Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FDDC57023DB211EEB71EFD3DC4F9AE02.roa
File: FDDC57023DB211EEB71EFD3DC4F9AE02.roa (raw, json)
Hash identifier: 9nOO2HuHSzBSV2De1C3q7FFcvSKA80CF4vRJ/Gw16jI=
Subject key identifier: 39:6F:34:EE:02:F1:5B:D3:D4:66:51:E1:85:02:DB:EE:61:57:1C:3A
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3DD3
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FDDC57023DB211EEB71EFD3DC4F9AE02.roa
Signing time: Fri 18 Aug 2023 10:35:47 +0000
ROA not before: Fri 18 Aug 2023 10:35:47 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 150868
IP address blocks: 103.245.238.0/23 maxlen: 23
2401:1ea0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15827 (0x3dd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 18 10:35:47 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=64df4983-17a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:13:d4:94:14:33:f8:e0:6d:7d:1b:e5:53:
cb:74:ec:15:79:bc:b2:92:49:fc:a3:7c:00:9d:0c:
b2:04:cb:bd:01:66:18:42:d6:01:05:2c:39:31:6f:
fb:0b:9e:a2:e7:48:25:6d:ce:7d:3e:66:c4:72:e3:
55:6d:a0:57:58:a5:35:77:c4:9a:bf:dc:c1:49:df:
84:2b:ba:79:ff:81:b6:ef:83:53:0a:91:98:76:8b:
44:6d:b8:ef:b1:89:47:98:44:60:55:c1:3e:fe:3a:
fa:6f:fd:f2:b2:9b:fa:46:96:cd:a6:b1:5a:78:15:
e0:05:f1:9a:a0:e0:64:aa:53:82:6b:af:87:f4:51:
0a:f5:a9:b4:dc:93:e4:6a:61:eb:f5:fe:84:35:04:
7c:6a:d0:ab:e1:e7:cf:31:20:6a:3b:dc:b7:2d:04:
e3:95:ba:36:7b:b8:38:76:8f:23:29:b6:d4:5d:33:
eb:e0:84:ae:a2:37:39:97:b3:fb:17:ad:87:49:ec:
d7:32:31:14:9e:cd:20:57:86:af:53:29:06:38:f5:
ad:72:6b:4c:88:c7:c9:51:44:4a:cb:84:58:b5:f4:
3e:80:e9:a2:c9:f6:ba:d0:e5:f2:e9:fd:33:a4:74:
44:ec:27:e5:54:06:39:db:14:1f:ca:9a:be:1a:2f:
6b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6F:34:EE:02:F1:5B:D3:D4:66:51:E1:85:02:DB:EE:61:57:1C:3A
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FDDC57023DB211EEB71EFD3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.245.238.0/23
IPv6:
2401:1ea0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:7c:72:59:4e:04:97:fa:ac:20:64:b5:03:0f:c1:1b:f8:d8:
6d:55:81:7a:0c:cc:4e:c5:0e:53:a5:16:e6:c9:a3:b2:4e:26:
33:82:ee:e5:eb:15:14:b9:a9:ad:14:49:58:a7:49:74:bc:e8:
10:4c:2a:eb:f9:9f:f0:1b:78:b6:d4:de:ae:40:26:6f:3a:91:
be:7d:31:10:0a:bf:07:c1:6a:02:c0:38:2d:dc:7f:60:d2:09:
51:e1:50:0d:5c:13:7d:50:d2:2b:5f:5d:f3:17:9b:b4:fb:74:
78:44:be:77:c5:b0:b4:0a:4e:d8:4a:83:0f:ac:4a:54:af:2c:
f1:d0:e5:b9:f1:3f:84:57:cb:85:e0:d8:99:82:5f:ac:b4:30:
6a:15:00:f4:98:5e:b7:89:94:b1:81:c1:c7:3a:ed:a3:16:97:
2c:aa:58:7d:bf:c6:ac:89:f7:91:43:04:9b:50:5c:65:61:ac:
1c:ea:dc:3f:c5:e3:43:a6:6d:ea:e9:e0:10:c6:07:1b:2f:5f:
29:e6:be:58:c8:1b:0a:cd:bc:03:52:dc:8f:52:7f:24:30:26:
bd:c7:1f:77:ae:6c:9e:1a:74:0c:90:98:94:3b:59:9c:b0:a5:
dc:c9:9e:30:12:7f:df:cb:fd:b3:73:55:c7:b4:4e:e2:da:80:
ff:f8:8a:c3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICPdMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwODE4MTAzNTQ3WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRmNDk4My0xN2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl7kT1JQUM/jgbX0b5VPLdOwVebyykkn8o3wAnQyyBMu9AWYYQtYBBSw5MW/7
C56i50glbc59PmbEcuNVbaBXWKU1d8Sav9zBSd+EK7p5/4G274NTCpGYdotEbbjv
sYlHmERgVcE+/jr6b/3yspv6RpbNprFaeBXgBfGaoOBkqlOCa6+H9FEK9am03JPk
amHr9f6ENQR8atCr4efPMSBqO9y3LQTjlbo2e7g4do8jKbbUXTPr4ISuojc5l7P7
F62HSezXMjEUns0gV4avUykGOPWtcmtMiMfJUURKy4RYtfQ+gOmiyfa60OXy6f0z
pHRE7CflVAY52xQfypq+Gi9rCQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDlvNO4C
8VvT1GZR4YUC2+5hVxw6MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRkREQzU3MDIz
REIyMTFFRUI3MUVGRDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn9e4wDwQCAAIwCQMHACQBHqAAADANBgkqhkiG9w0BAQsF
AAOCAQEADXxyWU4El/qsIGS1Aw/BG/jYbVWBegzMTsUOU6UW5smjsk4mM4Lu5esV
FLmprRRJWKdJdLzoEEwq6/mf8Bt4ttTerkAmbzqRvn0xEAq/B8FqAsA4Ldx/YNIJ
UeFQDVwTfVDSK19d8xebtPt0eES+d8WwtApO2EqDD6xKVK8s8dDlufE/hFfLheDY
mYJfrLQwahUA9Jhet4mUsYHBxzrtoxaXLKpYfb/GrIn3kUMEm1BcZWGsHOrcP8Xj
Q6Zt6ungEMYHGy9fKea+WMgbCs28A1Lcj1J/JDAmvccfd65snhp0DJCYlDtZnLCl
3MmeMBJ/38v9s3NVx7RO4tqA//iKww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org