Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/B9BAE13E68DF11EA845FA822C4F9AE02.roa
File: B9BAE13E68DF11EA845FA822C4F9AE02.roa (raw, json)
Hash identifier: MBn3dja5jjfGnDI5cwgCrv2r15UR7u5Nrn74dEEGn/o=
Subject key identifier: 9A:E4:92:CA:B6:4E:5A:85:4E:75:FA:7C:5A:37:64:38:3F:30:79:47
Certificate issuer: /CN=A91C8236/serialNumber=ED85EF77343C55412B06A53C2A4E20767AD12F25
Certificate serial: 048D
Authority key identifier: ED:85:EF:77:34:3C:55:41:2B:06:A5:3C:2A:4E:20:76:7A:D1:2F:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/B9BAE13E68DF11EA845FA822C4F9AE02.roa
Signing time: Thu 01 Apr 2021 09:25:22 +0000
ROA not before: Thu 01 Apr 2021 09:25:22 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 140216
IP address blocks: 103.148.178.0/23 maxlen: 23
103.148.178.0/24 maxlen: 24
103.148.179.0/24 maxlen: 24
2001:df2:e180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1165 (0x48d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C8236/serialNumber=ED85EF77343C55412B06A53C2A4E20767AD12F25
Validity
Not Before: Apr 1 09:25:22 2021 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=60659182-7235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c4:52:7b:09:15:d6:6c:cb:f9:fe:80:12:6c:
07:25:19:fc:6e:c8:74:ed:f9:e6:11:5c:8c:77:a3:
89:e6:5b:97:f5:93:6f:8e:5b:c3:3a:63:b3:14:fa:
82:fb:bb:98:83:9a:7b:6b:e6:5b:21:7b:fb:5b:04:
94:8d:7a:f9:19:aa:55:c1:60:82:75:c8:32:6c:d2:
c9:48:5e:e6:94:8b:a3:35:18:d8:14:0e:8f:17:8c:
20:9b:cb:a0:1a:e5:c9:32:e8:cc:b9:ba:3d:5b:99:
d4:a8:f1:24:fa:cf:f8:fa:e2:52:ab:a7:d9:f3:10:
c0:53:1f:51:2f:27:0a:80:0e:f0:4d:81:29:51:a7:
ad:83:d5:c5:36:66:6a:05:1f:c0:04:8f:a0:2d:30:
76:f0:6a:fe:b0:0b:d4:5c:3b:59:e8:1b:86:af:9b:
bd:ae:a6:59:c8:9f:34:2b:06:86:4d:a0:59:28:7e:
eb:db:cb:47:76:b6:89:b1:a1:16:f1:4c:30:1c:89:
b7:d9:f1:f8:ac:4e:01:5f:17:0c:ad:d2:d9:be:5e:
8c:98:23:c1:93:25:66:21:0b:70:b1:b0:54:bc:78:
da:79:4a:66:58:06:65:7a:fa:45:03:1b:a3:71:ce:
31:c1:1a:fe:d3:84:16:3f:6e:86:3f:2e:24:0b:67:
15:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E4:92:CA:B6:4E:5A:85:4E:75:FA:7C:5A:37:64:38:3F:30:79:47
X509v3 Authority Key Identifier:
keyid:ED:85:EF:77:34:3C:55:41:2B:06:A5:3C:2A:4E:20:76:7A:D1:2F:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/B9BAE13E68DF11EA845FA822C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.178.0/23
IPv6:
2001:df2:e180::/48
Signature Algorithm: sha256WithRSAEncryption
