Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9008/0A8FBB1AB43211EEA264440CC4F9AE02/7D5872A4B43211EE8246060DC4F9AE02.roa
File: 7D5872A4B43211EE8246060DC4F9AE02.roa (raw, json)
Hash identifier: DKlR8nBQFzaG43vAhKBqWJMjxpoGQdDQ9fQmuGe4mso=
Subject key identifier: A8:6D:8D:C6:6B:0B:A5:52:B5:09:AE:2A:B9:6D:B2:C2:4A:75:58:E0
Certificate issuer: /CN=A91B9008/serialNumber=6CBB6767F63A0CB9B7A74914B4A657417E4C578A
Certificate serial: 02
Authority key identifier: 6C:BB:67:67:F6:3A:0C:B9:B7:A7:49:14:B4:A6:57:41:7E:4C:57:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bLtnZ_Y6DLm3p0kUtKZXQX5MV4o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9008/0A8FBB1AB43211EEA264440CC4F9AE02/7D5872A4B43211EE8246060DC4F9AE02.roa
Signing time: Tue 16 Jan 2024 05:45:44 +0000
ROA not before: Tue 16 Jan 2024 05:45:44 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 140089
IP address blocks: 103.148.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9008/serialNumber=6CBB6767F63A0CB9B7A74914B4A657417E4C578A
Validity
Not Before: Jan 16 05:45:44 2024 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=65a61808-e06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:5f:d1:54:11:f6:ba:ad:1d:12:2f:0e:f0:
34:58:28:da:19:a8:45:42:f5:99:da:17:cc:f3:7b:
a0:93:20:d3:81:46:13:e2:4a:2b:9e:d5:0a:8a:dd:
34:dd:b7:dc:b7:dd:0a:b9:71:48:01:11:22:b3:18:
a8:70:01:ea:c2:94:c6:4e:7a:4d:62:8b:7e:4e:77:
6d:e5:1c:b6:58:3d:ce:87:da:19:88:5a:b1:b3:9e:
dc:1d:1b:e7:92:4f:fd:47:bb:17:2e:31:62:3e:98:
33:25:dc:98:5f:99:c4:93:e2:06:c0:d2:2e:4e:f8:
e7:b5:12:f1:e1:ef:95:fb:6e:0c:03:8c:c6:c1:c8:
23:18:4e:23:86:3a:e2:9c:31:c2:17:fb:82:71:90:
34:ce:a4:8b:eb:e1:1b:a4:58:b5:06:ac:59:18:08:
f9:9d:a3:04:3f:47:e1:62:38:58:e7:ec:ab:c1:0a:
b4:8a:b3:91:65:75:58:f7:d5:48:8e:ba:ea:bb:db:
eb:71:8a:89:de:ff:9a:6d:f6:ca:35:7b:9c:22:f9:
a8:00:0b:01:fe:af:28:a3:e5:93:3f:cd:22:5b:fd:
38:7b:66:40:da:23:30:54:42:31:d2:a7:08:7b:ad:
30:a3:8f:15:a7:93:70:ef:6f:7c:3e:fc:f2:d6:03:
7b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6D:8D:C6:6B:0B:A5:52:B5:09:AE:2A:B9:6D:B2:C2:4A:75:58:E0
X509v3 Authority Key Identifier:
keyid:6C:BB:67:67:F6:3A:0C:B9:B7:A7:49:14:B4:A6:57:41:7E:4C:57:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9008/0A8FBB1AB43211EEA264440CC4F9AE02/bLtnZ_Y6DLm3p0kUtKZXQX5MV4o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bLtnZ_Y6DLm3p0kUtKZXQX5MV4o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9008/0A8FBB1AB43211EEA264440CC4F9AE02/7D5872A4B43211EE8246060DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.90.0/24
