Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/B30C3F2E316111EE9CA1FB4BC4F9AE02.roa
File: B30C3F2E316111EE9CA1FB4BC4F9AE02.roa (raw, json)
Hash identifier: qFkXNCUCV9crQPwDwuObdnGIgs1yg+cLGLsXRCQjXLs=
Subject key identifier: FB:10:CD:C0:54:0C:8A:E1:BB:10:9B:F5:FD:67:0F:4C:0A:8A:87:8A
Certificate issuer: /CN=A91D5230/serialNumber=64F8AF81EAB908996214D439F711700E9F48B4CB
Certificate serial: 06A3
Authority key identifier: 64:F8:AF:81:EA:B9:08:99:62:14:D4:39:F7:11:70:0E:9F:48:B4:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZPivgeq5CJliFNQ59xFwDp9ItMs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/B30C3F2E316111EE9CA1FB4BC4F9AE02.roa
Signing time: Wed 02 Aug 2023 18:23:38 +0000
ROA not before: Wed 02 Aug 2023 18:23:38 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 141033
IP address blocks: 103.156.189.0/24 maxlen: 24
2001:df4:ab80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1699 (0x6a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5230/serialNumber=64F8AF81EAB908996214D439F711700E9F48B4CB
Validity
Not Before: Aug 2 18:23:38 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64ca9f2a-7344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:81:6d:76:3e:ce:a0:c6:e2:f4:52:65:d0:47:
d9:e9:b2:fd:16:c8:d6:67:e0:65:b6:d4:5d:a8:c2:
9e:54:72:9c:a4:b3:63:af:ea:57:a3:91:a4:af:f2:
79:aa:a4:d3:37:a4:7b:0f:73:ea:1f:86:a8:10:d8:
32:6e:75:dd:5a:da:05:ef:9f:a3:8a:b1:12:32:e9:
55:bb:8a:55:08:77:84:5e:f6:b1:2f:57:6a:e2:47:
db:3d:ce:4e:b2:29:5f:40:f6:6b:32:d4:33:40:1c:
35:86:7e:fd:fd:9a:39:11:6b:6f:3a:5b:ba:46:40:
99:0f:0c:77:62:a9:4e:7c:5e:34:34:2f:4e:7c:bb:
e9:0d:0e:35:bc:48:f7:e3:f8:f3:59:02:15:b9:04:
f9:a9:71:12:7b:bd:23:ed:15:7e:e5:d3:b5:e8:ec:
1a:5c:1e:55:bc:cd:31:15:ce:65:e1:6d:a3:f0:a7:
cd:51:32:8f:08:fb:c2:be:a9:d7:10:d4:f6:ed:73:
44:26:24:7b:92:f0:19:2e:45:c2:14:5c:59:dc:6f:
ce:83:76:43:8c:46:b2:7f:87:f6:28:b5:66:9a:09:
99:30:a5:91:63:4a:3d:07:45:07:7f:83:a7:f7:88:
af:fa:f4:a3:64:0b:3f:4b:e0:45:98:f5:9c:35:32:
4a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:10:CD:C0:54:0C:8A:E1:BB:10:9B:F5:FD:67:0F:4C:0A:8A:87:8A
X509v3 Authority Key Identifier:
keyid:64:F8:AF:81:EA:B9:08:99:62:14:D4:39:F7:11:70:0E:9F:48:B4:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/ZPivgeq5CJliFNQ59xFwDp9ItMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZPivgeq5CJliFNQ59xFwDp9ItMs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5230/C50074DAE85211EAAC50B551C4F9AE02/B30C3F2E316111EE9CA1FB4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.189.0/24
