Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/5D132B32336E11EEA6756009C4F9AE02.roa
File: 5D132B32336E11EEA6756009C4F9AE02.roa (raw, json)
Hash identifier: SHqC8nHlrf4Scv8ah/4Uf9xhjUHaF1JWkqC+g7op4Xo=
Subject key identifier: A6:95:BE:AD:C1:73:20:86:CD:68:3B:3D:BD:28:B0:6F:4D:F6:90:59
Certificate issuer: /CN=A91D46FD/serialNumber=BBDF58CD611291EF5BA1AACB6B2CC4ED50B01157
Certificate serial: 02BB
Authority key identifier: BB:DF:58:CD:61:12:91:EF:5B:A1:AA:CB:6B:2C:C4:ED:50:B0:11:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u99YzWESke9boarLayzE7VCwEVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/5D132B32336E11EEA6756009C4F9AE02.roa
Signing time: Sat 05 Aug 2023 09:00:26 +0000
ROA not before: Sat 05 Aug 2023 09:00:26 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 149436
IP address blocks: 103.179.124.0/24 maxlen: 24
103.179.125.0/24 maxlen: 24
2001:df0:4c40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 699 (0x2bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D46FD/serialNumber=BBDF58CD611291EF5BA1AACB6B2CC4ED50B01157
Validity
Not Before: Aug 5 09:00:26 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64ce0fa9-4313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:cc:ed:56:cf:a8:8e:bd:b9:10:be:68:72:
06:51:c3:b5:e2:94:7f:06:ea:ea:f9:d6:4a:2c:d4:
26:70:70:a5:a8:15:17:b5:ef:85:28:90:9d:70:13:
39:8c:ed:c2:fa:74:9d:18:df:2e:e2:c8:c7:14:70:
97:3b:27:c9:ce:20:48:ea:02:07:73:ae:b8:79:af:
e6:b1:08:42:05:98:f9:3d:d1:cc:8a:6a:27:d5:9a:
ac:04:f0:87:41:1c:cf:8f:d9:ba:a2:ef:e7:4f:53:
e4:00:86:28:8d:7d:6c:77:5f:21:0a:d2:ca:25:b6:
55:91:bf:51:f0:4e:9f:cc:c1:6c:19:12:86:d7:f2:
01:7c:55:bf:8f:58:ae:d5:c3:cb:40:8d:03:32:d3:
ce:e7:5c:41:c4:d1:18:31:91:25:f5:51:4a:8c:a1:
05:2c:38:19:4a:e0:d8:3f:44:23:58:7b:a2:3c:39:
63:87:d3:09:a4:5b:69:56:78:30:e1:d5:51:e3:4d:
1d:ec:7b:3b:4c:03:66:50:f6:06:e2:83:a9:6f:4e:
e0:e1:fb:66:c8:79:ba:af:f3:07:4d:4b:1e:a1:c5:
e3:76:69:c1:c6:1b:22:60:6c:9a:27:87:0f:72:5d:
b4:bd:66:8e:ed:79:c4:c4:4d:de:d3:3c:58:21:94:
0f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:95:BE:AD:C1:73:20:86:CD:68:3B:3D:BD:28:B0:6F:4D:F6:90:59
X509v3 Authority Key Identifier:
keyid:BB:DF:58:CD:61:12:91:EF:5B:A1:AA:CB:6B:2C:C4:ED:50:B0:11:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/u99YzWESke9boarLayzE7VCwEVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u99YzWESke9boarLayzE7VCwEVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/5D132B32336E11EEA6756009C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.124.0/23
IPv6:
