Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/D67071F06AC911EE8BD4C13DC4F9AE02.roa
File: D67071F06AC911EE8BD4C13DC4F9AE02.roa (raw, json)
Hash identifier: 70U+w3J/0+QpFEBenEPR3c3cjgZ196W/ShAH+kCFAl0=
Subject key identifier: BD:D3:88:89:EA:75:3D:42:2D:39:34:C8:54:30:99:0B:F8:17:61:A5
Certificate issuer: /CN=A91D46FD/serialNumber=BBDF58CD611291EF5BA1AACB6B2CC4ED50B01157
Certificate serial: 02EA
Authority key identifier: BB:DF:58:CD:61:12:91:EF:5B:A1:AA:CB:6B:2C:C4:ED:50:B0:11:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u99YzWESke9boarLayzE7VCwEVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/D67071F06AC911EE8BD4C13DC4F9AE02.roa
Signing time: Sat 14 Oct 2023 19:42:41 +0000
ROA not before: Sat 14 Oct 2023 19:42:41 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 149436
IP address blocks: 103.179.124.0/24 maxlen: 24
103.179.125.0/24 maxlen: 24
2001:df0:4c40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 746 (0x2ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D46FD/serialNumber=BBDF58CD611291EF5BA1AACB6B2CC4ED50B01157
Validity
Not Before: Oct 14 19:42:41 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=652aef31-b6e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:97:75:26:57:48:30:9b:1c:d1:04:f1:5d:49:
2b:55:6c:a4:12:b1:29:37:58:9e:b6:fd:42:83:fd:
df:77:ce:63:de:09:dc:09:c9:66:af:ec:78:8c:c1:
57:a5:9f:ce:9b:2c:24:a8:79:4e:0a:88:77:d5:26:
a1:6c:5c:72:b6:70:f0:2f:62:da:58:6f:e2:37:62:
39:3f:e0:90:a0:9d:20:c0:6c:8d:6e:71:c8:d7:55:
17:b2:f3:56:32:dc:7a:f3:73:13:d4:db:f4:75:da:
16:5f:16:cf:05:6a:da:6f:42:31:55:e9:f2:20:5c:
6d:8e:17:ef:56:2f:a4:e2:0b:32:de:e6:5c:41:d1:
65:40:e8:fc:84:c7:89:53:1f:5d:1a:f6:b3:1d:15:
61:40:b7:91:63:79:a4:b1:7a:56:c5:c0:03:00:fb:
8e:4e:74:bb:cf:49:16:ed:19:65:45:75:db:b9:cd:
a4:6c:ee:65:a5:63:89:a1:4a:1c:93:ea:08:cf:38:
54:6a:ee:65:c3:4e:bf:7a:f4:2b:05:c0:b8:94:b3:
e7:c3:e8:92:a4:f9:00:f4:d7:ba:ba:69:15:4f:88:
95:ec:23:2c:5a:cb:5d:d4:4a:cb:3e:d0:69:b3:da:
84:09:1d:48:d5:37:e2:dc:80:50:a9:61:f9:b8:3d:
dc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D3:88:89:EA:75:3D:42:2D:39:34:C8:54:30:99:0B:F8:17:61:A5
X509v3 Authority Key Identifier:
keyid:BB:DF:58:CD:61:12:91:EF:5B:A1:AA:CB:6B:2C:C4:ED:50:B0:11:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/u99YzWESke9boarLayzE7VCwEVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u99YzWESke9boarLayzE7VCwEVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/D67071F06AC911EE8BD4C13DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.124.0/23
IPv6:
