Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/B023869C198C11EEA06C1429C4F9AE02.roa
File: B023869C198C11EEA06C1429C4F9AE02.roa (raw, json)
Hash identifier: syckBrea3RTfw7YuM11WbKBw2LzEdfhSUV77vq0apE4=
Subject key identifier: 50:7C:F8:26:32:B7:7C:DA:70:5B:14:80:D0:B6:C6:F3:DA:83:7F:73
Certificate issuer: /CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Certificate serial: 05A7
Authority key identifier: 34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/B023869C198C11EEA06C1429C4F9AE02.roa
Signing time: Tue 19 Sep 2023 08:57:54 +0000
ROA not before: Tue 19 Sep 2023 08:57:54 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 60021
IP address blocks: 103.158.160.0/24 maxlen: 24
103.158.161.0/24 maxlen: 24
2406:bcc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1447 (0x5a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA
Validity
Not Before: Sep 19 08:57:54 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=65096292-6024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:19:50:01:06:95:04:00:c9:b2:ea:01:0f:
75:13:55:75:50:18:83:5c:3b:8f:03:94:13:1d:d9:
6e:9d:6c:9f:72:ca:3c:ce:0b:68:7e:81:61:fd:71:
29:4d:c5:eb:c9:ba:8c:be:f0:74:b6:02:76:96:a5:
69:46:ac:c3:2d:67:9d:dc:a6:05:4e:9d:6a:82:ec:
52:b0:3d:ba:61:9d:f2:f1:59:e7:1a:01:8d:ef:21:
b3:4a:6b:37:ea:24:e8:fe:f0:fa:93:da:99:56:88:
c4:65:bc:e2:f6:71:7f:5a:e4:72:23:d7:ad:50:9b:
54:65:98:11:4e:8b:e4:30:7d:95:14:a2:d6:46:ab:
8d:81:ae:e8:5f:83:1e:49:58:54:8e:48:2a:ef:93:
fe:14:58:df:49:e7:49:3b:09:97:bc:dc:08:f1:3c:
69:0f:85:9a:d7:69:9e:b7:da:75:c4:98:d6:75:ee:
2f:20:c8:1f:57:ec:1c:30:41:19:76:26:f9:7a:9f:
f7:fd:1f:b4:5c:d0:e5:74:1a:1b:2d:1c:49:c7:3b:
e2:54:a2:a9:1a:2c:e5:7d:13:7d:ec:87:3d:cb:9f:
4d:a9:49:e0:50:fa:6b:56:05:cd:f9:bc:8d:2b:c1:
e9:22:7c:71:c5:cb:39:f0:31:21:ca:22:4a:41:69:
cb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7C:F8:26:32:B7:7C:DA:70:5B:14:80:D0:B6:C6:F3:DA:83:7F:73
X509v3 Authority Key Identifier:
keyid:34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/B023869C198C11EEA06C1429C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.160.0/23
IPv6:
2406:bcc0::/32
Signature Algorithm: sha256WithRSAEncryption
22:18:0a:99:94:ae:7c:5a:cf:f9:a2:34:ba:ee:7b:a9:e7:e7:
76:5a:de:12:51:68:86:62:38:a1:57:27:aa:01:72:ea:83:3b:
a0:55:05:b5:9e:e4:2d:d3:a2:57:d1:8b:e5:cf:6c:f9:6c:21:
49:4b:04:12:c0:db:35:80:26:24:8e:30:63:b4:82:ba:db:c2:
d5:3b:f2:cd:e4:e3:fe:4c:f9:eb:71:e2:09:57:13:97:03:9c:
c3:ca:23:18:76:a7:6f:aa:2d:ae:4e:99:f6:b1:c6:26:f2:37:
54:c2:32:33:c0:85:73:e7:1e:a7:ef:56:98:b7:01:25:fe:37:
9c:ee:21:d7:e0:fb:6a:fe:20:26:16:ec:67:17:0f:5a:be:4d:
0a:d0:e3:99:03:56:5c:f8:2c:fe:53:3d:4a:77:94:9f:83:88:
9c:e4:da:3f:51:14:52:e1:fa:f1:31:25:56:74:38:a9:4c:64:
d6:92:2b:f7:53:73:87:b4:38:5a:25:7f:8f:5b:6c:15:d4:ef:
47:cb:22:f8:1e:5e:74:2d:7f:b3:5d:90:47:40:4d:47:ce:5e:
e9:00:67:fd:fe:d8:71:bf:dd:f8:48:c2:eb:f9:ac:58:5a:b6:
33:dd:04:d8:78:49:1e:c5:65:ad:f1:f0:2d:8c:52:f5:2d:67:
01:4e:db:2d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzk5QjQxMTAvBgNVBAUTKDM0OEJFNjY5NEVENzA0MUFBRjI4RDBFQzhDNkM2NTY1
NTkxRjJEREEwHhcNMjMwOTE5MDg1NzU0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA5NjI5Mi02MDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy0IZUAEGlQQAybLqAQ91E1V1UBiDXDuPA5QTHdlunWyfcso8zgtofoFh/XEp
TcXrybqMvvB0tgJ2lqVpRqzDLWed3KYFTp1qguxSsD26YZ3y8VnnGgGN7yGzSms3
6iTo/vD6k9qZVojEZbzi9nF/WuRyI9etUJtUZZgRTovkMH2VFKLWRquNga7oX4Me
SVhUjkgq75P+FFjfSedJOwmXvNwI8TxpD4Wa12met9p1xJjWde4vIMgfV+wcMEEZ
dib5ep/3/R+0XNDldBobLRxJxzviVKKpGizlfRN97Ic9y59NqUngUPprVgXN+byN
K8HpInxxxcs58DEhyiJKQWnL+QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFB8+CYy
t3zacFsUgNC2xvPag39zMB8GA1UdIwQYMBaAFDSL5mlO1wQaryjQ7IxsZWVZHy3a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTlCNC81REU1OTY5NjU5
NDkxMUVCQTQ4Qzc4NzFDNEY5QUUwMi9OSXZtYVU3WEJCcXZLTkRzakd4bFpWa2ZM
ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Jdm1hVTdYQkJxdktORHNqR3hsWlZrZkxkby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzk5QjQvNURFNTk2OTY1OTQ5MTFFQkE0OEM3ODcxQzRGOUFFMDIvQjAyMzg2OUMx
OThDMTFFRUEwNkMxNDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnnqAwDQQCAAIwBwMFACQGvMAwDQYJKoZIhvcNAQELBQAD
ggEBACIYCpmUrnxaz/miNLrue6nn53Za3hJRaIZiOKFXJ6oBcuqDO6BVBbWe5C3T
olfRi+XPbPlsIUlLBBLA2zWAJiSOMGO0grrbwtU78s3k4/5M+etx4glXE5cDnMPK
Ixh2p2+qLa5OmfaxxibyN1TCMjPAhXPnHqfvVpi3ASX+N5zuIdfg+2r+ICYW7GcX
D1q+TQrQ45kDVlz4LP5TPUp3lJ+DiJzk2j9RFFLh+vExJVZ0OKlMZNaSK/dTc4e0
OFolf49bbBXU70fLIvgeXnQtf7NdkEdATUfOXukAZ/3+2HG/3fhIwuv5rFhatjPd
BNh4SR7FZa3x8C2MUvUtZwFO2y0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org