Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/FF8B2470747311EC80E0BC47C4F9AE02.roa
File: FF8B2470747311EC80E0BC47C4F9AE02.roa (raw, json)
Hash identifier: BRd5nRgxZwwnut6G/r4XtLL4m19F+f5Bq2T7vL7BReg=
Subject key identifier: A4:C2:00:C9:76:7D:DA:82:28:E3:0E:60:28:A2:12:AD:43:2B:FF:37
Certificate issuer: /CN=A91D46FD/serialNumber=BBDF58CD611291EF5BA1AACB6B2CC4ED50B01157
Certificate serial: 0287
Authority key identifier: BB:DF:58:CD:61:12:91:EF:5B:A1:AA:CB:6B:2C:C4:ED:50:B0:11:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u99YzWESke9boarLayzE7VCwEVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/FF8B2470747311EC80E0BC47C4F9AE02.roa
Signing time: Wed 03 May 2023 09:45:23 +0000
ROA not before: Wed 03 May 2023 09:45:23 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 149436
IP address blocks: 103.179.124.0/24 maxlen: 24
103.179.125.0/24 maxlen: 24
2001:df0:4c40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 647 (0x287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D46FD/serialNumber=BBDF58CD611291EF5BA1AACB6B2CC4ED50B01157
Validity
Not Before: May 3 09:45:23 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64522d32-ee2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:26:29:85:41:09:6e:53:dc:34:fe:ce:77:95:
52:b1:68:d8:9d:8f:52:fe:eb:ce:f5:7c:e4:e1:62:
b0:7c:40:39:9c:c9:bb:56:85:17:20:11:fd:cd:3c:
b2:18:65:93:81:57:b5:6b:37:91:71:3a:43:57:77:
4e:57:05:f5:e6:dd:37:2a:24:e2:ad:eb:33:44:9a:
11:0e:55:19:69:13:6b:0e:c1:2e:d0:a8:77:4b:ec:
52:ff:2c:5e:11:0d:36:34:56:d2:83:ea:34:58:10:
b8:07:61:f3:f7:bc:32:9d:c1:ba:7d:fd:60:05:33:
07:ce:02:1b:22:b3:77:73:b0:d1:da:93:94:e2:a7:
ca:7a:88:f7:5d:1f:99:ad:a9:26:e4:6d:22:56:c0:
c2:76:e8:aa:23:4a:5d:19:d6:5e:98:df:57:57:56:
38:20:a6:5c:7c:ab:8e:0e:02:4d:07:12:09:bb:b9:
52:5f:12:57:4c:b8:de:81:f0:fb:b8:d4:79:5e:6f:
01:21:86:d2:e3:c8:6d:5f:f2:d1:0a:a4:52:a7:9f:
a1:c2:ca:f7:c2:17:d2:eb:94:02:e0:77:30:da:ed:
2f:96:b8:6a:b6:51:32:a8:44:2b:93:58:1a:cc:78:
9d:32:d5:08:b5:f3:b3:08:fa:8f:2b:0d:46:d9:e8:
a2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C2:00:C9:76:7D:DA:82:28:E3:0E:60:28:A2:12:AD:43:2B:FF:37
X509v3 Authority Key Identifier:
keyid:BB:DF:58:CD:61:12:91:EF:5B:A1:AA:CB:6B:2C:C4:ED:50:B0:11:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/u99YzWESke9boarLayzE7VCwEVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u99YzWESke9boarLayzE7VCwEVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D46FD/59BF214E745111ECA9E9F858C4F9AE02/FF8B2470747311EC80E0BC47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.124.0/23
