Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/A47553CA398611EDAE5D6A14C4F9AE02.roa
File: A47553CA398611EDAE5D6A14C4F9AE02.roa (raw, json)
Hash identifier: 7T6WOFY87G0RrepE8mCTMK/Wkt/CvnBq1FcDCU3+5a4=
Subject key identifier: B3:21:C1:06:86:4E:41:D2:D4:61:0C:DA:53:4E:5E:DD:F7:7E:76:85
Certificate issuer: /CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Certificate serial: 0275
Authority key identifier: 6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/A47553CA398611EDAE5D6A14C4F9AE02.roa
Signing time: Wed 21 Sep 2022 08:23:16 +0000
ROA not before: Wed 21 Sep 2022 08:23:16 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 149000
IP address blocks: 103.176.3.0/24 maxlen: 24
2001:df0:740::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 629 (0x275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Validity
Not Before: Sep 21 08:23:16 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=632ac9f4-664b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a7:70:5c:2e:e9:a8:ee:46:cc:50:c3:fa:46:
77:a3:1c:25:1a:29:14:37:0a:96:0c:73:74:39:2f:
ed:39:25:74:5e:69:58:6b:88:fa:23:84:76:5b:e2:
f5:dc:c5:27:f1:0c:1c:55:c2:53:19:98:70:e3:9a:
0e:79:19:d0:47:e3:43:58:7d:5f:3b:54:a2:1e:f5:
dd:1e:33:84:d6:a0:20:ce:13:0b:6d:53:3b:cf:96:
0c:b0:5d:83:5b:b0:61:77:bc:bb:dc:60:60:6d:ef:
2f:6c:3c:5e:46:bc:a2:2c:ad:c0:5c:25:6f:e3:80:
bb:b7:ff:a3:0e:b6:fd:e1:c1:b8:8b:36:39:8b:bb:
80:f0:d8:cf:4e:14:88:1d:95:b2:3f:cc:83:db:40:
65:08:22:4d:b2:a9:ca:af:90:42:37:be:41:a9:42:
26:d2:6d:64:12:16:1a:86:96:03:77:28:31:b5:94:
eb:07:59:59:6e:45:ef:88:3f:19:83:88:b0:2a:a7:
fb:22:58:88:1e:3d:c1:e3:7f:7d:b8:44:ba:6d:4e:
7a:d7:35:98:57:46:07:e6:a9:15:a4:4d:d1:2a:eb:
48:70:70:ab:7b:ea:3a:c1:01:c3:23:71:e8:ac:d6:
bf:55:22:12:e0:fa:90:34:e6:14:14:7c:88:b0:66:
82:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:21:C1:06:86:4E:41:D2:D4:61:0C:DA:53:4E:5E:DD:F7:7E:76:85
X509v3 Authority Key Identifier:
keyid:6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/A47553CA398611EDAE5D6A14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.3.0/24
IPv6:
2001:df0:740::/48
Signature Algorithm: sha256WithRSAEncryption
23:9d:71:fc:cf:90:6d:42:9f:c7:b2:4e:03:3a:7b:61:f3:29:
ef:b6:76:ab:8b:fe:98:68:5a:fa:88:e0:a4:53:e7:ba:81:21:
51:5b:91:85:9e:da:63:b8:b5:ab:ac:37:6e:ef:10:67:a7:21:
db:7f:4e:df:02:89:1d:3e:b8:56:44:df:fb:ac:03:fd:7d:d4:
88:90:be:18:04:f3:0d:5f:6e:a5:bf:6e:8f:5a:4f:f1:72:0b:
48:01:fd:a5:f9:74:2c:7a:e0:7d:82:e0:58:32:e2:55:1f:87:
0f:1e:17:58:9c:3a:4f:b1:33:cd:e7:74:55:6a:97:a1:1c:1d:
77:9d:c0:5a:d4:cd:f7:a9:c8:01:ad:35:44:6d:51:2e:13:1a:
40:56:8c:28:fc:9b:3b:d1:a7:f4:96:dd:36:a9:af:9f:d4:5c:
70:54:1a:b0:78:51:89:d5:e7:4a:42:56:0f:93:26:7c:8a:3a:
4d:ab:f4:9e:50:34:9f:80:55:dc:a1:42:56:8d:fa:10:6f:0f:
3b:a1:48:90:ca:a6:32:7f:e4:a8:61:54:4c:a9:97:72:18:e8:
bf:9f:aa:c4:f8:21:21:35:c3:db:41:d0:a8:12:f8:d8:3b:21:
a2:f3:62:68:24:38:1c:90:34:5c:0d:26:16:f8:b3:ce:d9:78:
a8:5f:c5:e2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc0RTgxMTAvBgNVBAUTKDZDMDgwQTJCQTdEQUFDOTVENEQ5MzQ4OEE5MDAxNTFB
RTNBNTlERjgwHhcNMjIwOTIxMDgyMzE2WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJhYzlmNC02NjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtadwXC7pqO5GzFDD+kZ3oxwlGikUNwqWDHN0OS/tOSV0XmlYa4j6I4R2W+L1
3MUn8QwcVcJTGZhw45oOeRnQR+NDWH1fO1SiHvXdHjOE1qAgzhMLbVM7z5YMsF2D
W7Bhd7y73GBgbe8vbDxeRryiLK3AXCVv44C7t/+jDrb94cG4izY5i7uA8NjPThSI
HZWyP8yD20BlCCJNsqnKr5BCN75BqUIm0m1kEhYahpYDdygxtZTrB1lZbkXviD8Z
g4iwKqf7IliIHj3B4399uES6bU561zWYV0YH5qkVpE3RKutIcHCre+o6wQHDI3Ho
rNa/VSIS4PqQNOYUFHyIsGaC1QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLMhwQaG
TkHS1GEM2lNOXt33fnaFMB8GA1UdIwQYMBaAFGwICiun2qyV1Nk0iKkAFRrjpZ34
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzRFOC80N0Y2MjAxMjQz
RUExMUVDODRBQjYzNDdDNEY5QUUwMi9iQWdLSzZmYXJKWFUyVFNJcVFBVkd1T2xu
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JBZ0tLNmZhckpYVTJUU0lxUUFWR3VPbG5mZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc0RTgvNDdGNjIwMTI0M0VBMTFFQzg0QUI2MzQ3QzRGOUFFMDIvQTQ3NTUzQ0Ez
OTg2MTFFREFFNUQ2QTE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnsAMwDwQCAAIwCQMHACABDfAHQDANBgkqhkiG9w0BAQsF
AAOCAQEAI51x/M+QbUKfx7JOAzp7YfMp77Z2q4v+mGha+ojgpFPnuoEhUVuRhZ7a
Y7i1q6w3bu8QZ6ch239O3wKJHT64VkTf+6wD/X3UiJC+GATzDV9upb9uj1pP8XIL
SAH9pfl0LHrgfYLgWDLiVR+HDx4XWJw6T7Ezzed0VWqXoRwdd53AWtTN96nIAa01
RG1RLhMaQFaMKPybO9Gn9JbdNqmvn9RccFQasHhRidXnSkJWD5MmfIo6Tav0nlA0
n4BV3KFCVo36EG8PO6FIkMqmMn/kqGFUTKmXchjov5+qxPghITXD20HQqBL42Dsh
ovNiaCQ4HJA0XA0mFvizztl4qF/F4g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org