Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C0C/359B8D3E9DFF11ECA4A58848C4F9AE02/0AFE21B09E0211ECB709C970C4F9AE02.roa
File: 0AFE21B09E0211ECB709C970C4F9AE02.roa (raw, json)
Hash identifier: U/hvfkQ33+TDwbj3btJ4+I62xajt4D4TyxHHf/K6nFU=
Subject key identifier: 70:C4:EA:6A:4C:1F:A5:D3:F7:F3:36:F6:EB:D3:EB:3F:B9:BF:1D:87
Certificate issuer: /CN=A91C0C0C/serialNumber=B9DCE7A98BCE7C0E28328B13CBEAB5431D0F66BD
Certificate serial: 02
Authority key identifier: B9:DC:E7:A9:8B:CE:7C:0E:28:32:8B:13:CB:EA:B5:43:1D:0F:66:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/udznqYvOfA4oMosTy-q1Qx0PZr0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C0C/359B8D3E9DFF11ECA4A58848C4F9AE02/0AFE21B09E0211ECB709C970C4F9AE02.roa
Signing time: Mon 07 Mar 2022 10:33:35 +0000
ROA not before: Mon 07 Mar 2022 10:33:35 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 136970
IP address blocks: 103.146.140.0/23 maxlen: 23
103.146.140.0/24 maxlen: 24
103.146.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0C0C/serialNumber=B9DCE7A98BCE7C0E28328B13CBEAB5431D0F66BD
Validity
Not Before: Mar 7 10:33:35 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=6225df7f-23ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:9d:3c:cf:ed:95:c0:61:91:7e:c3:4c:1e:
35:ff:4e:e2:1b:e2:58:46:6c:52:04:4d:74:05:c2:
ad:7a:40:ab:c1:2a:47:70:e2:54:a6:fa:08:d0:35:
5c:67:45:81:97:aa:22:42:10:46:a0:1c:cc:2f:b0:
d4:56:71:ca:db:b9:5c:8c:1c:59:e1:f4:df:b8:6a:
35:bf:95:e1:de:87:b2:d6:37:0d:d8:16:df:21:b4:
de:03:91:92:bd:c2:e8:d7:a0:3c:3e:4b:86:38:40:
81:a3:78:dd:a9:fa:37:cb:b9:3a:c8:21:e5:fd:7f:
89:0a:bb:f5:44:b9:38:3b:69:74:d4:b0:76:06:0d:
d0:df:71:fd:cf:86:2d:e3:d6:86:7a:1f:d4:12:62:
53:53:c2:36:b7:73:d8:fb:b9:ad:3c:cc:43:d8:de:
05:9a:1b:f9:d2:04:34:a9:e0:d4:6d:8d:ab:8f:ae:
19:88:8a:38:c7:8f:74:7a:34:ba:ce:06:8b:9b:51:
32:3c:0f:ef:ec:80:02:78:0f:9d:43:3e:20:7c:48:
47:dc:8b:30:91:ef:1a:04:23:0d:63:ba:49:0d:33:
20:48:4a:73:a3:30:1b:07:a5:76:f6:19:87:eb:74:
97:1c:be:90:28:43:8b:ba:61:75:8e:54:93:16:2f:
de:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C4:EA:6A:4C:1F:A5:D3:F7:F3:36:F6:EB:D3:EB:3F:B9:BF:1D:87
X509v3 Authority Key Identifier:
keyid:B9:DC:E7:A9:8B:CE:7C:0E:28:32:8B:13:CB:EA:B5:43:1D:0F:66:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0C0C/359B8D3E9DFF11ECA4A58848C4F9AE02/udznqYvOfA4oMosTy-q1Qx0PZr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/udznqYvOfA4oMosTy-q1Qx0PZr0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C0C/359B8D3E9DFF11ECA4A58848C4F9AE02/0AFE21B09E0211ECB709C970C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.140.0/23
