Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/3D6E5CE8C82F11ED91939D31C4F9AE02.roa
File: 3D6E5CE8C82F11ED91939D31C4F9AE02.roa (raw, json)
Hash identifier: YzPNUVxhh4V3eFAik8V3QVcGSOJbwZIgpTYq1I/9sD0=
Subject key identifier: 48:79:6E:30:18:06:E5:78:39:88:9D:0B:91:C0:83:17:E9:3D:FB:D2
Certificate issuer: /CN=A91A8CB6/serialNumber=2A877EED52E6222039BFCC38FE70358FBBD27B68
Certificate serial: 08FA
Authority key identifier: 2A:87:7E:ED:52:E6:22:20:39:BF:CC:38:FE:70:35:8F:BB:D2:7B:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kod-7VLmIiA5v8w4_nA1j7vSe2g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/3D6E5CE8C82F11ED91939D31C4F9AE02.roa
Signing time: Fri 31 Mar 2023 22:08:33 +0000
ROA not before: Fri 31 Mar 2023 22:08:33 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 150180
IP address blocks: 103.148.212.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2298 (0x8fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8CB6/serialNumber=2A877EED52E6222039BFCC38FE70358FBBD27B68
Validity
Not Before: Mar 31 22:08:33 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642759e1-a4c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e3:9e:93:bc:d4:6d:77:e7:c0:30:d2:23:15:
5c:c5:d4:41:10:81:7b:f2:60:ad:a2:f6:db:b5:13:
a3:f1:fd:b7:7d:2d:a1:69:0f:a1:06:53:e0:98:54:
19:11:5b:27:32:e0:25:ec:63:31:00:66:67:f4:31:
99:0b:f0:ba:81:b4:8b:65:c6:12:85:fb:e2:a3:1a:
97:b8:c7:d6:65:cd:2f:29:58:13:01:38:0e:17:94:
6d:55:79:85:49:9f:97:fa:6d:1d:92:9f:01:d2:e0:
73:31:30:b9:42:e0:67:6e:39:34:d3:08:02:c4:cd:
5d:4a:5e:0a:03:f5:98:a6:9e:13:26:b3:e8:4d:f4:
2e:ec:d6:18:5c:ec:b4:7e:9d:29:3b:5d:f4:03:b8:
a5:00:56:57:35:df:58:0e:cd:09:1b:3e:9e:77:ef:
52:1b:cc:14:e8:3b:30:1a:88:de:27:17:a2:a6:b7:
5f:9a:55:06:c6:90:99:69:1c:2c:bf:a1:5b:35:18:
8a:b7:8a:6e:cf:49:0e:16:57:9e:34:77:5d:51:53:
89:b7:2c:b6:51:d5:b6:d5:a8:3c:e3:7d:9f:57:73:
d5:b2:18:3a:42:90:f5:d0:80:00:13:1d:e7:23:28:
70:22:99:7c:51:91:b7:dd:f5:b8:4b:7e:20:fd:bd:
20:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:79:6E:30:18:06:E5:78:39:88:9D:0B:91:C0:83:17:E9:3D:FB:D2
X509v3 Authority Key Identifier:
keyid:2A:87:7E:ED:52:E6:22:20:39:BF:CC:38:FE:70:35:8F:BB:D2:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/Kod-7VLmIiA5v8w4_nA1j7vSe2g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kod-7VLmIiA5v8w4_nA1j7vSe2g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8CB6/56A4A6405AE611EA9C88CB82C4F9AE02/3D6E5CE8C82F11ED91939D31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.212.0/23
