Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/589342F6998411ED954F316FC4F9AE02.roa
File: 589342F6998411ED954F316FC4F9AE02.roa (raw, json)
Hash identifier: RyRCRdItXnggXvxaQsxoVqIi51j+H9n34MhWE+frsUk=
Subject key identifier: 3C:1A:65:F1:86:17:BD:05:2A:93:FD:DA:16:39:19:95:BC:85:B6:F0
Certificate issuer: /CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Certificate serial: 076A
Authority key identifier: 7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/589342F6998411ED954F316FC4F9AE02.roa
Signing time: Sat 21 Jan 2023 12:08:42 +0000
ROA not before: Sat 21 Jan 2023 12:08:42 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 38074
IP address blocks: 103.152.178.0/24 maxlen: 24
103.160.48.0/24 maxlen: 24
2001:df4:1780::/47 maxlen: 48
2406:7ec0::/32 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1898 (0x76a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9
Validity
Not Before: Jan 21 12:08:42 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=63cbd5ca-bef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b1:80:ce:b3:95:19:77:cc:92:17:56:b2:f5:
46:da:a3:38:96:77:28:e6:89:e6:9d:dc:76:5d:33:
72:41:25:95:eb:60:76:fb:a1:cb:cf:3d:2d:02:35:
4f:c0:c9:7e:74:07:a7:c1:0f:24:92:c2:35:ad:10:
89:c8:fa:f1:73:ed:33:e6:b7:b6:85:8e:76:c2:ed:
f2:81:9f:37:01:4e:27:72:21:fa:73:e2:bb:08:28:
47:91:c6:3d:88:36:21:bc:4f:65:e1:14:e3:e5:e7:
17:d0:0d:b6:9a:13:81:33:92:14:1b:42:4a:d6:3e:
e3:f0:5d:99:02:ce:d5:44:db:3e:7b:77:bb:58:14:
42:d2:66:06:db:a5:a3:5c:2a:64:60:b2:b4:bc:29:
6e:a6:04:09:a8:10:1c:47:b4:91:4a:95:54:0c:91:
84:6b:e3:f2:63:0e:b1:b2:5d:83:1e:fe:17:dd:e9:
33:f3:87:40:ec:ae:eb:14:f2:2b:24:e0:b1:26:54:
8b:51:92:b9:87:2c:5d:34:6b:33:18:58:0f:a6:1b:
3f:ee:a5:aa:2b:9b:10:5e:4c:2e:69:c6:64:22:16:
b0:f7:9e:47:ee:ff:fd:a7:d4:af:26:18:f5:6a:0e:
f4:7b:96:c8:aa:4a:f5:e0:71:05:df:59:00:a2:12:
1f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1A:65:F1:86:17:BD:05:2A:93:FD:DA:16:39:19:95:BC:85:B6:F0
X509v3 Authority Key Identifier:
keyid:7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/fVVGmSbR-TTzrylkXrbBC7YGm8k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/589342F6998411ED954F316FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.178.0/24
103.160.48.0/24
IPv6:
2001:df4:1780::/47
2406:7ec0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ac:8b:d1:87:64:c3:18:ad:c5:67:8b:f3:65:7c:d5:19:24:
61:eb:a4:9a:00:37:db:a6:c6:74:68:c2:57:41:35:23:35:bb:
15:f6:e1:f7:0c:20:f4:33:14:5a:1f:68:cf:e1:89:94:31:ef:
bb:f6:13:f3:62:4f:eb:37:5a:f0:1e:b4:be:29:dd:ef:72:27:
d7:c2:00:42:6f:6a:23:8d:9f:14:1e:2d:db:ae:19:fa:46:e8:
b8:ca:63:64:66:f1:64:34:bb:74:a5:bc:ce:50:89:75:1a:09:
33:19:16:b3:24:4b:0a:ba:fa:e2:e0:92:3a:b6:6a:22:03:09:
f8:22:74:ae:be:98:08:65:1f:ae:d4:c2:3b:26:91:00:83:d7:
30:76:07:22:00:b9:4b:07:26:f2:15:3a:92:38:27:d4:0d:58:
02:12:ff:cf:4d:fb:98:e8:64:10:80:a9:19:d6:45:9f:56:c7:
9a:2a:79:fd:f1:d6:ac:ef:5e:50:06:7b:a6:0f:2b:9d:12:d0:
c5:25:ad:a1:62:2f:0a:8e:46:da:79:32:ad:14:83:7a:0f:1f:
a3:bd:1b:39:29:45:8f:f1:bd:d5:1c:52:c3:7d:08:48:95:51:
be:f9:50:44:1c:6f:dd:8c:a2:f1:55:9b:6a:96:c9:79:c6:a4:
cb:f7:46:c7
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICB2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc3NzAxMTAvBgNVBAUTKDdENTU0Njk5MjZEMUY5MzRGM0FGMjk2NDVFQjZDMTBC
QjYwNjlCQzkwHhcNMjMwMTIxMTIwODQyWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NiZDVjYS1iZWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3bGAzrOVGXfMkhdWsvVG2qM4lnco5onmndx2XTNyQSWV62B2+6HLzz0tAjVP
wMl+dAenwQ8kksI1rRCJyPrxc+0z5re2hY52wu3ygZ83AU4nciH6c+K7CChHkcY9
iDYhvE9l4RTj5ecX0A22mhOBM5IUG0JK1j7j8F2ZAs7VRNs+e3e7WBRC0mYG26Wj
XCpkYLK0vClupgQJqBAcR7SRSpVUDJGEa+PyYw6xsl2DHv4X3ekz84dA7K7rFPIr
JOCxJlSLUZK5hyxdNGszGFgPphs/7qWqK5sQXkwuacZkIhaw955H7v/9p9SvJhj1
ag70e5bIqkr14HEF31kAohIf9QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFDwaZfGG
F70FKpP92hY5GZW8hbbwMB8GA1UdIwQYMBaAFH1VRpkm0fk0868pZF62wQu2BpvJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3MC9FNjgxMDQxMEMw
QUUxMUVBQjk1QUI1NzJDNEY5QUUwMi9mVlZHbVNiUi1UVHpyeWxrWHJiQkM3WUdt
OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZWVkdtU2JSLVRUenJ5bGtYcmJCQzdZR204ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc3NzAvRTY4MTA0MTBDMEFFMTFFQUI5NUFCNTcyQzRGOUFFMDIvNTg5MzQyRjY5
OTg0MTFFRDk1NEYzMTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMBIEAgABMAwDBABnmLIDBABnoDAwFgQCAAIwEAMHASABDfQXgAMFACQGfsAw
DQYJKoZIhvcNAQELBQADggEBAAysi9GHZMMYrcVni/NlfNUZJGHrpJoAN9umxnRo
wldBNSM1uxX24fcMIPQzFFofaM/hiZQx77v2E/NiT+s3WvAetL4p3e9yJ9fCAEJv
aiONnxQeLduuGfpG6LjKY2Rm8WQ0u3SlvM5QiXUaCTMZFrMkSwq6+uLgkjq2aiID
CfgidK6+mAhlH67UwjsmkQCD1zB2ByIAuUsHJvIVOpI4J9QNWAIS/89N+5joZBCA
qRnWRZ9Wx5oqef3x1qzvXlAGe6YPK50S0MUlraFiLwqORtp5Mq0Ug3oPH6O9Gzkp
RY/xvdUcUsN9CEiVUb75UEQcb92MovFVm2qWyXnGpMv3Rsc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org