Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/6A4706D4AA6211EC858C5627C4F9AE02.roa
File: 6A4706D4AA6211EC858C5627C4F9AE02.roa (raw, json)
Hash identifier: WHPmJUIa7xe7JjfWFAV3I5/FCNNyUbhYjGQ+4j075KE=
Subject key identifier: 7B:F6:55:C7:99:DB:24:84:38:B7:32:12:06:AA:04:CC:3E:C4:6D:2F
Certificate issuer: /CN=A91AEB80/serialNumber=6F23F27F090BEF4531802072E1DACF210D9D423C
Certificate serial: 79
Authority key identifier: 6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/6A4706D4AA6211EC858C5627C4F9AE02.roa
Signing time: Wed 23 Mar 2022 04:33:41 +0000
ROA not before: Wed 23 Mar 2022 04:33:41 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 211843
IP address blocks: 103.180.108.0/23 maxlen: 23
103.180.109.0/24 maxlen: 24
2001:df0:59c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121 (0x79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB80/serialNumber=6F23F27F090BEF4531802072E1DACF210D9D423C
Validity
Not Before: Mar 23 04:33:41 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=623aa325-3685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:31:5e:57:05:20:aa:44:31:ca:15:35:ad:6b:
8c:01:c8:12:de:b7:97:8f:b2:0e:cd:7d:d5:c6:a9:
90:0b:2c:75:fa:ac:04:09:11:94:3c:1b:d7:0d:de:
c3:e9:d1:43:7a:fe:56:22:2b:4e:43:c8:0e:1a:5d:
cc:ae:0c:1d:fc:a7:17:75:d3:58:f8:56:b7:1b:01:
5a:9b:ad:3f:b8:29:aa:cd:13:8a:73:b3:b4:da:7f:
02:a2:e3:5d:53:bd:c5:6e:e7:8e:7a:91:c4:ba:ad:
42:aa:e8:0d:84:3e:45:c3:67:43:a4:7d:6b:b6:ed:
e8:4b:02:25:c7:f1:44:e0:f9:91:20:3f:98:55:37:
85:55:c3:4f:80:d9:87:39:d1:a1:5d:76:8e:d6:fd:
f6:4c:73:39:50:93:e4:32:73:17:2f:26:3a:f0:b8:
cb:d7:93:fb:ca:48:b8:96:26:93:c3:b0:ee:21:64:
15:fb:0d:e5:4f:eb:9c:3f:c0:cd:7b:d5:fa:55:0d:
54:66:91:52:92:a5:e0:a4:93:3a:0d:d1:f2:5e:a6:
fb:b7:d4:c2:5c:9c:ba:00:cb:18:4c:b5:36:08:93:
31:f9:dd:8c:4f:fb:c0:59:4f:00:b8:6c:69:7a:f3:
95:42:8b:71:e8:62:cd:5f:30:e7:8f:73:e8:0a:75:
5d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F6:55:C7:99:DB:24:84:38:B7:32:12:06:AA:04:CC:3E:C4:6D:2F
X509v3 Authority Key Identifier:
keyid:6F:23:F2:7F:09:0B:EF:45:31:80:20:72:E1:DA:CF:21:0D:9D:42:3C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/byPyfwkL70UxgCBy4drPIQ2dQjw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byPyfwkL70UxgCBy4drPIQ2dQjw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB80/7762FC5A7E6C11EC873D6783C4F9AE02/6A4706D4AA6211EC858C5627C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.108.0/23
IPv6:
2001:df0:59c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:21:0d:38:fb:a6:25:b1:d1:da:2a:3a:7c:de:9a:d8:e3:ee:
75:bf:3e:d9:5a:d3:5d:a6:06:35:66:3a:f7:93:30:d6:23:a8:
48:5b:19:6f:c1:eb:4f:7b:ca:31:90:43:09:a5:22:63:44:a9:
68:9c:09:21:cf:a6:31:93:26:e3:1d:96:62:89:58:b7:d1:42:
82:1e:ea:6e:f1:15:02:12:bf:0f:4b:5d:90:8d:eb:52:19:1a:
fe:0d:b5:92:8a:6f:ce:f4:44:a4:5b:6c:d6:97:d8:88:94:04:
3c:27:fb:2b:a3:f2:ec:6b:59:bc:14:00:0a:54:63:56:4d:6f:
d8:41:68:64:eb:f3:01:3e:52:89:c2:50:11:86:c7:0f:83:9a:
70:a8:94:f7:9e:ed:a8:50:5c:a1:f1:ef:ef:33:c9:36:a6:f7:
3b:79:d6:1e:dd:d9:03:b8:a7:a1:29:12:e0:39:13:5e:d4:1b:
85:14:75:29:f1:96:f2:c2:40:e7:6e:f4:9c:a2:66:2c:ce:51:
9b:f0:f8:db:0b:3b:c6:d6:f6:de:f4:50:59:91:58:5f:20:0d:
9b:be:6a:9a:bb:7b:62:df:65:f1:3d:da:c4:a5:2a:35:a4:bc:
ac:7c:ee:82:cf:6b:62:e0:d0:e4:82:05:f4:1a:b1:4b:b5:53:
52:ac:6d:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RUI4MDExMC8GA1UEBRMoNkYyM0YyN0YwOTBCRUY0NTMxODAyMDcyRTFEQUNGMjEw
RDlENDIzQzAeFw0yMjAzMjMwNDMzNDFaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyM2FhMzI1LTM2ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLMV5XBSCqRDHKFTWta4wByBLet5ePsg7NfdXGqZALLHX6rAQJEZQ8G9cN3sPp
0UN6/lYiK05DyA4aXcyuDB38pxd101j4VrcbAVqbrT+4KarNE4pzs7TafwKi411T
vcVu5456kcS6rUKq6A2EPkXDZ0OkfWu27ehLAiXH8UTg+ZEgP5hVN4VVw0+A2Yc5
0aFddo7W/fZMczlQk+QycxcvJjrwuMvXk/vKSLiWJpPDsO4hZBX7DeVP65w/wM17
1fpVDVRmkVKSpeCkkzoN0fJepvu31MJcnLoAyxhMtTYIkzH53YxP+8BZTwC4bGl6
85VCi3HoYs1fMOePc+gKdV0lAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUe/ZVx5nb
JIQ4tzISBqoEzD7EbS8wHwYDVR0jBBgwFoAUbyPyfwkL70UxgCBy4drPIQ2dQjww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFFQjgwLzc3NjJGQzVBN0U2
QzExRUM4NzNENjc4M0M0RjlBRTAyL2J5UHlmd2tMNzBVeGdDQnk0ZHJQSVEyZFFq
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYnlQeWZ3a0w3MFV4Z0NCeTRkclBJUTJkUWp3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RUI4MC83NzYyRkM1QTdFNkMxMUVDODczRDY3ODNDNEY5QUUwMi82QTQ3MDZENEFB
NjIxMUVDODU4QzU2MjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe0bDAPBAIAAjAJAwcAIAEN8FnAMA0GCSqGSIb3DQEBCwUA
A4IBAQAoIQ04+6YlsdHaKjp83prY4+51vz7ZWtNdpgY1Zjr3kzDWI6hIWxlvwetP
e8oxkEMJpSJjRKlonAkhz6YxkybjHZZiiVi30UKCHupu8RUCEr8PS12QjetSGRr+
DbWSim/O9ESkW2zWl9iIlAQ8J/sro/Lsa1m8FAAKVGNWTW/YQWhk6/MBPlKJwlAR
hscPg5pwqJT3nu2oUFyh8e/vM8k2pvc7edYe3dkDuKehKRLgORNe1BuFFHUp8Zby
wkDnbvScomYszlGb8PjbCzvG1vbe9FBZkVhfIA2bvmqau3ti32XxPdrEpSo1pLys
fO6Cz2ti4NDkggX0GrFLtVNSrG01
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org