Signature Algorithm: sha256WithRSAEncryption
94:71:49:2f:ba:ee:8b:48:9b:d7:62:6c:6e:01:46:db:e0:74:
a7:e4:28:3a:81:e6:06:ad:f7:96:a5:e7:f4:8d:cb:4d:41:43:
cd:d0:5a:d9:9d:c4:0d:9e:05:7e:fe:61:f5:21:2e:96:24:1e:
a1:2c:05:11:46:e8:2d:4d:c6:e4:a7:c5:b0:4a:c0:1b:7c:70:
f6:af:af:56:5f:c5:02:e8:b3:10:c4:39:f2:a1:39:60:5a:7f:
7e:55:4a:ab:86:ec:1b:56:2d:0f:1d:66:c4:af:cc:82:69:50:
32:2f:9d:71:ed:5a:21:9e:be:e2:f2:5f:ff:72:2b:b6:8e:5e:
2a:b9:1a:fe:3f:05:a7:74:66:ae:b8:41:28:34:5b:95:20:55:
67:e9:87:12:30:4e:fc:c4:f8:80:f0:b2:ba:94:70:85:ed:76:
a0:59:d7:78:ed:05:7f:b6:fe:6b:01:29:53:ff:3d:3e:a7:d8:
34:9c:bd:05:0f:a7:27:e4:d0:d5:6d:b1:ee:af:c8:b0:9e:31:
15:7a:fd:32:bf:0e:d3:8f:a7:82:04:ad:b0:c3:8b:6c:95:2a:
52:a7:af:76:fd:de:9a:bc:f8:02:27:99:34:55:49:77:20:9b:
a8:01:4f:7c:62:1a:c1:25:7e:e1:99:8c:a2:2a:45:36:d5:ac:
80:a5:f2:c4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MEMwQzExMC8GA1UEBRMoQjlEQ0U3QTk4QkNFN0MwRTI4MzI4QjEzQ0JFQUI1NDMx
RDBGNjZCRDAeFw0yMjAzMDcxMDMzMzVaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMjVkZjdmLTIzYWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2vp08z+2VwGGRfsNMHjX/TuIb4lhGbFIETXQFwq16QKvBKkdw4lSm+gjQNVxn
RYGXqiJCEEagHMwvsNRWccrbuVyMHFnh9N+4ajW/leHeh7LWNw3YFt8htN4DkZK9
wujXoDw+S4Y4QIGjeN2p+jfLuTrIIeX9f4kKu/VEuTg7aXTUsHYGDdDfcf3Phi3j
1oZ6H9QSYlNTwja3c9j7ua08zEPY3gWaG/nSBDSp4NRtjauPrhmIijjHj3R6NLrO
BoubUTI8D+/sgAJ4D51DPiB8SEfcizCR7xoEIw1jukkNMyBISnOjMBsHpXb2GYfr
dJccvpAoQ4u6YXWOVJMWL95zAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUcMTqakwf
pdP38zb269PrP7m/HYcwHwYDVR0jBBgwFoAUudznqYvOfA4oMosTy+q1Qx0PZr0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwQzBDLzM1OUI4RDNFOURG
RjExRUNBNEE1ODg0OEM0RjlBRTAyL3Vkem5xWXZPZkE0b01vc1R5LXExUXgwUFpy
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdWR6bnFZdk9mQTRvTW9zVHktcTFReDBQWnIwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MEMwQy8zNTlCOEQzRTlERkYxMUVDQTRBNTg4NDhDNEY5QUUwMi8wQUZFMjFCMDlF
MDIxMUVDQjcwOUM5NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeSjDANBgkqhkiG9w0BAQsFAAOCAQEAlHFJL7rui0ib12Js
bgFG2+B0p+QoOoHmBq33lqXn9I3LTUFDzdBa2Z3EDZ4Ffv5h9SEuliQeoSwFEUbo
LU3G5KfFsErAG3xw9q+vVl/FAuizEMQ58qE5YFp/flVKq4bsG1YtDx1mxK/MgmlQ
Mi+dce1aIZ6+4vJf/3Irto5eKrka/j8Fp3RmrrhBKDRblSBVZ+mHEjBO/MT4gPCy
upRwhe12oFnXeO0Ff7b+awEpU/89PqfYNJy9BQ+nJ+TQ1W2x7q/IsJ4xFXr9Mr8O
04+nggStsMOLbJUqUqevdv3emrz4AieZNFVJdyCbqAFPfGIawSV+4ZmMoipFNtWs
gKXyxA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-fra.rpki-client.org