Signature Algorithm: sha256WithRSAEncryption
89:6d:0d:80:9a:68:84:c1:71:e5:fb:e5:76:5a:90:7d:7a:b9:
1c:60:02:6a:17:fd:30:52:5c:1d:1b:13:14:bb:15:88:20:56:
f3:85:2f:43:26:91:57:bd:dc:58:50:e2:cd:c2:6b:bb:27:0a:
fa:48:2e:45:20:9f:ac:6b:b8:23:ed:c2:4c:62:03:fa:a9:26:
76:c5:ef:b6:4a:2c:d2:bf:2f:9f:6b:d4:e8:92:a1:42:5e:16:
ee:fd:69:0d:20:39:db:dc:3d:21:94:9b:9c:4f:1a:2c:e0:f2:
17:3d:bb:5f:c8:c8:67:e8:38:d8:0f:88:c2:e4:08:11:40:39:
50:dd:95:9b:51:88:eb:a1:24:bb:b9:f2:2d:9e:40:10:87:96:
4c:c7:fb:38:8f:43:7f:ba:f2:ce:d9:f1:d7:e4:f9:24:c5:46:
58:64:2b:0e:a8:7f:b3:24:2e:3f:2d:40:24:a8:dd:4b:4a:1b:
b4:a8:fa:87:b4:15:6e:2e:2d:f4:2f:8b:72:1b:8b:ba:30:02:
1a:b3:6d:a6:45:8f:d6:ae:0e:26:c6:67:7f:f5:53:fa:00:a1:
4e:7a:43:6b:d1:5a:5f:37:25:0c:cf:0b:ca:2b:fd:e4:5b:83:
17:58:dc:9f:d3:3b:50:2b:8d:4f:e2:62:34:02:cb:8e:10:08:
33:40:67:63
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
OTAwODExMC8GA1UEBRMoNkNCQjY3NjdGNjNBMENCOUI3QTc0OTE0QjRBNjU3NDE3
RTRDNTc4QTAeFw0yNDAxMTYwNTQ1NDRaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTYxODA4LWUwNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCx3V/RVBH2uq0dEi8O8DRYKNoZqEVC9ZnaF8zze6CTINOBRhPiSiue1QqK3TTd
t9y33Qq5cUgBESKzGKhwAerClMZOek1ii35Od23lHLZYPc6H2hmIWrGzntwdG+eS
T/1HuxcuMWI+mDMl3JhfmcST4gbA0i5O+Oe1EvHh75X7bgwDjMbByCMYTiOGOuKc
McIX+4JxkDTOpIvr4RukWLUGrFkYCPmdowQ/R+FiOFjn7KvBCrSKs5FldVj31UiO
uuq72+txione/5pt9so1e5wi+agACwH+ryij5ZM/zSJb/Th7ZkDaIzBUQjHSpwh7
rTCjjxWnk3Dvb3w+/PLWA3v9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqG2NxmsL
pVK1Ca4quW2ywkp1WOAwHwYDVR0jBBgwFoAUbLtnZ/Y6DLm3p0kUtKZXQX5MV4ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5MDA4LzBBOEZCQjFBQjQz
MjExRUVBMjY0NDQwQ0M0RjlBRTAyL2JMdG5aX1k2RExtM3Awa1V0S1pYUVg1TVY0
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYkx0blpfWTZETG0zcDBrVXRLWlhRWDVNVjRvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
OTAwOC8wQThGQkIxQUI0MzIxMUVFQTI2NDQ0MENDNEY5QUUwMi83RDU4NzJBNEI0
MzIxMUVFODI0NjA2MERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGeUWjANBgkqhkiG9w0BAQsFAAOCAQEAiW0NgJpohMFx5fvl
dlqQfXq5HGACahf9MFJcHRsTFLsViCBW84UvQyaRV73cWFDizcJruycK+kguRSCf
rGu4I+3CTGID+qkmdsXvtkos0r8vn2vU6JKhQl4W7v1pDSA529w9IZSbnE8aLODy
Fz27X8jIZ+g42A+IwuQIEUA5UN2Vm1GI66Eku7nyLZ5AEIeWTMf7OI9Df7ryztnx
1+T5JMVGWGQrDqh/syQuPy1AJKjdS0obtKj6h7QVbi4t9C+LchuLujACGrNtpkWP
1q4OJsZnf/VT+gChTnpDa9FaXzclDM8Lyiv95FuDF1jcn9M7UCuNT+JiNALLjhAI
M0BnYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org