2001:df0:4c40::/48
Signature Algorithm: sha256WithRSAEncryption
1e:59:51:b9:92:1d:81:a7:6e:be:8d:b0:2a:ed:02:20:62:e6:
1d:67:95:1f:37:b9:cb:b3:57:54:15:4d:36:60:ad:8d:c5:02:
d4:b3:92:f9:80:3f:91:6c:b6:14:5b:d8:19:46:fa:2d:9c:6c:
57:b7:6e:d3:b0:7b:99:5d:f8:c6:ff:ac:d9:14:8e:37:d7:66:
ec:17:b4:f7:80:be:53:7f:ac:b3:04:4c:c6:31:47:10:e0:74:
49:9e:71:78:0a:4e:95:df:43:00:67:a1:38:0c:46:e0:56:5e:
44:f0:c5:37:a3:e0:a0:a5:33:ae:00:c9:ef:f3:84:f6:b0:bc:
ac:e8:3d:c2:7d:f1:8f:4d:d3:b0:ca:56:21:6b:77:48:eb:f0:
7e:f7:5a:a2:a3:a7:3b:7f:59:d6:68:aa:07:b0:82:1a:ee:e1:
b5:c4:91:91:cf:2e:95:57:c0:30:6e:d2:d7:d0:08:d6:da:4a:
91:3c:15:1b:eb:1f:39:8c:e8:df:22:50:cc:5f:97:b0:46:16:
c6:a2:ab:b7:70:15:f0:4f:77:9f:b0:e4:a9:08:5d:09:b9:00:
df:2d:c8:0c:54:f3:ab:0b:e1:a8:a7:3e:1f:a3:05:7f:b2:77:
2e:03:b0:1f:da:fe:ca:ca:03:52:f6:de:dc:39:fd:64:43:a8:
23:a8:10:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAuowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2RkQxMTAvBgNVBAUTKEJCREY1OENENjExMjkxRUY1QkExQUFDQjZCMkNDNEVE
NTBCMDExNTcwHhcNMjMxMDE0MTk0MjQxWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJhZWYzMS1iNmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAppd1JldIMJsc0QTxXUkrVWykErEpN1ietv1Cg/3fd85j3gncCclmr+x4jMFX
pZ/OmywkqHlOCoh31SahbFxytnDwL2LaWG/iN2I5P+CQoJ0gwGyNbnHI11UXsvNW
Mtx683MT1Nv0ddoWXxbPBWrab0IxVenyIFxtjhfvVi+k4gsy3uZcQdFlQOj8hMeJ
Ux9dGvazHRVhQLeRY3mksXpWxcADAPuOTnS7z0kW7RllRXXbuc2kbO5lpWOJoUoc
k+oIzzhUau5lw06/evQrBcC4lLPnw+iSpPkA9Ne6umkVT4iV7CMsWstd1ErLPtBp
s9qECR1I1Tfi3IBQqWH5uD3cmQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFL3TiInq
dT1CLTk0yFQwmQv4F2GlMB8GA1UdIwQYMBaAFLvfWM1hEpHvW6Gqy2ssxO1QsBFX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDZGRC81OUJGMjE0RTc0
NTExMUVDQTlFOUY4NThDNEY5QUUwMi91OTlZeldFU2tlOWJvYXJMYXl6RTdWQ3dF
VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U5OVl6V0VTa2U5Ym9hckxheXpFN1ZDd0VWYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2RkQvNTlCRjIxNEU3NDUxMTFFQ0E5RTlGODU4QzRGOUFFMDIvRDY3MDcxRjA2
QUM5MTFFRThCRDRDMTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFns3wwDwQCAAIwCQMHACABDfBMQDANBgkqhkiG9w0BAQsF
AAOCAQEAHllRuZIdgaduvo2wKu0CIGLmHWeVHze5y7NXVBVNNmCtjcUC1LOS+YA/
kWy2FFvYGUb6LZxsV7du07B7mV34xv+s2RSON9dm7Be094C+U3+sswRMxjFHEOB0
SZ5xeApOld9DAGehOAxG4FZeRPDFN6PgoKUzrgDJ7/OE9rC8rOg9wn3xj03TsMpW
IWt3SOvwfvdaoqOnO39Z1miqB7CCGu7htcSRkc8ulVfAMG7S19AI1tpKkTwVG+sf
OYzo3yJQzF+XsEYWxqKrt3AV8E93n7DkqQhdCbkA3y3IDFTzqwvhqKc+H6MFf7J3
LgOwH9r+ysoDUvbe3Dn9ZEOoI6gQ7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org