Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9190CC7/034FC61A641511ED98F2E554C4F9AE02/B6BE4DEA641811EDA5B53183C4F9AE02.roa
File: B6BE4DEA641811EDA5B53183C4F9AE02.roa (raw, json)
Hash identifier: gIwsZUKtI2+hA1n0lA3o7Aw0gLP9io3dgdOXYADg+kY=
Subject key identifier: 3E:2C:B3:A9:C1:66:20:1B:90:64:09:01:B2:16:55:56:7A:7A:A8:57
Certificate issuer: /CN=A9190CC7/serialNumber=E7CE19A1785522815DAB63FF66DB6F8903FCF9FA
Certificate serial: 4E
Authority key identifier: E7:CE:19:A1:78:55:22:81:5D:AB:63:FF:66:DB:6F:89:03:FC:F9:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/584ZoXhVIoFdq2P_ZttviQP8-fo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9190CC7/034FC61A641511ED98F2E554C4F9AE02/B6BE4DEA641811EDA5B53183C4F9AE02.roa
Signing time: Thu 06 Apr 2023 09:25:58 +0000
ROA not before: Thu 06 Apr 2023 09:25:58 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 136461
IP address blocks: 103.38.54.0/24 maxlen: 24
103.38.55.0/24 maxlen: 24
2001:df2:3dc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78 (0x4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9190CC7/serialNumber=E7CE19A1785522815DAB63FF66DB6F8903FCF9FA
Validity
Not Before: Apr 6 09:25:58 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=642e9026-0815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a1:e1:17:27:8d:91:81:1a:8d:8c:38:c2:eb:
e4:64:d2:5b:bc:6b:89:63:2b:2e:ce:bc:5e:d3:38:
da:e9:a7:a1:39:30:fe:dd:c5:1b:22:49:f9:e7:a9:
62:79:6d:f6:ea:f0:ac:bc:59:ec:29:de:fe:2d:0c:
ce:8b:44:d0:f7:c9:15:8f:ac:53:d8:6a:3d:60:5e:
8f:b3:00:cc:f5:2f:da:d3:32:e3:4d:be:47:d0:18:
08:22:97:7b:c4:01:4f:be:8a:13:ab:87:09:db:8b:
50:77:10:c9:02:e9:96:56:ac:ba:d6:20:c0:1d:39:
ff:f7:fe:e1:5a:79:74:72:0e:a0:84:73:8b:6c:39:
b1:94:d4:a0:8e:ae:19:38:17:47:ac:de:d6:7c:fa:
59:8b:0d:17:99:e8:dd:60:46:d1:aa:b2:32:48:34:
32:a5:dd:f0:da:63:36:54:c7:16:c5:4b:20:ff:16:
d2:25:71:f5:53:43:b8:c5:8f:ec:01:ae:42:c3:98:
d3:14:df:98:fa:9c:0c:ce:21:02:3a:21:f2:df:d3:
86:b3:d8:75:fa:5f:8c:f7:fa:67:2c:a6:3a:b5:63:
af:62:86:b4:7b:4c:a1:64:e6:dc:b1:f3:49:8f:19:
dd:c2:c7:e9:8d:59:a9:67:08:69:22:54:75:ee:00:
5b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2C:B3:A9:C1:66:20:1B:90:64:09:01:B2:16:55:56:7A:7A:A8:57
X509v3 Authority Key Identifier:
keyid:E7:CE:19:A1:78:55:22:81:5D:AB:63:FF:66:DB:6F:89:03:FC:F9:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9190CC7/034FC61A641511ED98F2E554C4F9AE02/584ZoXhVIoFdq2P_ZttviQP8-fo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/584ZoXhVIoFdq2P_ZttviQP8-fo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9190CC7/034FC61A641511ED98F2E554C4F9AE02/B6BE4DEA641811EDA5B53183C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.54.0/23
