Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/2BDA23807A8511EB9A14261CC4F9AE02.roa
File: 2BDA23807A8511EB9A14261CC4F9AE02.roa (raw, json)
Hash identifier: blT2lca1SkP3ieBVUxep4qv6Fjpkh8HPL4s7cRzn2U8=
Subject key identifier: 98:AE:C4:EB:A8:5E:A9:69:5B:81:49:84:72:E4:D9:64:14:AA:91:B8
Certificate issuer: /CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Certificate serial: 0390
Authority key identifier: 7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/2BDA23807A8511EB9A14261CC4F9AE02.roa
Signing time: Thu 01 Jul 2021 10:57:49 +0000
ROA not before: Thu 01 Jul 2021 10:57:49 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 140868
IP address blocks: 103.152.178.0/24 maxlen: 25
103.160.48.0/24 maxlen: 25
2001:df4:1780::/48 maxlen: 56
2406:7ec0::/32 maxlen: 32
2406:7ec0::/33 maxlen: 33
2406:7ec0::/33 maxlen: 41
2406:7ec0::/35 maxlen: 39
2406:7ec0::/40 maxlen: 48
2406:7ec0:2000::/35 maxlen: 39
2406:7ec0:2000::/40 maxlen: 48
2406:7ec0:3000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912 (0x390)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Validity
Not Before: Jul 1 10:57:49 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=60dd9fac-76e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:23:e8:4f:2d:60:a5:93:a9:d8:aa:04:bc:6a:
ed:8c:e9:23:a6:8d:a8:98:2d:22:6a:b3:40:56:30:
ba:4b:d6:ce:95:87:49:7d:75:0b:92:41:4a:89:3f:
28:14:39:ba:9a:23:da:bb:dd:7f:a8:c9:e2:24:04:
93:23:2f:b7:ce:2f:9a:8d:be:2e:e2:07:ad:2d:31:
f8:9d:1e:90:e9:3e:a6:11:5b:7c:3e:31:08:12:a2:
d9:c6:74:ca:ef:93:18:f2:c9:47:90:e8:3c:c9:2b:
de:7f:61:3e:7b:8f:1c:16:33:9d:9e:8f:da:41:0d:
42:69:4f:b1:32:05:ef:00:09:d1:88:22:a2:e8:bb:
6c:a9:4c:e3:ce:39:36:89:92:97:70:86:97:5c:1f:
bc:2e:6a:b4:23:6e:6b:42:13:78:ae:82:46:37:62:
37:04:f3:91:ce:d5:1c:5c:8e:b4:55:3b:9c:8a:53:
64:be:97:09:e7:df:e7:03:4d:b7:0e:51:11:68:28:
77:ea:5b:23:83:84:85:b9:c4:90:d2:84:39:bb:9a:
34:5a:91:4f:0d:cf:50:f7:39:59:c0:5c:ab:63:ba:
fa:f9:a3:57:05:36:69:f4:52:21:47:76:f9:f1:a1:
50:31:56:21:ba:0c:bb:79:10:73:9d:fd:97:32:c9:
67:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AE:C4:EB:A8:5E:A9:69:5B:81:49:84:72:E4:D9:64:14:AA:91:B8
X509v3 Authority Key Identifier:
keyid:7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/fVVGmSbR-TTzrylkXrbBC7YGm8k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/2BDA23807A8511EB9A14261CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.178.0/24
103.160.48.0/24
IPv6:
2001:df4:1780::/48
