Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/65BA1E1C7E7011EC84E3C158C4F9AE02.roa
File: 65BA1E1C7E7011EC84E3C158C4F9AE02.roa (raw, json)
Hash identifier: 05EhX6sKomkdxckrLnmHpxH4XUTgTjOdpKQuAJ4/gRU=
Subject key identifier: 3B:60:3B:84:54:47:B1:DF:EC:36:98:11:BA:43:02:9C:4B:D4:2F:90
Certificate issuer: /CN=A91AEB80/serialNumber=6F23F27F090BEF4531802072E1DACF210D9D423C
Certificate serial: 02
Authority key identifier: 6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/65BA1E1C7E7011EC84E3C158C4F9AE02.roa
Signing time: Wed 26 Jan 2022 06:22:55 +0000
ROA not before: Wed 26 Jan 2022 06:22:55 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 149475
IP address blocks: 103.180.108.0/23 maxlen: 24
2001:df0:59c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB80/serialNumber=6F23F27F090BEF4531802072E1DACF210D9D423C
Validity
Not Before: Jan 26 06:22:55 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=61f0e8bf-bb4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c6:c5:f2:85:8a:29:e9:25:44:dc:08:a2:b1:
13:4b:10:65:f6:1b:4b:15:2a:a2:f5:ba:9b:8c:2a:
78:32:2a:67:d2:c7:74:86:90:7d:3d:e0:e6:01:85:
7f:12:cb:40:06:3d:9e:cb:91:8e:36:88:eb:77:3a:
f1:70:f1:be:42:29:07:62:22:34:02:66:9d:ab:c2:
9a:6c:00:3f:4b:3d:95:8d:aa:58:1a:fd:fa:07:aa:
61:b0:e7:9a:eb:55:a7:23:fa:9e:e9:2b:32:87:35:
87:ea:1b:cf:b3:9a:23:14:93:08:02:04:64:06:d0:
4f:4f:0b:4c:cf:08:e9:58:cc:59:9c:2e:36:e5:b8:
87:54:78:9b:4b:eb:61:4f:1b:a2:8a:a8:0e:c4:df:
3f:1d:8e:83:05:b5:dc:d0:7d:fe:4f:e1:ab:7a:90:
c9:9c:ae:9a:e4:46:dc:e7:50:4f:c3:94:7a:af:1a:
2c:48:97:28:22:34:61:96:e3:0e:99:6f:98:ac:90:
13:19:3f:aa:53:af:0d:91:c1:ea:ad:69:06:ca:75:
10:86:da:52:7a:b4:9a:3a:56:d8:94:45:d9:05:02:
26:44:49:c9:fe:af:e8:04:c3:7f:3f:d9:16:4a:b8:
4d:ee:85:8b:e3:19:c4:b6:a3:09:b1:d5:49:89:a5:
ef:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:60:3B:84:54:47:B1:DF:EC:36:98:11:BA:43:02:9C:4B:D4:2F:90
X509v3 Authority Key Identifier:
keyid:6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/byPyfwkL70UxgCBy4drPIQ2dQjw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/65BA1E1C7E7011EC84E3C158C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.108.0/23
IPv6:
2001:df0:59c0::/48
Signature Algorithm: sha256WithRSAEncryption
ad:1a:10:72:63:f9:48:02:22:58:80:88:87:ab:df:0e:9f:e2:
03:d8:b6:83:78:a5:70:95:14:f7:6c:4d:14:42:66:f7:65:f1:
7d:2e:19:4a:30:bb:44:11:25:f2:9c:a2:35:26:ac:c5:3a:54:
28:af:01:95:6b:63:2b:da:8f:a5:8d:c3:f8:fd:ea:28:e8:91:
87:90:94:c0:ab:ed:4d:16:c9:0a:20:ca:6a:b3:e2:0b:4a:a2:
34:2f:0a:1e:1b:78:18:71:0e:22:7a:fb:11:46:33:b2:78:a6:
b1:fc:3c:f6:0f:10:d4:9f:18:7c:23:80:11:dd:ba:4b:65:92:
63:2c:d6:56:fd:9a:2d:f2:84:6e:31:bf:2e:50:ca:05:41:2e:
b5:ea:f7:53:9b:b9:4e:51:b3:68:81:1e:5f:ee:14:ce:74:c3:
2e:35:b9:68:a3:49:e5:95:a2:35:6a:42:18:f5:b0:8f:45:79:
70:b8:75:af:e6:c2:bd:a6:05:5e:3e:f5:00:18:93:6a:3e:f4:
15:86:0e:1e:02:a4:cb:61:6f:f2:bb:8a:d8:3d:8e:ef:1c:48:
4f:1b:6a:62:4f:9b:50:af:31:fc:41:3a:fc:91:5e:2b:f3:44:
e5:de:09:89:c9:49:46:d2:5a:c8:1c:7d:32:bb:dd:a6:9b:04:
b3:91:c6:fb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RUI4MDExMC8GA1UEBRMoNkYyM0YyN0YwOTBCRUY0NTMxODAyMDcyRTFEQUNGMjEw
RDlENDIzQzAeFw0yMjAxMjYwNjIyNTVaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxZjBlOGJmLWJiNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPxsXyhYop6SVE3AiisRNLEGX2G0sVKqL1upuMKngyKmfSx3SGkH094OYBhX8S
y0AGPZ7LkY42iOt3OvFw8b5CKQdiIjQCZp2rwppsAD9LPZWNqlga/foHqmGw55rr
Vacj+p7pKzKHNYfqG8+zmiMUkwgCBGQG0E9PC0zPCOlYzFmcLjbluIdUeJtL62FP
G6KKqA7E3z8djoMFtdzQff5P4at6kMmcrprkRtznUE/DlHqvGixIlygiNGGW4w6Z
b5iskBMZP6pTrw2RweqtaQbKdRCG2lJ6tJo6VtiURdkFAiZEScn+r+gEw38/2RZK
uE3uhYvjGcS2owmx1UmJpe9jAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUO2A7hFRH
sd/sNpgRukMCnEvUL5AwHwYDVR0jBBgwFoAUbyPyfwkL70UxgCBy4drPIQ2dQjww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFFQjgwLzc3NjJGQzVBN0U2
QzExRUM4NzNENjc4M0M0RjlBRTAyL2J5UHlmd2tMNzBVeGdDQnk0ZHJQSVEyZFFq
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYnlQeWZ3a0w3MFV4Z0NCeTRkclBJUTJkUWp3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RUI4MC83NzYyRkM1QTdFNkMxMUVDODczRDY3ODNDNEY5QUUwMi82NUJBMUUxQzdF
NzAxMUVDODRFM0MxNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe0bDAPBAIAAjAJAwcAIAEN8FnAMA0GCSqGSIb3DQEBCwUA
A4IBAQCtGhByY/lIAiJYgIiHq98On+ID2LaDeKVwlRT3bE0UQmb3ZfF9LhlKMLtE
ESXynKI1JqzFOlQorwGVa2Mr2o+ljcP4/eoo6JGHkJTAq+1NFskKIMpqs+ILSqI0
LwoeG3gYcQ4ievsRRjOyeKax/Dz2DxDUnxh8I4AR3bpLZZJjLNZW/Zot8oRuMb8u
UMoFQS616vdTm7lOUbNogR5f7hTOdMMuNbloo0nllaI1akIY9bCPRXlwuHWv5sK9
pgVePvUAGJNqPvQVhg4eAqTLYW/yu4rYPY7vHEhPG2piT5tQrzH8QTr8kV4r80Tl
3gmJyUlG0lrIHH0yu92mmwSzkcb7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:04 2023 by rpki-client on console-fra.rpki-client.org