Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/B5B1C8A82DEC11ED87B1C72AC4F9AE02.roa
File: B5B1C8A82DEC11ED87B1C72AC4F9AE02.roa (raw, json)
Hash identifier: A6ucUjhRo3jHaD+zyQGS8bBXjCCJozDv0Y+GIjb6rmY=
Subject key identifier: C1:E0:9D:68:9E:ED:3B:E1:57:90:A1:D8:AA:BE:A5:09:9A:51:05:1F
Certificate issuer: /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Certificate serial: 015D
Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/B5B1C8A82DEC11ED87B1C72AC4F9AE02.roa
Signing time: Tue 06 Sep 2022 14:03:40 +0000
ROA not before: Tue 06 Sep 2022 14:03:40 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 139042
IP address blocks: 103.138.146.0/24 maxlen: 24
2407:3b40::/32 maxlen: 32
2407:3b40:3::/48 maxlen: 48
2407:3b40:4::/48 maxlen: 48
2407:3b40:5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349 (0x15d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Validity
Not Before: Sep 6 14:03:40 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6317533c-d4a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:28:eb:b4:04:1d:f2:8c:49:1b:34:aa:44:e1:
81:c2:9f:50:13:49:32:72:54:6a:06:34:50:ac:54:
88:9e:51:ba:a2:c2:57:f3:ba:a6:00:ed:52:ab:10:
60:97:0b:9c:3a:ed:44:39:da:50:7a:8f:0c:aa:9a:
67:01:cb:cf:e7:d0:c0:11:ed:ca:5d:9f:e9:73:28:
85:08:de:38:01:34:4c:3b:26:f0:85:e6:9d:fb:5b:
35:b7:b8:e6:00:c8:06:f3:3f:dd:47:3e:09:00:64:
25:ba:0c:64:34:aa:66:89:4f:0a:93:1f:ad:bb:95:
dd:ef:fd:27:9f:28:1a:1e:42:11:ff:88:8b:da:36:
4f:84:80:41:67:23:4b:30:f2:34:f8:09:63:78:97:
ba:38:e5:7c:73:fc:32:9a:68:20:13:49:c1:2d:79:
2b:c8:2b:44:4e:92:b8:e8:96:75:40:2d:c4:81:37:
ec:98:f7:ce:2d:7e:80:7b:16:53:8f:01:f7:ab:22:
97:eb:d6:3d:cb:4b:21:f5:8d:cd:0a:95:d4:22:9c:
ba:4a:1f:29:f9:18:42:82:b3:84:22:5a:e2:cf:79:
20:05:0e:44:87:7f:6e:4c:cf:f3:a5:5a:c9:7d:69:
2f:e6:f9:3d:69:00:15:8c:34:02:a1:92:a6:53:7c:
80:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E0:9D:68:9E:ED:3B:E1:57:90:A1:D8:AA:BE:A5:09:9A:51:05:1F
X509v3 Authority Key Identifier:
keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/B5B1C8A82DEC11ED87B1C72AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.146.0/24
IPv6:
2407:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
98:1c:2c:1b:d2:d5:97:be:46:2c:b9:01:60:3f:08:a6:1f:09:
81:06:9a:e8:44:68:46:26:2a:e2:6b:10:fc:0a:65:83:0a:b1:
4f:12:99:8a:a8:f0:7a:ae:0b:b7:e7:fb:68:1a:73:b3:c3:05:
a1:06:ab:4e:e1:81:48:cd:ce:da:7f:dc:8d:24:38:4c:0e:d0:
f8:c9:2d:95:6e:5c:c0:a8:10:41:85:7f:03:78:bc:0f:5c:94:
80:36:8e:a8:25:84:9d:28:ad:39:25:8b:a0:4f:c4:0e:fb:95:
fb:d9:5e:9e:dc:f7:84:c7:0e:28:88:bf:f5:0f:8c:08:c1:62:
29:03:d2:02:ea:6b:ba:f5:ef:ca:91:5b:f0:6d:8d:ae:7c:52:
1e:dd:2a:30:ff:4f:bc:c5:fc:4d:40:56:69:a9:ce:95:68:e5:
75:c6:d0:da:f9:30:e9:09:bb:13:e0:1d:7a:dd:d8:bc:f7:26:
ba:66:5f:00:3c:8f:62:45:92:50:6d:bb:db:fa:51:69:de:32:
ea:62:41:00:0a:13:3f:45:e5:a7:21:31:b5:ce:55:d1:5b:59:
bd:47:aa:78:f0:57:84:bd:54:38:ad:a8:79:d1:0d:15:d7:fd:
45:37:51:57:5f:fd:23:4e:05:62:03:42:53:50:54:26:e4:e9:
88:71:8b:08
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3MjAxMTAvBgNVBAUTKDFCMDM2QkZGODc4MDdDQkZDNkU5MTIzNkNCMDg2RDRG
RTJCMDk5M0QwHhcNMjIwOTA2MTQwMzQwWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE3NTMzYy1kNGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6ijrtAQd8oxJGzSqROGBwp9QE0kyclRqBjRQrFSInlG6osJX87qmAO1SqxBg
lwucOu1EOdpQeo8MqppnAcvP59DAEe3KXZ/pcyiFCN44ATRMOybwhead+1s1t7jm
AMgG8z/dRz4JAGQlugxkNKpmiU8Kkx+tu5Xd7/0nnygaHkIR/4iL2jZPhIBBZyNL
MPI0+AljeJe6OOV8c/wymmggE0nBLXkryCtETpK46JZ1QC3EgTfsmPfOLX6AexZT
jwH3qyKX69Y9y0sh9Y3NCpXUIpy6Sh8p+RhCgrOEIlriz3kgBQ5Eh39uTM/zpVrJ
fWkv5vk9aQAVjDQCoZKmU3yAsQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMHgnWie
7TvhV5Ch2Kq+pQmaUQUfMB8GA1UdIwQYMBaAFBsDa/+HgHy/xukSNssIbU/isJk9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDcyMC8yMDlGOEI3NEE3
OUIxMUVDOEREMkIxNTdDNEY5QUUwMi9Hd05yXzRlQWZMX0c2UkkyeXdodFQtS3dt
VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21UMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3MjAvMjA5RjhCNzRBNzlCMTFFQzhERDJCMTU3QzRGOUFFMDIvQjVCMUM4QTgy
REVDMTFFRDg3QjFDNzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnipIwDQQCAAIwBwMFACQHO0AwDQYJKoZIhvcNAQELBQAD
ggEBAJgcLBvS1Ze+Riy5AWA/CKYfCYEGmuhEaEYmKuJrEPwKZYMKsU8SmYqo8Hqu
C7fn+2gac7PDBaEGq07hgUjNztp/3I0kOEwO0PjJLZVuXMCoEEGFfwN4vA9clIA2
jqglhJ0orTkli6BPxA77lfvZXp7c94THDiiIv/UPjAjBYikD0gLqa7r178qRW/Bt
ja58Uh7dKjD/T7zF/E1AVmmpzpVo5XXG0Nr5MOkJuxPgHXrd2Lz3JrpmXwA8j2JF
klBtu9v6UWneMupiQQAKEz9F5achMbXOVdFbWb1HqnjwV4S9VDitqHnRDRXX/UU3
UVdf/SNOBWIDQlNQVCbk6Yhxiwg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org