Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C7856C92149611EE8BA4ED0FC4F9AE02.roa
File: C7856C92149611EE8BA4ED0FC4F9AE02.roa (raw, json)
Hash identifier: vLE/JHZEqLT1K9BZteGqK/Ivm13fldgKuLm0BS00Chw=
Subject key identifier: C2:73:76:E2:41:30:6A:45:A6:E5:40:40:A7:F3:24:51:42:E9:7C:7D
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3D68
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C7856C92149611EE8BA4ED0FC4F9AE02.roa
Signing time: Sat 22 Jul 2023 14:14:10 +0000
ROA not before: Sat 22 Jul 2023 14:14:10 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 150698
IP address blocks: 103.90.228.0/22 maxlen: 22
103.164.36.0/23 maxlen: 23
103.169.172.0/23 maxlen: 23
103.170.246.0/23 maxlen: 23
103.236.174.0/24 maxlen: 24
103.236.175.0/24 maxlen: 24
2001:df6:fc80::/48 maxlen: 48
2401:1620::/48 maxlen: 48
2407:34c0::/48 maxlen: 48
2407:bb40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15720 (0x3d68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Jul 22 14:14:10 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=64bbe432-3add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:88:ee:1b:83:ce:e2:d1:33:ae:14:b5:29:b5:
df:34:c7:d3:5b:7f:fd:f7:ca:b4:14:e5:bc:31:11:
7d:1b:32:9d:43:3c:d0:da:89:85:0e:48:6a:6a:19:
cd:63:20:a0:43:47:f1:43:33:5f:41:68:4f:14:54:
55:8c:76:cd:8e:cd:31:c0:31:c0:e1:79:b9:e6:bb:
67:50:57:4b:0b:ae:30:81:ff:be:06:20:12:5b:41:
e5:0c:cc:e0:07:85:b6:44:b0:99:4b:bc:85:3c:bf:
12:b4:bc:92:8f:95:34:e6:b0:17:7b:57:c8:e8:a6:
94:40:0a:a5:13:87:53:0d:e0:19:ad:e3:da:90:e8:
07:27:da:f9:df:4e:c3:7b:02:09:84:42:9d:34:9d:
71:49:2b:5b:7b:e6:4e:4b:59:b6:8f:2f:c3:e4:b9:
30:9f:86:2c:53:b5:96:be:9a:9c:bd:93:7d:1a:d4:
74:a4:85:e0:eb:e2:08:41:1c:61:ed:df:aa:b0:43:
fc:52:7f:a3:43:a6:9c:40:46:b2:76:4c:d0:57:39:
df:2e:b1:72:b8:74:b3:23:04:9a:ec:54:97:7d:e7:
ec:19:f1:b2:4b:50:98:eb:27:ca:8a:45:bc:96:dd:
66:54:cd:ff:26:f0:81:15:73:a3:6a:ba:1f:40:de:
11:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:73:76:E2:41:30:6A:45:A6:E5:40:40:A7:F3:24:51:42:E9:7C:7D
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C7856C92149611EE8BA4ED0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.90.228.0/22
103.164.36.0/23
103.169.172.0/23
103.170.246.0/23
103.236.174.0/23
IPv6:
2001:df6:fc80::/48
2401:1620::/48
2407:34c0::/48
2407:bb40::/48
Signature Algorithm: sha256WithRSAEncryption
1e:d2:83:e9:6b:f9:a9:66:da:1d:8a:4a:82:48:c3:d8:29:90:
42:33:63:e6:fa:c7:0f:5b:2e:93:59:98:77:11:e6:88:88:6c:
c9:47:d6:d0:8d:95:5b:46:1f:42:fc:08:4a:f8:fe:1f:c0:af:
ec:c2:8e:d8:eb:04:09:55:0e:10:5c:83:48:1d:ec:85:37:47:
61:46:8f:a4:60:59:99:48:e0:49:45:1f:38:d2:e3:77:c1:e6:
03:8d:6e:b1:c3:b1:6d:fd:f3:5f:ba:b8:e2:6c:63:57:3d:62:
95:f6:a8:a3:d5:96:2d:43:43:e0:cf:57:b4:54:2a:ba:97:6f:
a0:be:7a:e5:bf:74:25:0e:1c:8c:7c:7b:1c:56:34:13:5b:3b:
37:4b:a1:d5:de:f2:55:e1:e0:7e:bc:8c:c9:85:c8:ae:96:4b:
e9:92:88:c5:fe:11:79:ab:7d:50:50:47:e5:57:b1:ac:01:53:
3e:55:fa:90:e5:a1:de:93:3e:32:10:cb:41:9f:c3:67:67:23:
6d:d6:81:98:1c:ea:33:a2:8b:98:69:5d:d0:db:8b:4d:f3:d4:
43:17:b2:9b:68:33:bb:ce:80:e1:49:15:53:1a:23:8c:6e:92:
12:e5:1e:7c:91:48:d8:d3:f3:7f:e5:08:94:d1:1f:58:80:41:
98:e2:8b:9a
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICPWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwNzIyMTQxNDEwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGJiZTQzMi0zYWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtojuG4PO4tEzrhS1KbXfNMfTW3/998q0FOW8MRF9GzKdQzzQ2omFDkhqahnN
YyCgQ0fxQzNfQWhPFFRVjHbNjs0xwDHA4Xm55rtnUFdLC64wgf++BiASW0HlDMzg
B4W2RLCZS7yFPL8StLySj5U05rAXe1fI6KaUQAqlE4dTDeAZrePakOgHJ9r5307D
ewIJhEKdNJ1xSStbe+ZOS1m2jy/D5Lkwn4YsU7WWvpqcvZN9GtR0pIXg6+IIQRxh
7d+qsEP8Un+jQ6acQEaydkzQVznfLrFyuHSzIwSa7FSXfefsGfGyS1CY6yfKikW8
lt1mVM3/JvCBFXOjarofQN4RnQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFMJzduJB
MGpFpuVAQKfzJFFC6Xx9MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQzc4NTZDOTIx
NDk2MTFFRThCQTRFRDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMCQEAgABMB4DBAJnWuQDBAFnpCQDBAFnqawDBAFnqvYDBAFn7K4wKgQCAAIw
JAMHACABDfb8gAMHACQBFiAAAAMHACQHNMAAAAMHACQHu0AAADANBgkqhkiG9w0B
AQsFAAOCAQEAHtKD6Wv5qWbaHYpKgkjD2CmQQjNj5vrHD1suk1mYdxHmiIhsyUfW
0I2VW0YfQvwISvj+H8Cv7MKO2OsECVUOEFyDSB3shTdHYUaPpGBZmUjgSUUfONLj
d8HmA41uscOxbf3zX7q44mxjVz1ilfaoo9WWLUND4M9XtFQqupdvoL565b90JQ4c
jHx7HFY0E1s7N0uh1d7yVeHgfryMyYXIrpZL6ZKIxf4Reat9UFBH5VexrAFTPlX6
kOWh3pM+MhDLQZ/DZ2cjbdaBmBzqM6KLmGld0NuLTfPUQxeym2gzu86A4UkVUxoj
jG6SEuUefJFI2NPzf+UIlNEfWIBBmOKLmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org