Signature Algorithm: sha256WithRSAEncryption
81:27:1a:65:5c:81:d8:99:3e:88:85:9a:a0:29:67:b9:0b:d6:
9a:f1:34:4f:15:68:98:24:37:77:d1:56:64:3f:79:01:c2:a6:
ac:01:26:4b:91:3b:33:34:4b:63:6c:e2:57:2b:3a:a0:d6:c5:
0d:05:8e:ef:02:92:91:24:e1:ee:72:f0:ff:a4:9f:59:df:3f:
93:24:aa:af:b6:9f:be:aa:5f:93:d1:75:b8:5c:c3:dc:76:bd:
6a:dc:3f:9d:cc:6c:54:32:d9:9b:c5:3b:18:22:53:6a:de:93:
1d:97:27:05:b4:fc:42:56:e9:c2:fb:78:82:b0:a0:0e:95:82:
ec:b6:b9:6b:be:7f:05:6c:01:99:bb:ef:50:95:53:be:aa:1d:
5f:c4:fc:fd:00:f9:29:18:92:99:2d:62:20:b0:44:ad:8d:7e:
1c:b3:87:72:5f:f9:6a:10:28:fd:1c:bf:06:9b:8f:6d:34:fd:
d0:27:b1:e8:69:ac:74:4d:be:92:5b:fe:91:02:e6:c7:16:48:
62:70:ec:38:0f:8f:7d:5d:70:ae:69:4a:6f:c9:e8:4b:d3:03:
c9:c8:6a:f2:46:f3:1c:c8:a9:a2:14:58:a9:80:df:19:3a:df:
ac:cc:5f:98:ac:32:8c:6f:f5:97:3a:4a:58:23:e3:3b:14:40:
63:b5:79:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThDQjYxMTAvBgNVBAUTKDJBODc3RUVENTJFNjIyMjAzOUJGQ0MzOEZFNzAzNThG
QkJEMjdCNjgwHhcNMjMwMzMxMjIwODMzWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3NTllMS1hNGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsuOek7zUbXfnwDDSIxVcxdRBEIF78mCtovbbtROj8f23fS2haQ+hBlPgmFQZ
EVsnMuAl7GMxAGZn9DGZC/C6gbSLZcYShfvioxqXuMfWZc0vKVgTATgOF5RtVXmF
SZ+X+m0dkp8B0uBzMTC5QuBnbjk00wgCxM1dSl4KA/WYpp4TJrPoTfQu7NYYXOy0
fp0pO130A7ilAFZXNd9YDs0JGz6ed+9SG8wU6DswGojeJxeiprdfmlUGxpCZaRws
v6FbNRiKt4puz0kOFleeNHddUVOJtyy2UdW21ag8432fV3PVshg6QpD10IAAEx3n
IyhwIpl8UZG33fW4S34g/b0g5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFEh5bjAY
BuV4OYidC5HAgxfpPfvSMB8GA1UdIwQYMBaAFCqHfu1S5iIgOb/MOP5wNY+70nto
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOENCNi81NkE0QTY0MDVB
RTYxMUVBOUM4OENCODJDNEY5QUUwMi9Lb2QtN1ZMbUlpQTV2OHc0X25BMWo3dlNl
MmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tvZC03VkxtSWlBNXY4dzRfbkExajd2U2UyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThDQjYvNTZBNEE2NDA1QUU2MTFFQTlDODhDQjgyQzRGOUFFMDIvM0Q2RTVDRThD
ODJGMTFFRDkxOTM5RDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlNQwDQYJKoZIhvcNAQELBQADggEBAIEnGmVcgdiZPoiF
mqApZ7kL1prxNE8VaJgkN3fRVmQ/eQHCpqwBJkuROzM0S2Ns4lcrOqDWxQ0Fju8C
kpEk4e5y8P+kn1nfP5Mkqq+2n76qX5PRdbhcw9x2vWrcP53MbFQy2ZvFOxgiU2re
kx2XJwW0/EJW6cL7eIKwoA6Vguy2uWu+fwVsAZm771CVU76qHV/E/P0A+SkYkpkt
YiCwRK2Nfhyzh3Jf+WoQKP0cvwabj200/dAnsehprHRNvpJb/pEC5scWSGJw7DgP
j31dcK5pSm/J6EvTA8nIavJG8xzIqaIUWKmA3xk636zMX5isMoxv9Zc6Slgj4zsU
QGO1eWw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org