9d:89:60:64:f5:8f:a2:63:4b:3d:91:02:a1:a7:4f:d4:97:0d:
fd:2b:a9:bc:d0:c1:f0:38:17:99:74:68:6b:d3:dc:58:1d:2e:
84:77:fb:ad:47:75:81:fb:d5:f6:dd:30:ad:b9:b1:3e:ce:b6:
52:1e:47:58:51:0c:5f:b2:c9:7e:95:92:4f:39:0a:1f:1c:89:
67:33:b7:a3:6f:73:88:0f:7f:ff:e9:c3:6b:d7:fb:8a:c1:b9:
9d:2f:0c:38:31:5d:9d:64:b3:b8:d1:36:c9:9a:ec:11:89:4c:
ed:7e:d6:91:0d:3d:d0:02:14:67:8d:d8:8f:f5:34:63:a7:92:
d7:dd:bf:a9:ba:63:85:52:1c:37:0c:bc:66:7a:55:34:f6:00:
24:9c:a1:fe:65:5d:ac:14:e7:85:4c:47:b7:b9:12:69:a1:45:
ac:84:30:52:a9:46:2b:b6:03:72:e5:94:40:4b:35:dd:16:3b:
78:2f:72:ed:26:5a:5c:34:58:fb:c2:89:1a:ce:d8:44:b5:03:
1b:20:be:a9:4c:e0:ee:ea:bb:e1:1a:43:52:12:2c:d8:c3:ff:
46:1f:1a:dc:27:46:f2:e7:93:2c:c4:60:5f:7d:5c:e9:b8:59:
05:c0:79:8d:c2:3f:2f:38:c1:b0:90:ef:bf:98:fb:36:fe:f3:
a2:5c:89:cf
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzgyMzYxMTAvBgNVBAUTKEVEODVFRjc3MzQzQzU1NDEyQjA2QTUzQzJBNEUyMDc2
N0FEMTJGMjUwHhcNMjEwNDAxMDkyNTIyWhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MDY1OTE4Mi03MjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzsRSewkV1mzL+f6AEmwHJRn8bsh07fnmEVyMd6OJ5luX9ZNvjlvDOmOzFPqC
+7uYg5p7a+ZbIXv7WwSUjXr5GapVwWCCdcgybNLJSF7mlIujNRjYFA6PF4wgm8ug
GuXJMujMubo9W5nUqPEk+s/4+uJSq6fZ8xDAUx9RLycKgA7wTYEpUaetg9XFNmZq
BR/ABI+gLTB28Gr+sAvUXDtZ6BuGr5u9rqZZyJ80KwaGTaBZKH7r28tHdraJsaEW
8UwwHIm32fH4rE4BXxcMrdLZvl6MmCPBkyVmIQtwsbBUvHjaeUpmWAZlevpFAxuj
cc4xwRr+04QWP26GPy4kC2cVNwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJrkksq2
TlqFTnX6fFo3ZDg/MHlHMB8GA1UdIwQYMBaAFO2F73c0PFVBKwalPCpOIHZ60S8l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODIzNi9ENDI4Nzk2RTUz
MjcxMUVBOEM1N0UzN0FDNEY5QUUwMi83WVh2ZHpROFZVRXJCcVU4S2s0Z2RuclJM
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZWHZkelE4VlVFckJxVThLazRnZG5yUkx5VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzgyMzYvRDQyODc5NkU1MzI3MTFFQThDNTdFMzdBQzRGOUFFMDIvQjlCQUUxM0U2
OERGMTFFQTg0NUZBODIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlLIwDwQCAAIwCQMHACABDfLhgDANBgkqhkiG9w0BAQsF
AAOCAQEAnYlgZPWPomNLPZECoadP1JcN/SupvNDB8DgXmXRoa9PcWB0uhHf7rUd1
gfvV9t0wrbmxPs62Uh5HWFEMX7LJfpWSTzkKHxyJZzO3o29ziA9//+nDa9f7isG5
nS8MODFdnWSzuNE2yZrsEYlM7X7WkQ090AIUZ43Yj/U0Y6eS192/qbpjhVIcNwy8
ZnpVNPYAJJyh/mVdrBTnhUxHt7kSaaFFrIQwUqlGK7YDcuWUQEs13RY7eC9y7SZa
XDRY+8KJGs7YRLUDGyC+qUzg7uq74RpDUhIs2MP/Rh8a3CdG8ueTLMRgX31c6bhZ
BcB5jcI/LzjBsJDvv5j7Nv7zolyJzw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org