Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/3FE54F04AAA811EC80122A40C4F9AE02.roa
File: 3FE54F04AAA811EC80122A40C4F9AE02.roa (raw, json)
Hash identifier: zLLEa+6MsqwcBvftJJYcdqDwOLBWDQ81mgqw4+aDJJY=
Subject key identifier: 4B:59:DD:FF:10:E6:43:B9:64:36:C3:36:D8:93:EB:8F:C7:BD:8E:88
Certificate issuer: /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Certificate serial: 1E
Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/3FE54F04AAA811EC80122A40C4F9AE02.roa
Signing time: Sat 02 Apr 2022 03:14:20 +0000
ROA not before: Sat 02 Apr 2022 03:14:20 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 139042
IP address blocks: 103.138.146.0/23 maxlen: 23
103.138.146.0/24 maxlen: 24
2407:3b40::/32 maxlen: 32
2407:3b40:3::/48 maxlen: 48
2407:3b40:4::/48 maxlen: 48
2407:3b40:5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Validity
Not Before: Apr 2 03:14:20 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6247bf8b-b1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1d:dc:3a:7a:7f:78:40:09:24:4c:78:3a:05:
f7:d6:81:ee:49:59:2f:bc:03:9b:78:94:46:b5:3f:
24:7c:e5:9d:c3:38:c6:88:2e:54:92:e2:d5:a0:83:
b6:9f:a3:5d:c2:6b:52:9c:fd:d9:8f:4a:2b:45:a5:
ce:a0:c0:f8:21:17:02:6a:34:3a:ec:ef:ec:ce:69:
4e:16:d8:79:d0:f5:b8:17:10:a9:a6:e7:96:9d:5d:
28:81:1d:90:1e:2c:ed:7d:d8:6b:aa:79:d1:9c:23:
d5:3f:b2:52:c3:c6:b6:78:e7:e0:b3:a0:5d:b4:bb:
40:23:f6:62:bf:b1:3f:8e:05:15:30:35:a5:01:fc:
05:3b:f8:72:8a:5d:0b:da:ba:c6:b9:6c:6c:9c:c0:
a4:e3:17:50:dc:26:d4:d8:62:1e:0d:13:66:68:26:
e6:b4:26:62:22:17:af:d0:0c:05:99:bf:5a:a1:e7:
50:7a:b7:a5:4b:1a:c1:49:fc:41:cd:d5:3d:ba:c6:
b5:9c:e5:b3:16:32:98:49:b6:ad:8c:23:0d:0d:96:
b2:33:a8:64:4c:8f:a4:d0:c9:2f:45:11:87:9b:53:
f3:58:3c:77:92:14:9a:79:be:64:07:0d:a6:bd:1d:
1e:0c:19:08:2f:5e:a6:ca:31:ec:c9:64:4e:68:78:
46:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:59:DD:FF:10:E6:43:B9:64:36:C3:36:D8:93:EB:8F:C7:BD:8E:88
X509v3 Authority Key Identifier:
keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/3FE54F04AAA811EC80122A40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.146.0/23
IPv6:
2407:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
6c:6e:9f:6c:cf:54:dd:1a:82:6c:fa:1a:f2:29:71:65:9b:43:
93:33:bb:ab:ba:f2:07:79:b0:88:4c:10:53:67:50:68:57:b7:
d9:d6:6d:55:26:e3:c9:19:4f:22:9e:79:15:9d:f3:14:dd:56:
df:91:60:8c:8a:0b:e4:1d:91:d9:21:d5:c4:fb:41:de:ee:3e:
0e:ee:7c:61:ef:37:cc:39:89:ec:50:bd:25:35:a7:1f:66:59:
a6:1d:6d:56:5c:32:24:bc:5a:57:06:ef:16:da:2a:16:e8:ac:
8f:b8:80:36:84:cf:b2:21:67:4b:1e:69:6b:77:45:8d:38:cd:
35:5c:79:3b:36:35:29:a7:c6:89:d0:0e:23:c3:fc:d1:3b:42:
8e:ac:55:19:df:72:30:44:45:30:d7:06:70:f4:b8:72:a2:3a:
cd:aa:7a:d8:f5:e8:06:29:4f:a1:a6:85:4c:97:dd:2d:bf:f7:
a6:e2:6d:50:c6:27:4a:82:a0:56:17:ad:1e:e8:21:cb:85:67:
18:23:28:ec:24:b0:10:38:b8:fa:a0:89:4b:67:b8:13:c6:c0:
e6:e9:e4:ec:86:2c:fe:8d:c6:51:9c:b9:99:61:d0:30:a1:91:
14:bb:70:37:9e:61:7d:e7:14:da:8b:1e:9a:72:36:02:03:0a:
be:17:d8:dd
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MDcyMDExMC8GA1UEBRMoMUIwMzZCRkY4NzgwN0NCRkM2RTkxMjM2Q0IwODZENEZF
MkIwOTkzRDAeFw0yMjA0MDIwMzE0MjBaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNDdiZjhiLWIxZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnHdw6en94QAkkTHg6BffWge5JWS+8A5t4lEa1PyR85Z3DOMaILlSS4tWgg7af
o13Ca1Kc/dmPSitFpc6gwPghFwJqNDrs7+zOaU4W2HnQ9bgXEKmm55adXSiBHZAe
LO192GuqedGcI9U/slLDxrZ45+CzoF20u0Aj9mK/sT+OBRUwNaUB/AU7+HKKXQva
usa5bGycwKTjF1DcJtTYYh4NE2ZoJua0JmIiF6/QDAWZv1qh51B6t6VLGsFJ/EHN
1T26xrWc5bMWMphJtq2MIw0NlrIzqGRMj6TQyS9FEYebU/NYPHeSFJp5vmQHDaa9
HR4MGQgvXqbKMezJZE5oeEbxAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUS1nd/xDm
Q7lkNsM22JPrj8e9jogwHwYDVR0jBBgwFoAUGwNr/4eAfL/G6RI2ywhtT+KwmT0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwNzIwLzIwOUY4Qjc0QTc5
QjExRUM4REQyQjE1N0M0RjlBRTAyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21U
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3dOcl80ZUFmTF9HNlJJMnl3aHRULUt3bVQwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MDcyMC8yMDlGOEI3NEE3OUIxMUVDOEREMkIxNTdDNEY5QUUwMi8zRkU1NEYwNEFB
QTgxMUVDODAxMjJBNDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWeKkjANBAIAAjAHAwUAJAc7QDANBgkqhkiG9w0BAQsFAAOC
AQEAbG6fbM9U3RqCbPoa8ilxZZtDkzO7q7ryB3mwiEwQU2dQaFe32dZtVSbjyRlP
Ip55FZ3zFN1W35FgjIoL5B2R2SHVxPtB3u4+Du58Ye83zDmJ7FC9JTWnH2ZZph1t
VlwyJLxaVwbvFtoqFuisj7iANoTPsiFnSx5pa3dFjTjNNVx5OzY1KafGidAOI8P8
0TtCjqxVGd9yMERFMNcGcPS4cqI6zap62PXoBilPoaaFTJfdLb/3puJtUMYnSoKg
VhetHughy4VnGCMo7CSwEDi4+qCJS2e4E8bA5unk7IYs/o3GUZy5mWHQMKGRFLtw
N55hfecU2osemnI2AgMKvhfY3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org