Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/1CD45AEE4DE311ED9465C148C4F9AE02.roa
File: 1CD45AEE4DE311ED9465C148C4F9AE02.roa (raw, json)
Hash identifier: mmTjKAan4GANODN1b7y0weON9h4E2uL+Fy1sV3wlEP4=
Subject key identifier: C7:5E:FE:98:0B:1A:93:0C:AA:0E:43:B4:27:BA:18:3E:A8:94:20:71
Certificate issuer: /CN=A91D32F4/serialNumber=69C089B7A48E7DA6EE4F01FEC6A98E0AD2FA810B
Certificate serial: 05
Authority key identifier: 69:C0:89:B7:A4:8E:7D:A6:EE:4F:01:FE:C6:A9:8E:0A:D2:FA:81:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acCJt6SOfabuTwH-xqmOCtL6gQs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/1CD45AEE4DE311ED9465C148C4F9AE02.roa
Signing time: Tue 18 Oct 2022 07:54:36 +0000
ROA not before: Tue 18 Oct 2022 07:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38026
IP address blocks: 103.185.176.0/23 maxlen: 23
103.185.176.0/24 maxlen: 24
103.185.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D32F4/serialNumber=69C089B7A48E7DA6EE4F01FEC6A98E0AD2FA810B
Validity
Not Before: Oct 18 07:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=634e5bbb-b5b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e9:bc:83:80:48:ac:10:e5:c6:ec:6f:a6:bf:
7d:e8:78:c4:ec:29:e6:95:9e:5a:3e:ab:20:ba:67:
9b:b5:e3:ad:29:8b:09:f9:91:3f:e8:96:62:02:cd:
5d:94:d6:2a:9e:15:47:8e:0b:fb:9a:c9:06:9b:3b:
2c:a8:0f:3f:65:0a:0d:03:8a:46:cc:20:9f:44:e5:
e4:0a:a9:c4:98:26:af:4e:40:e1:94:cd:27:13:c3:
d0:2d:5d:27:4f:1f:c4:22:13:a1:5f:a1:60:66:f7:
87:f8:16:34:25:0c:17:c0:9d:ef:e2:e9:fa:56:6a:
1f:8e:a4:2c:eb:dc:ef:ab:93:a0:5d:1d:5b:dd:e2:
03:e9:7c:3b:2c:dd:b3:6e:9e:db:46:35:17:12:9b:
a2:b8:23:5e:86:54:a3:82:ec:b7:6f:f8:c9:a8:8c:
38:cb:82:bf:eb:53:08:f8:72:05:72:5f:7f:68:cc:
c6:51:cb:8d:7c:a5:7e:09:a8:83:02:a1:50:b2:8e:
27:a5:7a:63:a1:33:9f:49:43:b6:c8:c9:98:a9:06:
e7:c6:d1:da:ec:d8:a8:4a:75:d3:33:39:f4:9b:4a:
a5:57:2b:1c:05:aa:d6:70:a4:b4:26:64:21:8a:df:
07:65:bb:be:54:91:9f:ed:3a:2b:76:9a:f8:bb:0e:
13:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5E:FE:98:0B:1A:93:0C:AA:0E:43:B4:27:BA:18:3E:A8:94:20:71
X509v3 Authority Key Identifier:
keyid:69:C0:89:B7:A4:8E:7D:A6:EE:4F:01:FE:C6:A9:8E:0A:D2:FA:81:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/acCJt6SOfabuTwH-xqmOCtL6gQs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acCJt6SOfabuTwH-xqmOCtL6gQs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/1CD45AEE4DE311ED9465C148C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.185.176.0/23