IPv6:
2001:df2:3dc0::/48
Signature Algorithm: sha256WithRSAEncryption
40:e0:8e:94:c9:7b:1a:a6:f4:2f:22:4a:d8:d4:66:b1:a3:42:
60:05:09:7f:1a:dd:fe:50:9f:c1:a9:64:bc:0c:83:6b:0d:eb:
95:5e:c9:f7:06:f5:c6:0d:9f:7c:81:08:f0:ea:9a:3b:17:5a:
51:99:e7:e5:94:6a:ae:43:04:9b:09:6c:17:8f:7b:a7:ed:2c:
8c:f6:45:9a:e9:e5:aa:84:bb:af:67:85:4d:e8:3d:2e:56:5b:
60:ef:ce:72:26:83:8a:23:fa:94:6e:f4:47:e1:72:7a:a0:67:
1a:47:e3:3f:7f:2c:34:ec:10:da:2d:6d:4a:cb:4f:b0:6d:01:
39:df:13:fc:a0:cb:a3:78:e1:f5:27:2b:fe:97:d8:cf:fe:73:
39:f1:34:30:53:85:ca:23:0f:8a:1c:44:0f:aa:1a:57:85:e3:
c3:36:bc:51:84:b7:32:5b:10:1a:d2:60:67:ba:6c:74:7f:2c:
01:dd:64:f5:dd:71:4a:e7:f3:cc:e5:30:9e:0e:08:e1:aa:8b:
f2:7b:59:78:9e:5d:18:18:20:31:fd:35:17:8f:84:d7:00:17:
b0:3e:aa:a8:2f:76:47:3d:ff:d7:5d:f6:11:0a:9c:73:31:09:
6f:73:cf:b8:7f:da:a6:bb:d2:33:7d:e9:53:25:0c:bc:e9:f7:
cd:61:bf:b4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBTjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MENDNzExMC8GA1UEBRMoRTdDRTE5QTE3ODU1MjI4MTVEQUI2M0ZGNjZEQjZGODkw
M0ZDRjlGQTAeFw0yMzA0MDYwOTI1NThaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MmU5MDI2LTA4MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4oeEXJ42RgRqNjDjC6+Rk0lu8a4ljKy7OvF7TONrpp6E5MP7dxRsiSfnnqWJ5
bfbq8Ky8Wewp3v4tDM6LRND3yRWPrFPYaj1gXo+zAMz1L9rTMuNNvkfQGAgil3vE
AU++ihOrhwnbi1B3EMkC6ZZWrLrWIMAdOf/3/uFaeXRyDqCEc4tsObGU1KCOrhk4
F0es3tZ8+lmLDReZ6N1gRtGqsjJINDKl3fDaYzZUxxbFSyD/FtIlcfVTQ7jFj+wB
rkLDmNMU35j6nAzOIQI6IfLf04az2HX6X4z3+mcspjq1Y69ihrR7TKFk5tyx80mP
Gd3Cx+mNWalnCGkiVHXuAFvFAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUPiyzqcFm
IBuQZAkBshZVVnp6qFcwHwYDVR0jBBgwFoAU584ZoXhVIoFdq2P/ZttviQP8+fow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkwQ0M3LzAzNEZDNjFBNjQx
NTExRUQ5OEYyRTU1NEM0RjlBRTAyLzU4NFpvWGhWSW9GZHEyUF9adHR2aVFQOC1m
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNTg0Wm9YaFZJb0ZkcTJQX1p0dHZpUVA4LWZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MENDNy8wMzRGQzYxQTY0MTUxMUVEOThGMkU1NTRDNEY5QUUwMi9CNkJFNERFQTY0
MTgxMUVEQTVCNTMxODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcmNjAPBAIAAjAJAwcAIAEN8j3AMA0GCSqGSIb3DQEBCwUA
A4IBAQBA4I6UyXsapvQvIkrY1Gaxo0JgBQl/Gt3+UJ/BqWS8DINrDeuVXsn3BvXG
DZ98gQjw6po7F1pRmefllGquQwSbCWwXj3un7SyM9kWa6eWqhLuvZ4VN6D0uVltg
785yJoOKI/qUbvRH4XJ6oGcaR+M/fyw07BDaLW1Ky0+wbQE53xP8oMujeOH1Jyv+
l9jP/nM58TQwU4XKIw+KHEQPqhpXhePDNrxRhLcyWxAa0mBnumx0fywB3WT13XFK
5/PM5TCeDgjhqovye1l4nl0YGCAx/TUXj4TXABewPqqoL3ZHPf/XXfYRCpxzMQlv
c8+4f9qmu9IzfelTJQy86ffNYb+0
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org