2001:df0:4c40::/48
Signature Algorithm: sha256WithRSAEncryption
82:4e:13:81:d4:ed:3f:b3:73:f6:65:6a:0f:ea:97:64:94:30:
15:4d:f9:2d:6c:9b:b5:19:0d:f4:e6:ab:73:1b:a9:ad:e1:d0:
bb:68:21:f0:ec:f8:ca:c3:86:a8:96:08:ba:87:1d:65:b9:4b:
f6:59:74:e1:0c:f3:49:8c:81:18:0f:60:80:e8:e1:d7:35:1a:
c6:21:eb:e4:21:c1:58:a4:aa:1e:9e:54:95:93:b1:e0:29:c3:
ba:2d:25:de:ae:05:35:81:17:28:56:fb:19:9f:f7:b8:5e:92:
27:94:84:f8:2f:f9:03:c6:a2:6e:03:2d:4d:7b:d4:fa:f1:bc:
07:c6:f0:36:b4:6d:50:22:75:a8:ec:49:bc:e4:85:8f:1f:9d:
cb:b4:57:94:20:87:6c:7f:ff:81:d8:98:47:fb:1b:1c:f9:64:
11:43:d9:b7:57:e1:31:a8:3f:34:5c:35:df:4e:2c:e1:21:79:
b8:2c:43:e6:92:1b:44:35:ee:61:83:40:0b:b9:c9:b8:5c:e9:
47:78:51:85:26:16:6e:2f:ea:ea:50:c5:c7:82:ea:76:7b:cc:
c7:da:ba:b2:e1:c1:30:20:e2:16:2d:72:2f:8f:61:ed:81:b3:
b9:f5:56:31:5b:37:b3:b9:0f:a5:d6:83:77:eb:e8:e8:e1:3a:
4e:75:80:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICArswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2RkQxMTAvBgNVBAUTKEJCREY1OENENjExMjkxRUY1QkExQUFDQjZCMkNDNEVE
NTBCMDExNTcwHhcNMjMwODA1MDkwMDI2WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNlMGZhOS00MzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArzrM7VbPqI69uRC+aHIGUcO14pR/Burq+dZKLNQmcHClqBUXte+FKJCdcBM5
jO3C+nSdGN8u4sjHFHCXOyfJziBI6gIHc664ea/msQhCBZj5PdHMimon1ZqsBPCH
QRzPj9m6ou/nT1PkAIYojX1sd18hCtLKJbZVkb9R8E6fzMFsGRKG1/IBfFW/j1iu
1cPLQI0DMtPO51xBxNEYMZEl9VFKjKEFLDgZSuDYP0QjWHuiPDljh9MJpFtpVngw
4dVR400d7Hs7TANmUPYG4oOpb07g4ftmyHm6r/MHTUseocXjdmnBxhsiYGyaJ4cP
cl20vWaO7XnExE3e0zxYIZQPzQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKaVvq3B
cyCGzWg7Pb0osG9N9pBZMB8GA1UdIwQYMBaAFLvfWM1hEpHvW6Gqy2ssxO1QsBFX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDZGRC81OUJGMjE0RTc0
NTExMUVDQTlFOUY4NThDNEY5QUUwMi91OTlZeldFU2tlOWJvYXJMYXl6RTdWQ3dF
VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U5OVl6V0VTa2U5Ym9hckxheXpFN1ZDd0VWYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2RkQvNTlCRjIxNEU3NDUxMTFFQ0E5RTlGODU4QzRGOUFFMDIvNUQxMzJCMzIz
MzZFMTFFRUE2NzU2MDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFns3wwDwQCAAIwCQMHACABDfBMQDANBgkqhkiG9w0BAQsF
AAOCAQEAgk4TgdTtP7Nz9mVqD+qXZJQwFU35LWybtRkN9OarcxupreHQu2gh8Oz4
ysOGqJYIuocdZblL9ll04QzzSYyBGA9ggOjh1zUaxiHr5CHBWKSqHp5UlZOx4CnD
ui0l3q4FNYEXKFb7GZ/3uF6SJ5SE+C/5A8aibgMtTXvU+vG8B8bwNrRtUCJ1qOxJ
vOSFjx+dy7RXlCCHbH//gdiYR/sbHPlkEUPZt1fhMag/NFw1304s4SF5uCxD5pIb
RDXuYYNAC7nJuFzpR3hRhSYWbi/q6lDFx4LqdnvMx9q6suHBMCDiFi1yL49h7YGz
ufVWMVs3s7kPpdaDd+vo6OE6TnWA7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org