Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/2B74C4462D1B11ED867D2849C4F9AE02.roa
File: 2B74C4462D1B11ED867D2849C4F9AE02.roa (raw, json)
Hash identifier: T8mP6AieFpzIRjoGKjb8+mgEIKAELbrPFEeDfFqNUOc=
Subject key identifier: 24:8F:2A:7F:DA:BE:7B:D7:F1:EC:E0:6D:F1:AD:92:73:D5:6F:14:E8
Certificate issuer: /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Certificate serial: 0159
Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/2B74C4462D1B11ED867D2849C4F9AE02.roa
Signing time: Mon 05 Sep 2022 13:03:44 +0000
ROA not before: Mon 05 Sep 2022 13:03:44 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 149058
IP address blocks: 103.138.147.0/24 maxlen: 24
2407:3b40::/32 maxlen: 32
2407:3b40::/48 maxlen: 48
2407:3b40:1::/48 maxlen: 48
2407:3b40:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345 (0x159)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Validity
Not Before: Sep 5 13:03:44 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6315f3af-547c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:84:3f:47:3f:2f:17:f2:c2:de:0f:9e:83:
e4:86:81:68:2f:8f:cb:c7:c0:83:80:70:08:2b:e9:
5a:20:d3:77:ff:8e:31:0c:83:90:40:7e:42:55:09:
30:fa:5f:3c:cb:b0:7e:ed:73:10:77:19:1f:65:0a:
e0:9a:47:09:d0:be:3d:de:ce:23:f6:0e:e1:8c:a5:
2d:b5:dd:b8:2c:cc:bf:84:81:bc:6e:ff:82:cc:3f:
57:22:89:93:55:53:af:a2:3f:8a:f2:32:58:5d:60:
bf:b1:a4:d1:7f:05:4c:35:a0:d9:32:34:1e:2d:d2:
6f:24:89:1e:15:38:e3:d4:07:5f:9e:65:35:50:70:
43:a9:fd:d8:ed:ef:4e:83:eb:51:a0:51:2c:44:15:
5a:b3:dd:7f:a6:1c:3f:10:ea:30:2c:88:73:ef:7e:
e4:7e:3a:33:28:39:87:cc:74:bb:8c:3d:88:0b:b2:
15:1c:c7:f2:d9:76:e2:4b:e6:69:72:f3:d7:27:8c:
e7:13:3a:26:cc:76:c1:34:3d:da:ba:93:d9:40:81:
75:42:03:d4:39:23:98:67:94:52:e5:4f:99:38:4b:
d2:33:0e:61:37:44:1e:b4:f8:00:37:12:6c:db:a5:
45:a8:9d:4d:5c:d0:65:d5:fa:18:05:a5:d8:80:48:
4e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:2A:7F:DA:BE:7B:D7:F1:EC:E0:6D:F1:AD:92:73:D5:6F:14:E8
X509v3 Authority Key Identifier:
keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/2B74C4462D1B11ED867D2849C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.147.0/24
IPv6:
2407:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
0c:c8:1e:60:2b:ba:68:53:72:db:a9:6a:b6:d8:47:e8:c0:f3:
14:0c:48:56:25:24:64:94:e2:6b:93:21:82:69:0b:77:0f:ce:
ab:16:60:06:7e:96:da:23:70:aa:e4:d2:7c:cd:e0:ba:db:06:
bc:6f:c1:97:80:38:09:b6:e2:98:e5:c2:9c:4c:49:47:a2:ed:
d0:5f:44:a4:f7:b2:de:57:a4:a5:b3:ae:bf:5f:bb:a8:c1:27:
24:c9:5d:04:a2:09:f9:20:85:0c:34:24:ba:40:db:59:4c:b9:
ca:19:85:33:12:e2:59:64:64:53:45:fc:42:b5:d4:7e:06:54:
6b:e5:00:9c:c1:8a:a6:59:c3:c5:43:f7:fd:75:64:6c:2b:ff:
6e:f6:d1:49:95:50:0b:b5:8e:a0:ce:43:22:fd:e0:22:d4:68:
a8:a9:1c:72:9d:b2:bf:7b:02:e9:8f:a7:64:d7:c5:28:cd:fa:
65:cb:b1:43:ed:76:4d:fc:26:dd:60:f2:e6:13:5c:bf:b7:c3:
3a:01:28:3a:c7:f5:d9:ff:76:35:b4:30:ff:7b:40:73:5f:66:
d0:51:bb:a1:7e:93:f7:94:5f:9b:e4:15:6a:a1:56:d5:47:8b:
65:98:9b:04:b0:2d:97:67:40:2f:c4:91:e0:e0:25:91:ca:03:
1d:ad:b8:30
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3MjAxMTAvBgNVBAUTKDFCMDM2QkZGODc4MDdDQkZDNkU5MTIzNkNCMDg2RDRG
RTJCMDk5M0QwHhcNMjIwOTA1MTMwMzQ0WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE1ZjNhZi01NDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqmSEP0c/Lxfywt4PnoPkhoFoL4/Lx8CDgHAIK+laINN3/44xDIOQQH5CVQkw
+l88y7B+7XMQdxkfZQrgmkcJ0L493s4j9g7hjKUttd24LMy/hIG8bv+CzD9XIomT
VVOvoj+K8jJYXWC/saTRfwVMNaDZMjQeLdJvJIkeFTjj1AdfnmU1UHBDqf3Y7e9O
g+tRoFEsRBVas91/phw/EOowLIhz737kfjozKDmHzHS7jD2IC7IVHMfy2XbiS+Zp
cvPXJ4znEzomzHbBND3aupPZQIF1QgPUOSOYZ5RS5U+ZOEvSMw5hN0QetPgANxJs
26VFqJ1NXNBl1foYBaXYgEhOEQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCSPKn/a
vnvX8ezgbfGtknPVbxToMB8GA1UdIwQYMBaAFBsDa/+HgHy/xukSNssIbU/isJk9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDcyMC8yMDlGOEI3NEE3
OUIxMUVDOEREMkIxNTdDNEY5QUUwMi9Hd05yXzRlQWZMX0c2UkkyeXdodFQtS3dt
VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21UMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3MjAvMjA5RjhCNzRBNzlCMTFFQzhERDJCMTU3QzRGOUFFMDIvMkI3NEM0NDYy
RDFCMTFFRDg2N0QyODQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnipMwDQQCAAIwBwMFACQHO0AwDQYJKoZIhvcNAQELBQAD
ggEBAAzIHmArumhTctuparbYR+jA8xQMSFYlJGSU4muTIYJpC3cPzqsWYAZ+ltoj
cKrk0nzN4LrbBrxvwZeAOAm24pjlwpxMSUei7dBfRKT3st5XpKWzrr9fu6jBJyTJ
XQSiCfkghQw0JLpA21lMucoZhTMS4llkZFNF/EK11H4GVGvlAJzBiqZZw8VD9/11
ZGwr/2720UmVUAu1jqDOQyL94CLUaKipHHKdsr97AumPp2TXxSjN+mXLsUPtdk38
Jt1g8uYTXL+3wzoBKDrH9dn/djW0MP97QHNfZtBRu6F+k/eUX5vkFWqhVtVHi2WY
mwSwLZdnQC/EkeDgJZHKAx2tuDA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org