Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/1D4F41E64DE311ED9465C148C4F9AE02.roa
File: 1D4F41E64DE311ED9465C148C4F9AE02.roa (raw, json)
Hash identifier: Da4QA5gB1DC1BtoEiVEZAmd6E0BTRbQGGFQ0db67f7k=
Subject key identifier: 48:86:A1:41:4C:7C:8A:A8:66:2C:E4:B3:49:57:4D:71:3C:46:94:1C
Certificate issuer: /CN=A91D32F4/serialNumber=69C089B7A48E7DA6EE4F01FEC6A98E0AD2FA810B
Certificate serial: 06
Authority key identifier: 69:C0:89:B7:A4:8E:7D:A6:EE:4F:01:FE:C6:A9:8E:0A:D2:FA:81:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acCJt6SOfabuTwH-xqmOCtL6gQs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/1D4F41E64DE311ED9465C148C4F9AE02.roa
Signing time: Tue 18 Oct 2022 07:54:37 +0000
ROA not before: Tue 18 Oct 2022 07:54:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38200
IP address blocks: 103.185.176.0/23 maxlen: 23
103.185.176.0/24 maxlen: 24
103.185.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D32F4/serialNumber=69C089B7A48E7DA6EE4F01FEC6A98E0AD2FA810B
Validity
Not Before: Oct 18 07:54:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=634e5bbc-4be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0e:a9:c3:bc:eb:af:df:3a:36:20:21:66:51:
a0:a4:5f:dc:f2:25:b4:97:0d:2b:0a:7c:15:23:4d:
c1:18:af:38:4b:51:a6:7f:06:57:d5:76:03:f8:14:
55:01:ed:0a:29:83:81:a6:0b:22:36:3b:af:9a:74:
df:68:c9:10:97:3e:6f:83:d0:20:9a:cf:e1:7f:ba:
c1:dd:19:ee:3b:7d:e3:58:1e:25:44:2f:83:b0:7f:
05:86:18:3d:d1:49:7a:7e:ad:56:0d:1f:32:ae:8c:
e2:88:57:b4:80:33:85:8d:d7:2c:03:9d:71:fe:6b:
70:6c:9f:be:65:58:f1:8a:a2:e2:50:3d:0e:0d:77:
51:00:72:83:1f:60:d1:46:72:d5:26:d4:02:f0:93:
c0:5d:06:4b:29:3f:24:d4:33:bb:7a:c1:69:c6:26:
45:2e:bb:89:cf:4e:93:37:0c:ef:73:39:39:69:8d:
93:14:48:d7:0d:9e:3e:2b:ee:24:68:e4:ec:3b:1c:
ac:fc:4a:6b:00:ed:27:86:1c:75:22:21:cb:a1:6f:
92:e3:2e:d3:c6:d9:66:61:b5:82:77:e3:df:92:f5:
50:b0:d2:88:8c:30:d1:3e:7f:ed:46:e1:e5:98:5d:
a1:93:45:eb:2a:16:3e:f1:09:19:1c:0f:35:90:56:
b1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:86:A1:41:4C:7C:8A:A8:66:2C:E4:B3:49:57:4D:71:3C:46:94:1C
X509v3 Authority Key Identifier:
keyid:69:C0:89:B7:A4:8E:7D:A6:EE:4F:01:FE:C6:A9:8E:0A:D2:FA:81:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/acCJt6SOfabuTwH-xqmOCtL6gQs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/acCJt6SOfabuTwH-xqmOCtL6gQs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D32F4/B4CA77964DE011EDA6F01048C4F9AE02/1D4F41E64DE311ED9465C148C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.185.176.0/23
