Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B64D271E4C6111EEAD04465AC4F9AE02.roa
File: B64D271E4C6111EEAD04465AC4F9AE02.roa (raw, json)
Hash identifier: oAGWqDTU557LmYAadKSLX1fhlG1zRA51Q3bpOVloUJo=
Subject key identifier: EE:C8:0A:C9:E5:CD:A9:C5:1A:58:22:42:60:64:2E:AA:09:4C:B3:60
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3E07
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B64D271E4C6111EEAD04465AC4F9AE02.roa
Signing time: Wed 06 Sep 2023 03:01:45 +0000
ROA not before: Wed 06 Sep 2023 03:01:45 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 150881
IP address blocks: 103.23.88.0/23 maxlen: 23
2401:2ce0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15879 (0x3e07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 6 03:01:45 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=64f7eb99-44c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:02:15:67:bf:2f:52:85:d1:43:88:7b:f1:b3:
17:f2:f6:e9:25:5c:58:90:68:79:44:f3:62:f0:33:
66:06:76:6a:2e:7f:87:b1:0e:a2:2c:0e:80:1a:df:
c6:71:5a:8a:42:5d:18:1c:79:41:ae:15:a7:53:40:
f3:ca:f9:cd:21:76:21:ef:f6:0c:37:db:d9:d8:58:
ec:99:be:99:4f:c2:35:7b:6d:e1:ac:65:7a:0f:0f:
9a:e3:51:9e:d9:80:59:c1:7b:2f:6a:e7:04:c4:ec:
27:be:8a:f8:96:71:84:47:c6:60:f2:8a:fd:98:5c:
9e:05:86:92:6c:ca:71:d0:34:bd:9c:23:e4:39:e2:
3b:85:19:2e:f9:b3:51:ec:1c:c7:83:b4:de:28:e3:
ca:18:09:3b:7c:d5:9a:f2:aa:0d:0a:3d:db:72:f3:
78:1b:f3:ce:5a:fe:5d:66:9e:15:f0:c3:6b:38:f4:
bf:b4:2b:eb:e4:c0:63:6d:f4:cb:14:a9:f0:a1:8b:
8b:d9:57:22:02:77:c7:4a:cf:53:ed:86:f0:e6:48:
24:ad:c9:68:f7:32:fa:e0:19:bd:cb:60:76:9f:49:
7a:6a:f7:d5:29:6a:48:ce:37:f2:25:87:20:9c:b1:
10:43:cd:19:fe:7f:aa:d2:4e:61:6c:ba:2e:78:20:
3a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C8:0A:C9:E5:CD:A9:C5:1A:58:22:42:60:64:2E:AA:09:4C:B3:60
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B64D271E4C6111EEAD04465AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.88.0/23
IPv6:
2401:2ce0::/32
Signature Algorithm: sha256WithRSAEncryption
b8:e0:a8:f5:e5:c4:11:0c:c8:75:3a:36:50:25:cf:d6:95:a3:
db:68:a8:e7:d0:8f:6d:1d:0c:a3:77:ba:f3:0e:77:66:d9:05:
c8:f3:ee:67:c4:fe:0b:38:6b:c2:08:3c:ff:5f:a3:a7:88:61:
d5:39:76:67:d2:cf:a4:e4:cf:10:68:b6:41:77:dd:0f:67:6d:
7e:50:b6:73:6c:01:22:be:59:56:e6:84:15:dc:93:bf:3c:ce:
10:56:15:11:d8:44:cf:5b:c7:f2:2e:01:31:da:1e:14:fa:27:
85:b1:58:39:c7:77:61:ad:8d:45:21:ad:3f:54:23:03:c3:80:
63:a3:19:dd:37:fc:5b:90:70:9f:95:90:27:5a:77:ae:aa:64:
55:fa:3c:1f:7f:ad:73:61:76:51:d8:8d:a4:59:3d:ca:ad:5e:
e1:93:7c:2f:c8:5b:a9:b7:bc:44:e4:39:32:4f:c2:03:ff:1c:
8a:ca:8b:8c:c7:44:05:1c:de:21:a6:07:81:55:fc:93:2f:52:
79:08:ef:29:9c:ea:67:9e:30:fb:f7:8d:5f:c7:cd:9f:cf:61:
e5:35:3d:c4:4a:7e:9d:13:8c:ad:0f:cf:89:c0:81:01:77:f7:
44:97:36:99:7c:11:34:b4:5b:4a:05:64:85:bb:97:65:42:49:
94:e7:13:90
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICPgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwOTA2MDMwMTQ1WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY3ZWI5OS00NGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlgIVZ78vUoXRQ4h78bMX8vbpJVxYkGh5RPNi8DNmBnZqLn+HsQ6iLA6AGt/G
cVqKQl0YHHlBrhWnU0DzyvnNIXYh7/YMN9vZ2Fjsmb6ZT8I1e23hrGV6Dw+a41Ge
2YBZwXsvaucExOwnvor4lnGER8Zg8or9mFyeBYaSbMpx0DS9nCPkOeI7hRku+bNR
7BzHg7TeKOPKGAk7fNWa8qoNCj3bcvN4G/POWv5dZp4V8MNrOPS/tCvr5MBjbfTL
FKnwoYuL2VciAnfHSs9T7Ybw5kgkrclo9zL64Bm9y2B2n0l6avfVKWpIzjfyJYcg
nLEQQ80Z/n+q0k5hbLoueCA66QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFO7ICsnl
zanFGlgiQmBkLqoJTLNgMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQjY0RDI3MUU0
QzYxMTFFRUFEMDQ0NjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnF1gwDQQCAAIwBwMFACQBLOAwDQYJKoZIhvcNAQELBQAD
ggEBALjgqPXlxBEMyHU6NlAlz9aVo9toqOfQj20dDKN3uvMOd2bZBcjz7mfE/gs4
a8IIPP9fo6eIYdU5dmfSz6TkzxBotkF33Q9nbX5QtnNsASK+WVbmhBXck788zhBW
FRHYRM9bx/IuATHaHhT6J4WxWDnHd2GtjUUhrT9UIwPDgGOjGd03/FuQcJ+VkCda
d66qZFX6PB9/rXNhdlHYjaRZPcqtXuGTfC/IW6m3vETkOTJPwgP/HIrKi4zHRAUc
3iGmB4FV/JMvUnkI7ymc6meeMPv3jV/HzZ/PYeU1PcRKfp0TjK0Pz4nAgQF390SX
Npl8ETS0W0oFZIW7l2VCSZTnE5A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org