Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/694CB238AA6211EC858C5627C4F9AE02.roa
File: 694CB238AA6211EC858C5627C4F9AE02.roa (raw, json)
Hash identifier: VzTAP+qdFp+E3/dVga4JL+tay0KgFG6NmkQtazocTDQ=
Subject key identifier: 5A:55:BE:F0:40:A1:2B:5E:86:3C:8E:A6:44:9F:C4:05:E4:FD:3A:E6
Certificate issuer: /CN=A91AEB80/serialNumber=6F23F27F090BEF4531802072E1DACF210D9D423C
Certificate serial: 78
Authority key identifier: 6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/694CB238AA6211EC858C5627C4F9AE02.roa
Signing time: Wed 23 Mar 2022 04:33:39 +0000
ROA not before: Wed 23 Mar 2022 04:33:39 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 149475
IP address blocks: 103.180.108.0/23 maxlen: 23
103.180.109.0/24 maxlen: 24
2001:df0:59c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB80/serialNumber=6F23F27F090BEF4531802072E1DACF210D9D423C
Validity
Not Before: Mar 23 04:33:39 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=623aa323-9e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:8f:d6:4b:2f:77:94:55:d9:f5:14:a1:6b:
b9:53:e1:27:ea:f5:2a:63:16:f8:ce:2e:b3:1c:7d:
f0:db:91:21:85:e4:b1:b7:14:a0:02:61:7c:17:7a:
75:4c:88:65:12:32:28:54:66:fd:bb:ad:2b:66:bd:
03:84:c6:fa:d8:35:29:63:36:eb:f4:ac:9a:30:d3:
33:ac:98:bd:e4:d6:20:c3:3b:ea:c8:79:3a:eb:c9:
de:32:1a:56:67:05:fa:85:08:f0:18:b1:b4:49:8f:
ea:66:ae:3f:cf:0c:14:18:84:fc:e6:3d:2a:7e:73:
cf:93:49:af:43:2f:44:9b:3f:63:10:2d:85:49:a6:
56:16:aa:26:74:cc:2f:64:16:d5:7d:9f:f3:84:69:
66:29:e8:b6:e1:9f:f7:8a:88:b8:84:0e:89:8d:17:
ca:20:6d:94:2c:65:60:0d:a7:5d:48:89:21:40:34:
c9:14:e4:50:69:77:ca:5b:9d:8b:cf:f9:17:d0:2e:
74:bc:98:2a:4d:e1:14:29:f9:e1:fc:54:40:fd:a9:
e2:12:fe:b0:35:ec:d7:12:bc:a9:59:78:a1:1e:70:
fa:57:31:5b:77:39:be:33:18:cb:f0:44:2c:aa:82:
5f:ad:71:bc:db:1f:ff:06:73:75:dd:5b:ed:a2:2c:
f8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:55:BE:F0:40:A1:2B:5E:86:3C:8E:A6:44:9F:C4:05:E4:FD:3A:E6
X509v3 Authority Key Identifier:
keyid:6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/byPyfwkL70UxgCBy4drPIQ2dQjw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/694CB238AA6211EC858C5627C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.108.0/23
IPv6:
2001:df0:59c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:7e:21:1b:1f:50:6b:4a:ad:b3:ad:c4:1c:79:81:d2:eb:fc:
3e:d8:ce:c7:d0:9e:75:8f:3b:d7:07:54:eb:cd:3c:45:64:6a:
a3:62:bb:fd:ca:46:50:d3:62:bb:4c:29:e6:61:e1:39:ad:96:
0c:e8:7c:46:a1:83:3a:fa:80:bd:f5:30:9a:81:8a:2c:e4:97:
14:ad:df:92:57:fb:af:4a:72:41:6e:96:7b:ec:7d:eb:39:73:
01:03:75:42:b7:41:b6:5c:15:e5:bb:53:b0:16:d3:f1:06:78:
57:c0:ce:bf:34:21:c0:dd:b8:1b:b5:0a:7f:e5:57:b0:29:eb:
f2:5e:00:bf:d0:79:3f:ea:5d:f9:c8:0b:12:75:b0:ea:76:81:
79:f1:6c:01:ab:5a:1e:87:68:bf:83:e1:2a:0f:97:c1:94:3b:
f5:46:27:fb:a6:af:ae:cc:43:42:7a:8a:b5:50:81:ce:65:3a:
a9:5d:ee:13:23:37:67:f3:d8:36:e8:34:c1:a4:1e:02:db:1e:
ef:7a:84:f3:a6:10:b0:9c:f3:a1:eb:ae:7c:11:81:24:95:0a:
b3:0d:65:6f:c6:67:a3:ff:f7:45:21:44:b0:35:c1:fb:d9:76:
8c:cb:3c:80:50:b9:c0:fb:38:b6:71:19:dd:07:d5:c7:d0:b2:
d8:e6:bf:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RUI4MDExMC8GA1UEBRMoNkYyM0YyN0YwOTBCRUY0NTMxODAyMDcyRTFEQUNGMjEw
RDlENDIzQzAeFw0yMjAzMjMwNDMzMzlaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyM2FhMzIzLTllMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+Vo/WSy93lFXZ9RSha7lT4Sfq9SpjFvjOLrMcffDbkSGF5LG3FKACYXwXenVM
iGUSMihUZv27rStmvQOExvrYNSljNuv0rJow0zOsmL3k1iDDO+rIeTrryd4yGlZn
BfqFCPAYsbRJj+pmrj/PDBQYhPzmPSp+c8+TSa9DL0SbP2MQLYVJplYWqiZ0zC9k
FtV9n/OEaWYp6Lbhn/eKiLiEDomNF8ogbZQsZWANp11IiSFANMkU5FBpd8pbnYvP
+RfQLnS8mCpN4RQp+eH8VED9qeIS/rA17NcSvKlZeKEecPpXMVt3Ob4zGMvwRCyq
gl+tcbzbH/8Gc3XdW+2iLPjNAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUWlW+8ECh
K16GPI6mRJ/EBeT9OuYwHwYDVR0jBBgwFoAUbyPyfwkL70UxgCBy4drPIQ2dQjww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFFQjgwLzc3NjJGQzVBN0U2
QzExRUM4NzNENjc4M0M0RjlBRTAyL2J5UHlmd2tMNzBVeGdDQnk0ZHJQSVEyZFFq
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYnlQeWZ3a0w3MFV4Z0NCeTRkclBJUTJkUWp3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RUI4MC83NzYyRkM1QTdFNkMxMUVDODczRDY3ODNDNEY5QUUwMi82OTRDQjIzOEFB
NjIxMUVDODU4QzU2MjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe0bDAPBAIAAjAJAwcAIAEN8FnAMA0GCSqGSIb3DQEBCwUA
A4IBAQCWfiEbH1BrSq2zrcQceYHS6/w+2M7H0J51jzvXB1TrzTxFZGqjYrv9ykZQ
02K7TCnmYeE5rZYM6HxGoYM6+oC99TCagYos5JcUrd+SV/uvSnJBbpZ77H3rOXMB
A3VCt0G2XBXlu1OwFtPxBnhXwM6/NCHA3bgbtQp/5VewKevyXgC/0Hk/6l35yAsS
dbDqdoF58WwBq1oeh2i/g+EqD5fBlDv1Rif7pq+uzENCeoq1UIHOZTqpXe4TIzdn
89g26DTBpB4C2x7veoTzphCwnPOh6658EYEklQqzDWVvxmej//dFIUSwNcH72XaM
yzyAULnA+zi2cRndB9XH0LLY5r9X
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org