Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/C431493032BF11EDB0244949C4F9AE02.roa
File: C431493032BF11EDB0244949C4F9AE02.roa (raw, json)
Hash identifier: lYtkOF9sucVfj7NH7wd1pYu4sxwg0m6DdvhWIrsXMxY=
Subject key identifier: B2:AC:14:4B:B6:36:8C:12:0C:A9:1A:67:11:47:C7:30:FB:66:7E:CC
Certificate issuer: /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Certificate serial: 01F2
Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/C431493032BF11EDB0244949C4F9AE02.roa
Signing time: Wed 08 Mar 2023 13:13:45 +0000
ROA not before: Wed 08 Mar 2023 13:13:45 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 139042
IP address blocks: 103.138.146.0/23 maxlen: 23
103.138.146.0/24 maxlen: 24
2407:3b40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 498 (0x1f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Validity
Not Before: Mar 8 13:13:45 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=64088a09-c843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5b:56:9e:57:af:41:de:8b:6a:85:f8:b4:85:
89:2f:0d:18:5a:a5:dd:ed:b8:3e:5d:4a:1b:73:64:
cc:23:16:fc:50:e6:03:a3:c1:69:63:43:5e:3b:39:
e5:bd:01:01:aa:54:f1:f5:ce:a0:88:b3:d7:5e:e1:
ad:bf:27:7a:15:f6:68:22:6d:e0:85:e8:b2:9e:73:
8c:6e:d8:3b:36:b5:ab:5c:ce:63:7e:ee:4b:50:ca:
d0:cb:d3:bc:00:a0:db:66:c2:f3:05:ef:22:46:a2:
49:0d:19:12:34:e9:e4:a2:c8:6b:1a:88:c0:36:aa:
1f:ee:e2:f9:08:f1:e9:0a:6a:88:3d:c4:8e:6b:eb:
9a:49:fc:d9:44:01:7e:a1:7e:26:d7:6e:4b:5f:77:
13:d8:14:ef:79:dc:4c:87:d5:04:72:84:02:81:ce:
c4:e4:00:12:83:a2:e1:4f:a9:63:93:02:b9:92:9c:
d6:d2:58:9d:59:f9:a9:c3:ff:49:f8:01:01:60:c6:
42:e5:7b:9b:89:75:08:62:78:13:cf:d0:49:88:4e:
40:28:07:80:f5:e0:15:dd:77:56:c8:9c:8b:25:93:
2f:8a:a4:48:e9:27:92:52:ff:cc:e3:b8:06:80:d5:
84:86:6d:32:91:c2:ef:00:43:36:70:a5:1f:68:d6:
da:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:AC:14:4B:B6:36:8C:12:0C:A9:1A:67:11:47:C7:30:FB:66:7E:CC
X509v3 Authority Key Identifier:
keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/C431493032BF11EDB0244949C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.146.0/23
IPv6:
2407:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
33:00:32:a7:b9:78:9d:00:39:09:4d:b7:3f:d8:08:d1:61:00:
c6:f5:c9:cf:82:4c:74:37:08:31:48:6b:bf:66:83:10:ed:f7:
61:0d:eb:ec:c3:47:44:a2:dc:75:fe:c2:17:75:cd:d9:a8:40:
e5:00:f1:69:a1:d7:00:df:48:d3:76:a3:97:48:3c:aa:93:38:
00:fd:6c:20:67:49:4c:73:d5:17:08:cf:6f:95:0b:6d:69:4f:
e9:75:cb:2c:6a:47:7d:86:a7:b7:4e:78:51:6f:6d:94:a5:e1:
dd:19:28:bd:61:6a:2f:12:e7:a2:d1:c8:4e:45:68:ef:86:a0:
fb:82:53:3e:67:7c:f7:1d:4b:dd:43:7f:9d:89:5b:2b:03:11:
a4:98:52:b8:cd:0c:0a:99:93:e5:b2:75:7a:65:f1:1e:58:f0:
34:22:64:e1:04:10:c1:d3:d3:d3:5e:35:26:d8:17:81:15:db:
ac:d8:08:11:8b:42:e8:9a:34:0d:c8:05:ba:3b:79:29:f8:98:
b0:aa:ed:76:0b:15:4b:9c:a3:97:e7:9b:1d:cd:ac:5b:03:a6:
24:8f:11:79:71:75:9c:b2:9d:23:ec:04:38:9c:b3:bc:b2:0c:
ad:2a:51:59:a7:f5:60:7c:8a:2a:2f:eb:46:1c:9a:74:42:d5:
5b:b3:60:ae
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3MjAxMTAvBgNVBAUTKDFCMDM2QkZGODc4MDdDQkZDNkU5MTIzNkNCMDg2RDRG
RTJCMDk5M0QwHhcNMjMwMzA4MTMxMzQ1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA4OGEwOS1jODQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ltWnlevQd6LaoX4tIWJLw0YWqXd7bg+XUobc2TMIxb8UOYDo8FpY0NeOznl
vQEBqlTx9c6giLPXXuGtvyd6FfZoIm3gheiynnOMbtg7NrWrXM5jfu5LUMrQy9O8
AKDbZsLzBe8iRqJJDRkSNOnkoshrGojANqof7uL5CPHpCmqIPcSOa+uaSfzZRAF+
oX4m125LX3cT2BTvedxMh9UEcoQCgc7E5AASg6LhT6ljkwK5kpzW0lidWfmpw/9J
+AEBYMZC5XubiXUIYngTz9BJiE5AKAeA9eAV3XdWyJyLJZMviqRI6SeSUv/M47gG
gNWEhm0ykcLvAEM2cKUfaNbaMwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLKsFEu2
NowSDKkaZxFHxzD7Zn7MMB8GA1UdIwQYMBaAFBsDa/+HgHy/xukSNssIbU/isJk9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDcyMC8yMDlGOEI3NEE3
OUIxMUVDOEREMkIxNTdDNEY5QUUwMi9Hd05yXzRlQWZMX0c2UkkyeXdodFQtS3dt
VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21UMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3MjAvMjA5RjhCNzRBNzlCMTFFQzhERDJCMTU3QzRGOUFFMDIvQzQzMTQ5MzAz
MkJGMTFFREIwMjQ0OTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnipIwDQQCAAIwBwMFACQHO0AwDQYJKoZIhvcNAQELBQAD
ggEBADMAMqe5eJ0AOQlNtz/YCNFhAMb1yc+CTHQ3CDFIa79mgxDt92EN6+zDR0Si
3HX+whd1zdmoQOUA8Wmh1wDfSNN2o5dIPKqTOAD9bCBnSUxz1RcIz2+VC21pT+l1
yyxqR32Gp7dOeFFvbZSl4d0ZKL1hai8S56LRyE5FaO+GoPuCUz5nfPcdS91Df52J
WysDEaSYUrjNDAqZk+WydXpl8R5Y8DQiZOEEEMHT09NeNSbYF4EV26zYCBGLQuia
NA3IBbo7eSn4mLCq7XYLFUuco5fnmx3NrFsDpiSPEXlxdZyynSPsBDics7yyDK0q
UVmn9WB8iiov60YcmnRC1VuzYK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org