Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/056D17D87C0311EAA7231C6CC4F9AE02.roa
File: 056D17D87C0311EAA7231C6CC4F9AE02.roa (raw, json)
Hash identifier: 3zhA/cfFuJo8nHJuEXww2UEac2aLkpM+vflM+NHt4EA=
Subject key identifier: D5:7D:A9:47:76:1F:4B:8C:57:ED:9A:FB:C4:93:95:2B:B6:A3:94:80
Certificate issuer: /CN=A91B98F0/serialNumber=9ED2E1A2405C99EE75E7C3903DF7240CAAABFB25
Certificate serial: 044A
Authority key identifier: 9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/056D17D87C0311EAA7231C6CC4F9AE02.roa
Signing time: Thu 22 Apr 2021 09:35:31 +0000
ROA not before: Thu 22 Apr 2021 09:35:31 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 17920
IP address blocks: 103.149.144.0/23 maxlen: 24
2001:df3:2a80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1098 (0x44a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B98F0/serialNumber=9ED2E1A2405C99EE75E7C3903DF7240CAAABFB25
Validity
Not Before: Apr 22 09:35:31 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60814362-1960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:8b:ff:ff:12:06:6a:db:96:e8:f5:e7:9c:
ce:33:5e:7c:aa:4a:f4:06:10:c8:6e:b0:9d:82:e4:
1a:8a:3c:03:06:df:ce:90:00:10:54:e9:e9:20:27:
4a:70:fc:ba:3b:6c:07:a7:47:ec:95:ae:67:e8:f2:
6f:4c:5e:4a:df:d3:20:3f:df:2e:93:c1:c0:54:65:
1b:c6:39:4d:ee:1b:60:3d:57:95:d5:da:8a:38:37:
f7:64:68:ba:38:6c:3d:d3:f3:2d:6b:e8:c4:b5:9f:
56:67:61:79:53:03:9f:40:4f:75:8b:bb:8c:3d:c3:
ea:f8:31:b9:26:b2:b2:4f:a2:a4:9b:5e:d0:7e:94:
14:54:eb:be:34:8e:c3:3f:10:fc:d3:9e:15:b5:e4:
f9:5b:10:97:3e:39:78:46:dd:a7:ce:7c:5b:bf:cb:
a8:b2:c0:24:80:f5:70:24:a8:b1:ae:49:78:7b:f0:
71:e8:1d:98:7c:3e:52:91:c8:94:f0:c0:15:fd:48:
c5:af:4a:cd:ff:b5:b1:ad:72:5a:16:f2:43:88:29:
53:3d:02:ea:dd:b9:d6:1d:fe:80:f6:ff:2f:e4:57:
a4:48:da:7b:92:68:cd:71:a8:07:d6:b0:b1:70:ad:
88:9d:51:21:45:b8:80:22:07:15:c1:7d:87:85:ec:
ac:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7D:A9:47:76:1F:4B:8C:57:ED:9A:FB:C4:93:95:2B:B6:A3:94:80
X509v3 Authority Key Identifier:
keyid:9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/ntLhokBcme5158OQPfckDKqr-yU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/056D17D87C0311EAA7231C6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.144.0/23
IPv6:
2001:df3:2a80::/48
Signature Algorithm: sha256WithRSAEncryption
41:55:a3:73:82:8f:d1:e5:c7:0c:c6:80:ba:cc:e6:f4:eb:47:
5a:1c:f2:da:98:21:b8:45:89:50:62:76:cd:5d:b8:92:9a:b8:
ab:83:d4:cd:63:e3:a0:10:bc:01:5c:26:e9:d4:0b:af:3b:d7:
a4:60:cd:7d:81:b6:d7:8e:ee:43:dd:e2:b3:be:6e:5f:49:4f:
13:06:3f:01:8d:c9:1e:91:d1:7a:9e:78:94:d1:8d:66:38:f1:
7a:aa:a3:53:96:4d:24:9d:59:df:ba:41:66:81:18:8a:c3:38:
1d:e7:4c:80:8a:fd:92:21:19:04:6e:ab:19:55:7a:a9:16:52:
71:0e:ff:d5:8a:41:cd:3f:69:0d:41:f5:a5:1e:19:ea:ff:27:
37:34:18:94:6d:8f:f7:9b:a0:ff:6f:23:12:02:55:41:e9:dc:
19:34:7e:44:06:bb:aa:8e:eb:94:fa:a0:21:9f:5d:14:e3:22:
52:fc:92:b6:6e:05:ea:3e:f9:c5:c1:dd:38:fc:68:d3:f8:eb:
cb:29:ca:0f:dc:12:43:a6:9e:1d:6d:d3:a5:f7:6d:49:1c:5b:
40:80:37:70:68:99:c3:0a:e7:53:e7:ca:fa:cc:c9:b2:3a:48:
60:70:44:ed:43:04:45:fd:1a:d9:ca:22:6e:21:d6:c1:b8:26:
77:f7:1e:54
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBEowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjk4RjAxMTAvBgNVBAUTKDlFRDJFMUEyNDA1Qzk5RUU3NUU3QzM5MDNERjcyNDBD
QUFBQkZCMjUwHhcNMjEwNDIyMDkzNTMxWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDgxNDM2Mi0xOTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs2SL//8SBmrbluj155zOM158qkr0BhDIbrCdguQaijwDBt/OkAAQVOnpICdK
cPy6O2wHp0fsla5n6PJvTF5K39MgP98uk8HAVGUbxjlN7htgPVeV1dqKODf3ZGi6
OGw90/Mta+jEtZ9WZ2F5UwOfQE91i7uMPcPq+DG5JrKyT6Kkm17QfpQUVOu+NI7D
PxD8054VteT5WxCXPjl4Rt2nznxbv8uossAkgPVwJKixrkl4e/Bx6B2YfD5SkciU
8MAV/UjFr0rN/7WxrXJaFvJDiClTPQLq3bnWHf6A9v8v5FekSNp7kmjNcagH1rCx
cK2InVEhRbiAIgcVwX2HheysiQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNV9qUd2
H0uMV+2a+8STlSu2o5SAMB8GA1UdIwQYMBaAFJ7S4aJAXJnudefDkD33JAyqq/sl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOThGMC84QTFBRTFGNDY3
MkMxMUVBODM5M0RGMjVDNEY5QUUwMi9udExob2tCY21lNTE1OE9RUGZja0RLcXIt
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250TGhva0JjbWU1MTU4T1FQZmNrREtxci15VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjk4RjAvOEExQUUxRjQ2NzJDMTFFQTgzOTNERjI1QzRGOUFFMDIvMDU2RDE3RDg3
QzAzMTFFQUE3MjMxQzZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlZAwDwQCAAIwCQMHACABDfMqgDANBgkqhkiG9w0BAQsF
AAOCAQEAQVWjc4KP0eXHDMaAuszm9OtHWhzy2pghuEWJUGJ2zV24kpq4q4PUzWPj
oBC8AVwm6dQLrzvXpGDNfYG2147uQ93is75uX0lPEwY/AY3JHpHRep54lNGNZjjx
eqqjU5ZNJJ1Z37pBZoEYisM4HedMgIr9kiEZBG6rGVV6qRZScQ7/1YpBzT9pDUH1
pR4Z6v8nNzQYlG2P95ug/28jEgJVQencGTR+RAa7qo7rlPqgIZ9dFOMiUvyStm4F
6j75xcHdOPxo0/jryynKD9wSQ6aeHW3TpfdtSRxbQIA3cGiZwwrnU+fK+szJsjpI
YHBE7UMERf0a2coibiHWwbgmd/ceVA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org