:6C:DF:CB:EA:DE:E5:44:29:D2:3E:08:A1:0E:E4:25:A5:6A:36
X509v3 Authority Key Identifier:
keyid:07:AA:73:A7:ED:67:41:18:91:BD:8F:72:72:61:95:1C:41:C7:16:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918B443/92426F86420A11EC94C4F15AC4F9AE02/B6pzp-1nQRiRvY9ycmGVHEHHFt4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6pzp-1nQRiRvY9ycmGVHEHHFt4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B443/92426F86420A11EC94C4F15AC4F9AE02/D91BC5E894F211ECB617C54CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.194.0/23
IPv6:
2001:df7:d380::/48
Signature Algorithm: sha256WithRSAEncryption
4c:f7:75:f7:e0:e4:c5:6c:a0:62:4b:4f:6b:d0:78:e8:e5:e1:
f4:bc:84:2a:27:4b:58:1d:7c:2d:75:73:b9:37:f0:79:77:14:
a2:be:1d:86:0e:8e:b4:1b:ff:cd:4c:44:a6:8f:d0:b1:c0:f8:
d3:80:e6:b7:c6:0f:3d:2f:04:44:3c:b5:dd:0d:ba:bc:e8:3a:
fc:ea:fc:0d:d7:e9:19:7b:fe:5e:00:97:c6:6e:bc:5c:87:cf:
28:bf:da:7b:b0:e3:4d:a1:75:2b:67:07:3f:80:10:e4:b5:65:
99:6d:0c:69:ad:c0:e2:31:be:44:04:7c:a4:57:fc:13:e8:d5:
b4:1c:c7:62:08:b2:3e:9f:97:da:ab:17:28:4e:3f:ab:0d:65:
2e:a4:81:eb:a9:d6:cc:84:a0:38:9a:55:00:16:46:9b:4b:38:
cb:e4:d7:4f:b7:b8:b6:14:87:4a:12:39:91:2c:21:a6:13:10:
6e:97:cc:89:3d:ac:c7:3b:53:9a:6e:7a:e5:ac:54:d3:b2:ab:
d4:10:ef:e9:89:68:d7:c6:1d:35:99:5d:7f:0a:55:83:0a:4d:
c8:8a:a0:50:d1:eb:76:92:36:d2:71:95:5e:d2:1d:09:28:85:
49:e1:ed:17:13:7e:4f:16:3c:92:12:c5:a1:d4:ad:6c:9d:fc:
56:fc:4b:9f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEI0NDMxMTAvBgNVBAUTKDA3QUE3M0E3RUQ2NzQxMTg5MUJEOEY3MjcyNjE5NTFD
NDFDNzE2REUwHhcNMjMwNjAzMjM0MTMxWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdiY2ZhYi1lNGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA42FaGrg2TeNGovYS2K4f/JjdQYzjWSTvk9dTDXQ3suBtZGIjE78X2K2E6OBZ
m6mbQuXBjLQV0V9aMWemdAKr5+URSOZwsS406IFo59oX3U4D9cmK7Mn5Xo8kuLUh
tHrFyqljLtV788wWAfFRQOi0NpaiIUNzZJI2RJ4QeoRL1Uzdaxl8QKkkaDQsoaMr
2MEGMDNus1PZjEYm8uJ72hke+xCvGR4IyJdMDyIz4FldFkh9xNqtF2jnFoNbGvWs
Vqhv3maWZxSlJuBcq6FF550We8Lo8JiOOtOjCwBiiP5nztdHkAbFF7pocQA2U6Wa
ibStASZz2FA8YPglOsYt+VFvSwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKYmbN/L
6t7lRCnSPgihDuQlpWo2MB8GA1UdIwQYMBaAFAeqc6ftZ0EYkb2PcnJhlRxBxxbe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjQ0My85MjQyNkY4NjQy
MEExMUVDOTRDNEYxNUFDNEY5QUUwMi9CNnB6cC0xblFSaVJ2WTl5Y21HVkhFSEhG
dDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I2cHpwLTFuUVJpUnZZOXljbUdWSEVISEZ0NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEI0NDMvOTI0MjZGODY0MjBBMTFFQzk0QzRGMTVBQzRGOUFFMDIvRDkxQkM1RTg5
NEYyMTFFQ0I2MTdDNTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnrsIwDwQCAAIwCQMHACABDffTgDANBgkqhkiG9w0BAQsF
AAOCAQEATPd19+DkxWygYktPa9B46OXh9LyEKidLWB18LXVzuTfweXcUor4dhg6O
tBv/zUxEpo/QscD404Dmt8YPPS8ERDy13Q26vOg6/Or8DdfpGXv+XgCXxm68XIfP
KL/ae7DjTaF1K2cHP4AQ5LVlmW0Maa3A4jG+RAR8pFf8E+jVtBzHYgiyPp+X2qsX
KE4/qw1lLqSB66nWzISgOJpVABZGm0s4y+TXT7e4thSHShI5kSwhphMQbpfMiT2s
xztTmm565axU07Kr1BDv6Ylo18YdNZldfwpVgwpNyIqgUNHrdpI20nGVXtIdCSiF
SeHtFxN+TxY8khLFodStbJ38VvxLnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org