Signature Algorithm: sha256WithRSAEncryption
03:38:62:10:c5:08:99:db:96:2d:6e:93:4c:8c:f2:61:9b:3c:
ab:a4:e7:e6:a6:de:61:83:f1:3c:14:be:3d:a1:f8:2b:ec:9b:
a1:7a:cd:78:6f:ca:07:b7:79:fe:31:20:84:a3:c6:15:df:e9:
5c:8a:3d:ef:d9:dd:4f:5a:a6:1d:85:81:b6:20:66:04:12:6d:
cf:77:dc:ac:86:c8:92:58:f4:62:8a:3e:15:38:9c:ed:5a:cf:
06:25:48:0a:94:7c:08:71:71:ed:d6:aa:06:ab:36:94:1c:e7:
3d:b9:6d:ad:46:da:cb:67:a8:5a:55:96:d4:aa:8c:a3:72:01:
45:4c:df:d2:7e:84:a3:80:b8:78:f6:2b:a9:8b:0b:e3:39:b6:
ee:09:8d:3e:d4:bc:95:b8:a5:8c:5c:6c:c3:28:b6:86:4f:73:
07:fb:8f:a3:18:9d:ca:6a:c1:21:71:6f:6b:db:e8:ef:10:a1:
cc:0c:5d:f2:39:3c:12:71:b2:a6:3f:2d:c6:f7:24:58:bc:e6:
67:de:c9:7a:a8:a1:35:57:c8:06:fe:c7:84:28:90:b7:af:2c:
52:f0:26:44:74:16:b5:79:3c:82:7e:1d:70:6e:ed:57:79:95:
56:78:35:f8:c4:e6:fc:91:8e:ef:4c:91:71:7c:17:c2:d1:fe:
af:55:86:d5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MzJGNDExMC8GA1UEBRMoNjlDMDg5QjdBNDhFN0RBNkVFNEYwMUZFQzZBOThFMEFE
MkZBODEwQjAeFw0yMjEwMTgwNzU0MzdaFw0yMzA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNGU1YmJjLTRiZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCDqnDvOuv3zo2ICFmUaCkX9zyJbSXDSsKfBUjTcEYrzhLUaZ/BlfVdgP4FFUB
7Qopg4GmCyI2O6+adN9oyRCXPm+D0CCaz+F/usHdGe47feNYHiVEL4OwfwWGGD3R
SXp+rVYNHzKujOKIV7SAM4WN1ywDnXH+a3Bsn75lWPGKouJQPQ4Nd1EAcoMfYNFG
ctUm1ALwk8BdBkspPyTUM7t6wWnGJkUuu4nPTpM3DO9zOTlpjZMUSNcNnj4r7iRo
5Ow7HKz8SmsA7SeGHHUiIcuhb5LjLtPG2WZhtYJ349+S9VCw0oiMMNE+f+1G4eWY
XaGTResqFj7xCRkcDzWQVrFhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUSIahQUx8
iqhmLOSzSVdNcTxGlBwwHwYDVR0jBBgwFoAUacCJt6SOfabuTwH+xqmOCtL6gQsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQzMkY0L0I0Q0E3Nzk2NERF
MDExRURBNkYwMTA0OEM0RjlBRTAyL2FjQ0p0NlNPZmFidVR3SC14cW1PQ3RMNmdR
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYWNDSnQ2U09mYWJ1VHdILXhxbU9DdEw2Z1FzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MzJGNC9CNENBNzc5NjRERTAxMUVEQTZGMDEwNDhDNEY5QUUwMi8xRDRGNDFFNjRE
RTMxMUVEOTQ2NUMxNDhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe5sDANBgkqhkiG9w0BAQsFAAOCAQEAAzhiEMUImduWLW6T
TIzyYZs8q6Tn5qbeYYPxPBS+PaH4K+yboXrNeG/KB7d5/jEghKPGFd/pXIo979nd
T1qmHYWBtiBmBBJtz3fcrIbIklj0Yoo+FTic7VrPBiVICpR8CHFx7daqBqs2lBzn
PbltrUbay2eoWlWW1KqMo3IBRUzf0n6Eo4C4ePYrqYsL4zm27gmNPtS8lbiljFxs
wyi2hk9zB/uPoxidymrBIXFva9vo7xChzAxd8jk8EnGypj8txvckWLzmZ97Jeqih
NVfIBv7HhCiQt68sUvAmRHQWtXk8gn4dcG7tV3mVVng1+MTm/JGO70yRcXwXwtH+
r1WG1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org