Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/0046B5E256D511EE96BABC60C4F9AE02.roa
File: 0046B5E256D511EE96BABC60C4F9AE02.roa (raw, json)
Hash identifier: C5iUKGry4veuQSgpJcUxObEGpNe0V506QujI38uB9Tc=
Subject key identifier: 6E:2C:5B:58:63:96:60:3D:D3:FC:0F:EB:23:1D:D4:1F:C2:62:2D:19
Certificate issuer: /CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Certificate serial: 05C4
Authority key identifier: 34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/0046B5E256D511EE96BABC60C4F9AE02.roa
Signing time: Tue 19 Sep 2023 10:13:40 +0000
ROA not before: Tue 19 Sep 2023 10:13:40 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 60021
IP address blocks: 103.158.160.0/24 maxlen: 24
103.158.161.0/24 maxlen: 24
2406:bcc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1476 (0x5c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Validity
Not Before: Sep 19 10:13:40 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=65097453-a26d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:f3:71:87:7f:1e:f3:e4:e7:2a:ab:43:ac:
66:d1:81:63:01:6a:c0:50:20:65:38:21:cc:cf:c2:
45:b2:6e:85:86:f4:ae:d1:78:e6:da:0e:be:09:96:
3d:04:57:10:4a:fd:9d:b0:fb:c4:10:6a:34:cd:0c:
15:5c:fa:2f:b3:68:2c:89:27:a1:1a:ab:89:fe:3e:
03:0b:de:24:72:da:ec:13:df:64:b1:f5:0d:df:11:
9e:79:7c:47:db:c8:f6:97:1a:95:70:5e:d3:92:84:
1e:0f:b6:78:3b:a4:4a:2d:7d:bd:67:bf:1f:0a:a9:
44:71:6e:37:82:82:cf:f1:55:44:18:f9:04:d6:32:
e3:49:06:99:a5:48:9b:5a:6c:a8:60:c1:09:bf:a6:
25:10:2d:eb:63:05:78:ca:81:f4:a6:6c:d1:bf:ce:
ac:ac:d2:6a:74:b0:d0:92:d8:06:47:f5:31:3c:46:
a7:cd:ad:bf:b9:e3:58:85:81:83:5f:07:db:2c:e6:
67:88:64:46:bf:c0:e4:95:49:6f:e9:88:f3:3b:52:
10:48:a2:74:79:36:0d:9f:9d:d1:e6:66:d8:ad:e3:
2a:08:11:a1:45:8d:84:26:ff:21:2c:83:5c:06:0f:
ca:b6:86:af:6f:9b:9f:03:bb:58:f1:ff:93:56:69:
40:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2C:5B:58:63:96:60:3D:D3:FC:0F:EB:23:1D:D4:1F:C2:62:2D:19
X509v3 Authority Key Identifier:
keyid:34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/0046B5E256D511EE96BABC60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.160.0/23
IPv6:
2406:bcc0::/32
Signature Algorithm: sha256WithRSAEncryption
24:22:eb:29:04:c3:5e:1f:eb:a4:d3:bc:70:ae:c3:0b:1e:41:
4e:69:07:c3:8a:8f:c2:08:7f:fe:92:00:77:f3:9a:e6:39:91:
c7:31:77:3c:0e:e7:48:b0:0e:da:e3:a6:ef:f8:7c:06:13:3f:
1c:a0:52:50:99:de:80:c7:5f:54:1e:27:bd:2b:59:98:c7:ba:
e4:ba:ec:dd:ae:a4:37:3d:03:72:a1:0d:10:bb:0b:2f:54:05:
2e:9f:47:96:2e:19:7f:6f:87:dd:5f:a4:90:7e:6d:58:2c:0b:
02:43:89:ae:b9:ac:9e:40:78:f2:86:5a:c6:f1:03:32:6e:7a:
d5:26:3b:66:8b:fb:be:fc:69:26:61:36:c7:cd:04:4e:e5:26:
10:df:34:23:44:78:4b:ba:d6:a7:be:ae:89:ca:12:52:c6:16:
19:b8:ae:ea:78:23:74:8d:dd:5b:c1:d4:81:40:64:fa:b8:09:
61:29:10:54:0b:62:de:48:03:bf:fd:33:e0:80:05:14:6f:83:
1a:8b:fc:2e:88:d8:ad:70:34:c6:79:cc:2a:16:22:67:93:d0:
1e:f0:7f:9c:42:8c:2a:00:91:a3:9a:7b:cb:91:e8:01:f0:92:
82:cb:e8:4a:78:17:5e:67:4b:03:d0:e9:27:c3:5d:fd:fe:7c:
07:30:b3:f3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzk5QjQxMTAvBgNVBAUTKDM0OEJFNjY5NEVENzA0MUFBRjI4RDBFQzhDNkM2NTY1
NTkxRjJEREEwHhcNMjMwOTE5MTAxMzQwWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA5NzQ1My1hMjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr5fzcYd/HvPk5yqrQ6xm0YFjAWrAUCBlOCHMz8JFsm6FhvSu0Xjm2g6+CZY9
BFcQSv2dsPvEEGo0zQwVXPovs2gsiSehGquJ/j4DC94kctrsE99ksfUN3xGeeXxH
28j2lxqVcF7TkoQeD7Z4O6RKLX29Z78fCqlEcW43goLP8VVEGPkE1jLjSQaZpUib
WmyoYMEJv6YlEC3rYwV4yoH0pmzRv86srNJqdLDQktgGR/UxPEanza2/ueNYhYGD
XwfbLOZniGRGv8DklUlv6YjzO1IQSKJ0eTYNn53R5mbYreMqCBGhRY2EJv8hLINc
Bg/Ktoavb5ufA7tY8f+TVmlAUwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFG4sW1hj
lmA90/wP6yMd1B/CYi0ZMB8GA1UdIwQYMBaAFDSL5mlO1wQaryjQ7IxsZWVZHy3a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTlCNC81REU1OTY5NjU5
NDkxMUVCQTQ4Qzc4NzFDNEY5QUUwMi9OSXZtYVU3WEJCcXZLTkRzakd4bFpWa2ZM
ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Jdm1hVTdYQkJxdktORHNqR3hsWlZrZkxkby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzk5QjQvNURFNTk2OTY1OTQ5MTFFQkE0OEM3ODcxQzRGOUFFMDIvMDA0NkI1RTI1
NkQ1MTFFRTk2QkFCQzYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnnqAwDQQCAAIwBwMFACQGvMAwDQYJKoZIhvcNAQELBQAD
ggEBACQi6ykEw14f66TTvHCuwwseQU5pB8OKj8IIf/6SAHfzmuY5kccxdzwO50iw
Dtrjpu/4fAYTPxygUlCZ3oDHX1QeJ70rWZjHuuS67N2upDc9A3KhDRC7Cy9UBS6f
R5YuGX9vh91fpJB+bVgsCwJDia65rJ5AePKGWsbxAzJuetUmO2aL+778aSZhNsfN
BE7lJhDfNCNEeEu61qe+ronKElLGFhm4rup4I3SN3VvB1IFAZPq4CWEpEFQLYt5I
A7/9M+CABRRvgxqL/C6I2K1wNMZ5zCoWImeT0B7wf5xCjCoAkaOae8uR6AHwkoLL
6Ep4F15nSwPQ6SfDXf3+fAcws/M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org