Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/988A087256D011EEAEC9295AC4F9AE02.roa
File: 988A087256D011EEAEC9295AC4F9AE02.roa (raw, json)
Hash identifier: lsYz1EOtvmSe02LgWBYenEi+XdiCJDsV6rmRqOZ0XRw=
Subject key identifier: E9:5F:B5:FF:94:98:E7:6A:8B:6C:7A:48:09:A9:E0:99:09:B5:5C:8C
Certificate issuer: /CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Certificate serial: 05BC
Authority key identifier: 34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/988A087256D011EEAEC9295AC4F9AE02.roa
Signing time: Tue 19 Sep 2023 09:40:41 +0000
ROA not before: Tue 19 Sep 2023 09:40:41 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 60021
IP address blocks: 103.158.160.0/24 maxlen: 24
103.158.161.0/24 maxlen: 24
2406:bcc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1468 (0x5bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Validity
Not Before: Sep 19 09:40:41 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=65096c99-2de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:e8:a2:40:7a:08:c7:52:7d:6e:22:d6:36:bb:
65:40:c0:6c:ee:f4:e1:6f:25:48:11:ca:09:45:f2:
29:b6:df:47:f9:bd:d2:1a:43:be:5e:44:a6:a3:db:
56:fd:60:bf:23:db:3d:42:d5:da:50:77:4e:83:3c:
36:b3:40:2f:62:1c:01:14:8b:7e:63:3a:77:f7:e7:
36:a0:2a:ac:d1:a1:14:ce:9c:4e:b4:17:16:62:26:
71:c3:56:9b:01:5d:59:b9:bb:5e:b0:46:54:d4:48:
56:b4:0b:fc:f1:ed:fe:ba:b9:78:75:fe:3f:6e:0c:
98:bb:9f:0c:0e:5e:a7:df:8b:45:77:67:e5:56:da:
09:49:a6:c4:ce:0f:e2:2d:80:db:52:a0:fe:a9:80:
2d:42:f9:ee:1c:8d:07:53:77:61:51:57:24:33:d5:
11:23:74:2e:c6:02:0a:66:d3:d4:56:65:0b:63:eb:
54:ce:59:9a:23:e6:3a:64:ba:9e:01:0b:f0:49:f2:
98:2b:fc:76:a9:88:cd:21:d5:c9:de:49:c5:b9:9c:
7a:b2:98:09:ba:ec:d6:b9:24:40:e3:4d:d6:0e:f6:
b5:2b:4f:7f:d4:a3:69:04:2e:c3:2c:d5:04:59:10:
dc:6f:99:e8:84:36:34:f9:7c:b4:a4:17:45:4e:d4:
c2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5F:B5:FF:94:98:E7:6A:8B:6C:7A:48:09:A9:E0:99:09:B5:5C:8C
X509v3 Authority Key Identifier:
keyid:34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/988A087256D011EEAEC9295AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.160.0/23
IPv6:
2406:bcc0::/32
Signature Algorithm: sha256WithRSAEncryption
56:b6:a9:e3:4b:5f:51:02:79:2b:5e:03:e9:be:f7:a6:86:a4:
fe:df:5e:cd:35:3a:24:41:7b:37:0b:35:ac:6c:fe:6e:a3:54:
63:72:11:c4:47:b0:fb:b9:17:fd:60:11:d3:62:e6:cb:2f:78:
a4:94:92:87:2b:92:a4:86:35:db:2a:b1:51:31:a4:f4:db:b6:
8f:56:7b:55:6f:60:10:a6:2a:bf:f9:b3:f7:ec:d9:f2:ac:f0:
81:27:b5:5c:6f:1a:5f:f0:95:ce:b7:ff:1a:5a:73:45:41:00:
4c:92:ff:28:90:0d:27:69:45:ef:3b:2c:a7:62:5c:43:74:af:
83:43:a2:05:39:b3:72:95:7c:9a:58:85:df:f6:fc:a9:1a:fc:
a4:13:fa:36:a2:cf:9a:59:8b:47:c4:2d:89:cc:fd:7d:7b:a1:
6f:99:ff:eb:d5:8d:a8:f6:4d:ab:ae:14:94:bd:f4:61:f9:59:
d3:79:ab:9d:de:b8:be:c4:e4:65:c9:03:d0:19:63:ff:ef:39:
e6:ee:24:b3:42:fd:f4:e2:c8:4d:ad:77:e6:22:fa:b8:50:1f:
57:c2:c4:15:59:9b:80:26:1d:99:14:59:25:8f:80:54:09:b1:
ba:48:98:4a:5d:9f:39:5e:88:36:ce:bf:96:b5:49:1c:05:92:
c0:7e:24:ac
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzk5QjQxMTAvBgNVBAUTKDM0OEJFNjY5NEVENzA0MUFBRjI4RDBFQzhDNkM2NTY1
NTkxRjJEREEwHhcNMjMwOTE5MDk0MDQxWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA5NmM5OS0yZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9uiiQHoIx1J9biLWNrtlQMBs7vThbyVIEcoJRfIptt9H+b3SGkO+XkSmo9tW
/WC/I9s9QtXaUHdOgzw2s0AvYhwBFIt+Yzp39+c2oCqs0aEUzpxOtBcWYiZxw1ab
AV1ZubtesEZU1EhWtAv88e3+url4df4/bgyYu58MDl6n34tFd2flVtoJSabEzg/i
LYDbUqD+qYAtQvnuHI0HU3dhUVckM9URI3QuxgIKZtPUVmULY+tUzlmaI+Y6ZLqe
AQvwSfKYK/x2qYjNIdXJ3knFuZx6spgJuuzWuSRA403WDva1K09/1KNpBC7DLNUE
WRDcb5nohDY0+Xy0pBdFTtTCbwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOlftf+U
mOdqi2x6SAmp4JkJtVyMMB8GA1UdIwQYMBaAFDSL5mlO1wQaryjQ7IxsZWVZHy3a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTlCNC81REU1OTY5NjU5
NDkxMUVCQTQ4Qzc4NzFDNEY5QUUwMi9OSXZtYVU3WEJCcXZLTkRzakd4bFpWa2ZM
ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Jdm1hVTdYQkJxdktORHNqR3hsWlZrZkxkby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzk5QjQvNURFNTk2OTY1OTQ5MTFFQkE0OEM3ODcxQzRGOUFFMDIvOTg4QTA4NzI1
NkQwMTFFRUFFQzkyOTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnnqAwDQQCAAIwBwMFACQGvMAwDQYJKoZIhvcNAQELBQAD
ggEBAFa2qeNLX1ECeSteA+m+96aGpP7fXs01OiRBezcLNaxs/m6jVGNyEcRHsPu5
F/1gEdNi5ssveKSUkocrkqSGNdsqsVExpPTbto9We1VvYBCmKr/5s/fs2fKs8IEn
tVxvGl/wlc63/xpac0VBAEyS/yiQDSdpRe87LKdiXEN0r4NDogU5s3KVfJpYhd/2
/Kka/KQT+jaiz5pZi0fELYnM/X17oW+Z/+vVjaj2TauuFJS99GH5WdN5q53euL7E
5GXJA9AZY//vOebuJLNC/fTiyE2td+Yi+rhQH1fCxBVZm4AmHZkUWSWPgFQJsbpI
mEpdnzleiDbOv5a1SRwFksB+JKw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org