IPv6:
2001:df0:4c40::/48
Signature Algorithm: sha256WithRSAEncryption
59:9c:8f:67:f1:39:c7:f0:33:47:b8:52:68:d9:47:a4:1f:a5:
ef:ed:31:93:e8:dd:12:62:2d:f7:61:5f:c0:ee:7f:f2:68:52:
06:0a:b3:c5:06:2c:ac:45:88:b7:77:a6:eb:a9:c1:c2:2e:fc:
68:e0:a9:d6:21:a5:55:8c:59:54:d9:e5:ca:af:fb:45:6e:bf:
60:e4:50:0e:91:f1:cc:86:ef:5c:84:e9:1b:63:83:cd:ec:5e:
40:e7:8e:35:96:94:43:7f:42:19:e7:44:2d:5a:c5:7f:63:de:
7c:10:7c:94:15:14:9b:93:cb:97:b2:5d:2b:a6:7d:d1:f0:e3:
a4:58:fc:81:5e:a1:53:7a:31:31:8d:0b:14:51:86:5b:66:14:
c3:f0:76:02:9e:e6:e1:49:27:c8:bc:77:29:0c:60:2a:bd:b9:
8d:a7:4d:e9:16:3e:81:e7:0b:5b:31:1b:bc:23:71:7f:bd:95:
15:5a:5d:92:8f:f0:7a:43:3a:f1:be:42:6d:62:0c:5c:5a:8e:
66:3f:64:0e:e2:ef:4f:8d:e8:c7:6e:2d:36:b1:4b:24:03:ec:
98:6f:4b:f6:08:14:1a:bd:7d:95:6b:3f:5d:26:43:1e:98:d9:
94:68:df:43:aa:c2:bd:f7:a2:cf:9d:c9:61:02:46:c8:02:64:
39:23:6e:4e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2RkQxMTAvBgNVBAUTKEJCREY1OENENjExMjkxRUY1QkExQUFDQjZCMkNDNEVE
NTBCMDExNTcwHhcNMjMwNTAzMDk0NTIzWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUyMmQzMi1lZTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzSYphUEJblPcNP7Od5VSsWjYnY9S/uvO9Xzk4WKwfEA5nMm7VoUXIBH9zTyy
GGWTgVe1azeRcTpDV3dOVwX15t03KiTireszRJoRDlUZaRNrDsEu0Kh3S+xS/yxe
EQ02NFbSg+o0WBC4B2Hz97wyncG6ff1gBTMHzgIbIrN3c7DR2pOU4qfKeoj3XR+Z
rakm5G0iVsDCduiqI0pdGdZemN9XV1Y4IKZcfKuODgJNBxIJu7lSXxJXTLjegfD7
uNR5Xm8BIYbS48htX/LRCqRSp5+hwsr3whfS65QC4Hcw2u0vlrhqtlEyqEQrk1ga
zHidMtUItfOzCPqPKw1G2eiiBQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKTCAMl2
fdqCKOMOYCiiEq1DK/83MB8GA1UdIwQYMBaAFLvfWM1hEpHvW6Gqy2ssxO1QsBFX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDZGRC81OUJGMjE0RTc0
NTExMUVDQTlFOUY4NThDNEY5QUUwMi91OTlZeldFU2tlOWJvYXJMYXl6RTdWQ3dF
VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U5OVl6V0VTa2U5Ym9hckxheXpFN1ZDd0VWYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2RkQvNTlCRjIxNEU3NDUxMTFFQ0E5RTlGODU4QzRGOUFFMDIvRkY4QjI0NzA3
NDczMTFFQzgwRTBCQzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFns3wwDwQCAAIwCQMHACABDfBMQDANBgkqhkiG9w0BAQsF
AAOCAQEAWZyPZ/E5x/AzR7hSaNlHpB+l7+0xk+jdEmIt92FfwO5/8mhSBgqzxQYs
rEWIt3em66nBwi78aOCp1iGlVYxZVNnlyq/7RW6/YORQDpHxzIbvXITpG2ODzexe
QOeONZaUQ39CGedELVrFf2PefBB8lBUUm5PLl7JdK6Z90fDjpFj8gV6hU3oxMY0L
FFGGW2YUw/B2Ap7m4UknyLx3KQxgKr25jadN6RY+gecLWzEbvCNxf72VFVpdko/w
ekM68b5CbWIMXFqOZj9kDuLvT43ox24tNrFLJAPsmG9L9ggUGr19lWs/XSZDHpjZ
lGjfQ6rCvfeiz53JYQJGyAJkOSNuTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org