Signature Algorithm: sha256WithRSAEncryption
68:c4:43:61:a3:8f:3a:1b:b8:94:e3:a1:a8:2d:ba:65:a7:d9:
8d:7c:fd:1c:4c:62:be:b3:2e:aa:41:40:7b:52:3b:3e:91:ef:
17:4a:87:06:70:cb:b3:57:08:f7:13:9f:7f:dc:5d:6e:46:be:
e0:dd:e6:1d:48:22:47:6a:09:6a:71:d3:53:cf:4c:78:93:2d:
37:c0:19:c8:51:57:fb:d9:96:cc:3e:4e:74:31:1f:78:fd:44:
98:74:96:22:97:a9:50:83:58:2f:31:51:19:16:e3:ca:86:3a:
4b:21:26:cf:88:5f:74:97:c9:15:69:0f:93:58:a9:d3:a3:32:
69:5a:27:42:d5:e1:5a:81:82:a2:30:b1:3a:23:32:6d:98:bd:
00:00:73:60:8b:24:58:a6:5f:fd:ba:40:6c:ca:a2:b6:be:d7:
12:93:4f:f5:25:36:71:ac:00:6c:a9:44:58:c0:90:20:83:ac:
51:ee:0a:7c:56:b3:ae:8d:ce:e0:e9:22:25:16:ab:bb:65:55:
cf:fe:e1:f6:a0:ed:6b:de:c5:7c:4a:c5:3d:8d:b4:8c:e8:1f:
41:f1:d0:0e:d0:f6:ff:a6:57:17:53:3c:14:41:50:11:29:31:
1a:cb:48:28:05:dd:d5:c1:94:1c:bc:9e:b4:fd:ce:22:74:c2:
ed:e5:f5:f1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MzJGNDExMC8GA1UEBRMoNjlDMDg5QjdBNDhFN0RBNkVFNEYwMUZFQzZBOThFMEFE
MkZBODEwQjAeFw0yMjEwMTgwNzU0MzZaFw0yMzA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNGU1YmJiLWI1YjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDh6byDgEisEOXG7G+mv33oeMTsKeaVnlo+qyC6Z5u1460piwn5kT/olmICzV2U
1iqeFUeOC/uayQabOyyoDz9lCg0DikbMIJ9E5eQKqcSYJq9OQOGUzScTw9AtXSdP
H8QiE6FfoWBm94f4FjQlDBfAne/i6fpWah+OpCzr3O+rk6BdHVvd4gPpfDss3bNu
nttGNRcSm6K4I16GVKOC7Ldv+MmojDjLgr/rUwj4cgVyX39ozMZRy418pX4JqIMC
oVCyjielemOhM59JQ7bIyZipBufG0drs2KhKddMzOfSbSqVXKxwFqtZwpLQmZCGK
3wdlu75UkZ/tOit2mvi7DhMjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUx17+mAsa
kwyqDkO0J7oYPqiUIHEwHwYDVR0jBBgwFoAUacCJt6SOfabuTwH+xqmOCtL6gQsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQzMkY0L0I0Q0E3Nzk2NERF
MDExRURBNkYwMTA0OEM0RjlBRTAyL2FjQ0p0NlNPZmFidVR3SC14cW1PQ3RMNmdR
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYWNDSnQ2U09mYWJ1VHdILXhxbU9DdEw2Z1FzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MzJGNC9CNENBNzc5NjRERTAxMUVEQTZGMDEwNDhDNEY5QUUwMi8xQ0Q0NUFFRTRE
RTMxMUVEOTQ2NUMxNDhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe5sDANBgkqhkiG9w0BAQsFAAOCAQEAaMRDYaOPOhu4lOOh
qC26ZafZjXz9HExivrMuqkFAe1I7PpHvF0qHBnDLs1cI9xOff9xdbka+4N3mHUgi
R2oJanHTU89MeJMtN8AZyFFX+9mWzD5OdDEfeP1EmHSWIpepUINYLzFRGRbjyoY6
SyEmz4hfdJfJFWkPk1ip06MyaVonQtXhWoGCojCxOiMybZi9AABzYIskWKZf/bpA
bMqitr7XEpNP9SU2cawAbKlEWMCQIIOsUe4KfFazro3O4OkiJRaru2VVz/7h9qDt
a97FfErFPY20jOgfQfHQDtD2/6ZXF1M8FEFQESkxGstIKAXd1cGUHLyetP3OInTC
7eX18Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org