IPv6:
2001:df4:ab80::/48
Signature Algorithm: sha256WithRSAEncryption
c3:fd:47:17:20:82:3e:3c:f5:2f:bf:23:bf:91:9f:b0:19:a7:
e5:13:2f:8b:50:ec:5f:28:d1:29:1e:78:92:91:ae:e4:89:ce:
f6:2a:b3:77:b0:fa:5b:96:c3:15:a8:97:f2:61:b6:55:bc:33:
d5:67:21:bb:2e:7a:b6:74:c4:b1:ef:c7:3e:5e:02:b3:32:4f:
5c:07:ce:0c:25:66:00:df:34:c8:9b:f1:c9:d3:ac:10:5e:68:
df:21:39:e4:b1:a7:dc:7a:dd:a7:4c:7c:22:d6:6e:58:3d:58:
5a:85:04:23:7e:0c:21:d3:98:97:8c:f0:90:e9:5a:ff:bd:17:
bd:61:f7:be:e0:6d:0c:21:be:e6:71:98:78:64:32:eb:7c:9c:
aa:2e:11:b5:7e:55:cd:0d:99:fa:0d:aa:d1:f3:b6:8f:fe:14:
ae:2e:99:5d:12:c2:d9:87:e5:2d:3b:4c:03:de:df:d5:2f:96:
1c:e0:b9:a9:39:5b:e6:25:1e:10:bf:65:c0:7e:0f:04:b2:c8:
eb:b1:63:e5:31:34:0a:66:39:ce:96:76:de:fc:52:53:01:01:
d6:b4:67:cc:06:08:8d:c9:39:36:74:18:a2:62:28:66:ca:40:
dc:ad:ad:59:90:6f:93:8e:b3:ae:f5:6c:af:3e:a8:2d:f7:14:
9b:ab:7c:ae
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBqMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUyMzAxMTAvBgNVBAUTKDY0RjhBRjgxRUFCOTA4OTk2MjE0RDQzOUY3MTE3MDBF
OUY0OEI0Q0IwHhcNMjMwODAyMTgyMzM4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhOWYyYS03MzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7IFtdj7OoMbi9FJl0EfZ6bL9FsjWZ+BlttRdqMKeVHKcpLNjr+pXo5Gkr/J5
qqTTN6R7D3PqH4aoENgybnXdWtoF75+jirESMulVu4pVCHeEXvaxL1dq4kfbPc5O
silfQPZrMtQzQBw1hn79/Zo5EWtvOlu6RkCZDwx3YqlOfF40NC9OfLvpDQ41vEj3
4/jzWQIVuQT5qXESe70j7RV+5dO16OwaXB5VvM0xFc5l4W2j8KfNUTKPCPvCvqnX
ENT27XNEJiR7kvAZLkXCFFxZ3G/Og3ZDjEayf4f2KLVmmgmZMKWRY0o9B0UHf4On
94iv+vSjZAs/S+BFmPWcNTJKRwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPsQzcBU
DIrhuxCb9f1nD0wKioeKMB8GA1UdIwQYMBaAFGT4r4HquQiZYhTUOfcRcA6fSLTL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTIzMC9DNTAwNzREQUU4
NTIxMUVBQUM1MEI1NTFDNEY5QUUwMi9aUGl2Z2VxNUNKbGlGTlE1OXhGd0RwOUl0
TXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pQaXZnZXE1Q0psaUZOUTU5eEZ3RHA5SXRNcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDUyMzAvQzUwMDc0REFFODUyMTFFQUFDNTBCNTUxQzRGOUFFMDIvQjMwQzNGMkUz
MTYxMTFFRTlDQTFGQjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnnL0wDwQCAAIwCQMHACABDfSrgDANBgkqhkiG9w0BAQsF
AAOCAQEAw/1HFyCCPjz1L78jv5GfsBmn5RMvi1DsXyjRKR54kpGu5InO9iqzd7D6
W5bDFaiX8mG2Vbwz1Wchuy56tnTEse/HPl4CszJPXAfODCVmAN80yJvxydOsEF5o
3yE55LGn3Hrdp0x8ItZuWD1YWoUEI34MIdOYl4zwkOla/70XvWH3vuBtDCG+5nGY
eGQy63ycqi4RtX5VzQ2Z+g2q0fO2j/4Uri6ZXRLC2YflLTtMA97f1S+WHOC5qTlb
5iUeEL9lwH4PBLLI67Fj5TE0CmY5zpZ23vxSUwEB1rRnzAYIjck5NnQYomIoZspA
3K2tWZBvk46zrvVsrz6oLfcUm6t8rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org