2406:7ec0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:57:5c:8d:e1:61:a4:d2:ec:ca:b6:0c:55:b1:c3:1c:e5:f7:
4b:72:ec:95:f7:a3:2f:77:01:ff:49:2b:2b:4f:4f:9d:38:2d:
f9:4d:12:0b:8b:c4:03:15:30:9e:9e:97:bd:af:75:7b:43:6d:
9b:67:d7:45:5a:eb:04:e2:a0:67:fa:59:f5:85:c6:ea:74:ec:
63:b1:cd:ac:03:5d:c0:01:bc:c3:00:02:36:0a:9e:4b:07:98:
32:77:fc:3f:0d:64:c9:1f:84:22:ff:86:2c:09:49:f1:74:19:
38:8b:e1:84:92:d5:60:e1:0c:f7:a2:9e:43:15:9a:c9:b1:cb:
26:1d:45:1c:de:bc:bc:cb:b1:c5:4c:c0:b3:19:a9:6c:24:a9:
69:19:2c:e9:60:5a:fd:1c:5c:93:05:e2:96:52:7a:71:78:fb:
a5:07:41:db:ab:04:c9:94:9d:fd:f1:a3:88:bf:24:54:15:f3:
76:36:9c:a1:cf:1b:47:8f:ff:a8:bf:f7:28:98:52:67:85:75:
b5:b8:0e:ab:28:d2:90:7c:cd:a2:f6:74:de:3b:4c:8c:69:cf:
7b:05:c6:4f:6f:f5:5e:7e:4a:63:50:18:a7:27:10:ac:30:b2:
68:ef:3a:2d:13:27:a7:3c:a7:40:c6:40:05:f7:11:f9:e3:bf:
2a:6b:59:35
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICA5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc3NzAxMTAvBgNVBAUTKDdENTU0Njk5MjZEMUY5MzRGM0FGMjk2NDVFQjZDMTBC
QjYwNjlCQzkwHhcNMjEwNzAxMTA1NzQ5WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGRkOWZhYy03NmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0iPoTy1gpZOp2KoEvGrtjOkjpo2omC0iarNAVjC6S9bOlYdJfXULkkFKiT8o
FDm6miPau91/qMniJASTIy+3zi+ajb4u4getLTH4nR6Q6T6mEVt8PjEIEqLZxnTK
75MY8slHkOg8ySvef2E+e48cFjOdno/aQQ1CaU+xMgXvAAnRiCKi6LtsqUzjzjk2
iZKXcIaXXB+8Lmq0I25rQhN4roJGN2I3BPORztUcXI60VTucilNkvpcJ59/nA023
DlERaCh36lsjg4SFucSQ0oQ5u5o0WpFPDc9Q9zlZwFyrY7r6+aNXBTZp9FIhR3b5
8aFQMVYhugy7eRBznf2XMslnsQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFJiuxOuo
XqlpW4FJhHLk2WQUqpG4MB8GA1UdIwQYMBaAFH1VRpkm0fk0868pZF62wQu2BpvJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3MC9FNjgxMDQxMEMw
QUUxMUVBQjk1QUI1NzJDNEY5QUUwMi9mVlZHbVNiUi1UVHpyeWxrWHJiQkM3WUdt
OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZWVkdtU2JSLVRUenJ5bGtYcmJCQzdZR204ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc3NzAvRTY4MTA0MTBDMEFFMTFFQUI5NUFCNTcyQzRGOUFFMDIvMkJEQTIzODA3
QTg1MTFFQjlBMTQyNjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMBIEAgABMAwDBABnmLIDBABnoDAwFgQCAAIwEAMHACABDfQXgAMFACQGfsAw
DQYJKoZIhvcNAQELBQADggEBAG5XXI3hYaTS7Mq2DFWxwxzl90ty7JX3oy93Af9J
KytPT504LflNEguLxAMVMJ6el72vdXtDbZtn10Va6wTioGf6WfWFxup07GOxzawD
XcABvMMAAjYKnksHmDJ3/D8NZMkfhCL/hiwJSfF0GTiL4YSS1WDhDPeinkMVmsmx
yyYdRRzevLzLscVMwLMZqWwkqWkZLOlgWv0cXJMF4pZSenF4+6UHQdurBMmUnf3x
o4i/JFQV83Y2nKHPG0eP/6i/9yiYUmeFdbW4Dqso0pB8zaL2dN47TIxpz3sFxk9v
9V5+SmNQGKcnEKwwsmjvOi0TJ6c8p0DGQAX3EfnjvyprWTU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org